1.1. http://ar.voicefive.com/bmx3/broker.pli [pid parameter]
1.2. http://data.cmcore.com/imp [ci parameter]
1.3. http://tap-cdn.rubiconproject.com/partner/scripts/rubicon/alice.js [REST URL parameter 3]
1.4. https://webmail.roadrunner.com/includes/webmail.416a.css [BIGipServerCDPTPA-Web-Pool cookie]
Severity: | High |
Confidence: | Tentative |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid=8c42615bf40cc5bc)(sn=*&PRAd=1124773&AR_C Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://www.merriam Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p58096422=exp=14 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 07 Mar 2011 01:33:59 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_8c42615bf40cc5bc)& Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 9 /*error*/ |
GET /bmx3/broker.pli?pid=8c42615bf40cc5bc)!(sn=*&PRAd=1124773&AR_C Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://www.merriam Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p58096422=exp=14 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 07 Mar 2011 01:33:59 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_8c42615bf40cc5bc)! Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 9 /*error*/ |
Severity: | High |
Confidence: | Tentative |
Host: | http://data.cmcore.com |
Path: | /imp |
GET /imp?tid=17&ci=74889b964e0b55dc)(sn=*&vn1=4.1.1&vn2=e4.0&ec Host: data.cmcore.com Proxy-Connection: keep-alive Referer: http://ad.yieldmanager Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CoreID6=300212988970 |
HTTP/1.1 200 OK Date: Mon, 07 Mar 2011 01:50:37 GMT Server: Apache P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Set-Cookie: 74889b964e0b55dc)(sn=* Set-Cookie: 74889b964e0b55dc)(sn=* Expires: Sun, 06 Mar 2011 07:50:37 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private Pragma: no-cache Content-Type: image/gif Content-Length: 43 GIF89a.............!..... |
GET /imp?tid=17&ci=74889b964e0b55dc)!(sn=*&vn1=4.1.1&vn2=e4.0&ec Host: data.cmcore.com Proxy-Connection: keep-alive Referer: http://ad.yieldmanager Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CoreID6=300212988970 |
HTTP/1.1 200 OK Date: Mon, 07 Mar 2011 01:50:38 GMT Server: Apache P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Set-Cookie: 74889b964e0b55dc)!(sn=* Set-Cookie: 74889b964e0b55dc)!(sn=* Expires: Sun, 06 Mar 2011 07:50:38 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private Pragma: no-cache Content-Type: image/gif Content-Length: 43 GIF89a.............!..... |
Severity: | High |
Confidence: | Tentative |
Host: | http://tap-cdn.rubic |
Path: | /partner/scripts/rubicon |
GET /partner/scripts/109a64327263f5fe)(sn=*/alice.js?pc=7469/12005 Host: tap-cdn.rubiconproject Proxy-Connection: keep-alive Referer: http://optimized-by Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: au=GKFXS0FR-AL95-10.250 |
HTTP/1.1 200 OK Server: TRP Apache-Coyote/1.1 Last-Modified: Mon, 07 Mar 2011 01:47:58 GMT p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type: text/javascript;charset Cache-Control: private, max-age=3600 Expires: Mon, 07 Mar 2011 02:47:58 GMT Date: Mon, 07 Mar 2011 01:47:58 GMT Connection: close Vary: Accept-Encoding Content-Length: 10590 /*! Copyright 2009,2010 the Rubicon Project. All Rights Reserved. No permission is granted to use, copy or extend this code */ oz_partner = "109a64327263f5fe)(sn=*"; oz_partner_channel="7469 oz_partner_tracking if(typeof oz_page_profiled== this.default_context={oz }else{this.context=this }if(this.context.oz_local ...[SNIP]... |
GET /partner/scripts/109a64327263f5fe)!(sn=*/alice.js?pc=7469/12005 Host: tap-cdn.rubiconproject Proxy-Connection: keep-alive Referer: http://optimized-by Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: au=GKFXS0FR-AL95-10.250 |
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (CentOS) Content-Type: text/html; charset=iso-8859-1 Cache-Control: private, max-age=86400 Date: Mon, 07 Mar 2011 01:47:58 GMT Connection: close Vary: Accept-Encoding Content-Length: 221 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /oz/scripts/alice_js.jsp was not found on this server.</p> </body></html> |
Severity: | High |
Confidence: | Tentative |
Host: | https://webmail |
Path: | /includes/webmail.416a |
GET /includes/webmail.416a Host: webmail.roadrunner.com Connection: keep-alive Referer: https://webmail Accept: text/css,*/*;q=0.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BIGipServerCDPTPA-Web |
HTTP/1.1 200 OK Server: Resin/3.0.21 Cache-Control: private Cache-Control: max-age=604800 Expires: Mon, 14 Mar 2011 18:07:27 GMT ETag: "A2Z+9fBVy59" Last-Modified: Thu, 13 Jan 2011 16:46:41 GMT Set-Cookie: JSESSIONID=abcuhaqlt Content-Type: text/css Content-Length: 52245 Date: Mon, 07 Mar 2011 18:07:27 GMT Set-Cookie: BIGipServerCDPTPA-Web @CHARSET "ISO-8859-1"; A:active, A:focus {outline:0;} /* Eliminates the border around active links in Firefox */ A:hover {text-decoration:none;} A {text-decoration:none;} A:active {color: #FAAD3E; text-decoration: none;} SPAN.more {color:#FFFFFF;} iframe { border: none;} /* <-- HEADER WEBMAIL CSS CLASSES - START --> */ .siteSearch FORM LABEL.enhanced {float:left;margin-left .header .content .tertiaryNav LI.username { float: left; margin: 3px 7px 0px 10px; font-size: 90%; } .header .content .tertiaryNav LI.signout { float: left; margin: 3px 7px 0px 10px; font-size: 90%; padding-left: 0px; } .leaderboardTop { text-align: center; background: #232428 url(/images/ad300x250 } .leaderboardTop .border { text-align: left; vertical-align: top; height: 100%; max-height: 90px; } /* header div is 4 pixels wider to account for the shadows on the navigation menu */ .header .content .login { position: relative; width: 966px; height: 160px; overflow: hidden; text-align:center; } /* <-- HEADER WEBMAIL CSS CLASSES - END --> */ .content {text-align: left;} /* <-- ERROR CSS CLASSES - START --> */ .webmailErrorInfoSection { position: relative; padding: 2px 0px; margin-top: 10px; margin-bottom:5px; } .webmailError { background: url('/images/webmail width: 19px; height: 14px; } .webmailInfo { background: url('/images/webmail width: 17px; height: 16px; } .webmailErrorInf ...[SNIP]... |
GET /includes/webmail.416a Host: webmail.roadrunner.com Connection: keep-alive Referer: https://webmail Accept: text/css,*/*;q=0.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.107 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BIGipServerCDPTPA-Web |
HTTP/1.1 200 OK Server: Resin/3.0.21 Cache-Control: max-age=604800 Expires: Mon, 14 Mar 2011 18:07:29 GMT ETag: "A2Z+9fBVy59" Last-Modified: Thu, 13 Jan 2011 16:46:41 GMT Content-Type: text/css Content-Length: 52245 Date: Mon, 07 Mar 2011 18:07:29 GMT Set-Cookie: BIGipServerCDPTPA-Web @CHARSET "ISO-8859-1"; A:active, A:focus {outline:0;} /* Eliminates the border around active links in Firefox */ A:hover {text-decoration:none;} A {text-decoration:none;} A:active {color: #FAAD3E; text-decoration: none;} SPAN.more {color:#FFFFFF;} iframe { border: none;} /* <-- HEADER WEBMAIL CSS CLASSES - START --> */ .siteSearch FORM LABEL.enhanced {float:left;margin-left .header .content .tertiaryNav LI.username { float: left; margin: 3px 7px 0px 10px; font-size: 90%; } .header .content .tertiaryNav LI.signout { float: left; margin: 3px 7px 0px 10px; font-size: 90%; padding-left: 0px; } .leaderboardTop { text-align: center; background: #232428 url(/images/ad300x250 } .leaderboardTop .border { text-align: left; vertical-align: top; height: 100%; max-height: 90px; } /* header div is 4 pixels wider to account for the shadows on the navigation menu */ .header .content .login { position: relative; width: 966px; height: 160px; overflow: hidden; text-align:center; } /* <-- HEADER WEBMAIL CSS CLASSES - END --> */ .content {text-align: left;} /* <-- ERROR CSS CLASSES - START --> */ .webmailErrorInfoSection { position: relative; padding: 2px 0px; margin-top: 10px; margin-bottom:5px; } .webmailError { background: url('/images/webmail width: 19px; height: 14px; } .webmailInfo { background: url('/images/webmail width: 17px; height: 16px; } .webmailErrorInfoTxt { font-family: arial; font-size: 12px; font-weight: bold; padding-left: 40px; text-align: left; } /* < ...[SNIP]... |