shopping.hp.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86 XSS in shopping.hp.com | Vulnerability Crawler Report Report generated by CloudScan Vulnerability Crawler at Wed Jan 05 10:01:03 CST 2011. Contents Loading
1. Cross-site scripting (reflected)
1.1. http://www.shopping.hp.com/accessories-store/ink [REST URL parameter 2]
1.2. http://www.shopping.hp.com/can/computer/categories/storage_solutions/1/accessories [REST URL parameter 5]
1.3. http://www.shopping.hp.com/webapp/shopping/can.do [catLevel parameter]
2. Cookie scoped to parent domain
2.1. http://www.shopping.hp.com/accessories-store
2.2. http://www.shopping.hp.com/accessories-store/ink
2.3. http://www.shopping.hp.com/biz
2.4. http://www.shopping.hp.com/can/computer/categories/storage_solutions/1/accessories
2.5. http://www.shopping.hp.com/esp
2.6. http://www.shopping.hp.com/scanner
2.7. http://www.shopping.hp.com/webapp/shopping/can.do
2.8. http://www.shopping.hp.com/webapp/shopping/home.do
2.9. http://www.shopping.hp.com/webapp/shopping/store_access.do
3. Cross-domain Referer leakage
3.1. http://www.shopping.hp.com/webapp/shopping/can.do
3.2. http://www.shopping.hp.com/webapp/shopping/store_access.do
3.3. http://www.shopping.hp.com/webapp/shopping/store_access.do
3.4. http://www.shopping.hp.com/webapp/shopping/store_access.do
4. Cross-domain script include
4.1. http://www.shopping.hp.com/accessories-store
4.2. http://www.shopping.hp.com/accessories-store/ink
4.3. http://www.shopping.hp.com/biz
4.4. http://www.shopping.hp.com/can/computer/categories/storage_solutions/1/accessories
4.5. http://www.shopping.hp.com/esp
4.6. http://www.shopping.hp.com/scanner
4.7. http://www.shopping.hp.com/webapp/shopping/can.do
4.8. http://www.shopping.hp.com/webapp/shopping/home.do
4.9. http://www.shopping.hp.com/webapp/shopping/store_access.do
4.10. http://www.shopping.hp.com/webapp/shopping/store_access.do
4.11. http://www.shopping.hp.com/webapp/shopping/store_access.do
5. Cookie without HttpOnly flag set
5.1. http://www.shopping.hp.com/accessories-store
5.2. http://www.shopping.hp.com/accessories-store/ink
5.3. http://www.shopping.hp.com/biz
5.4. http://www.shopping.hp.com/can/computer/categories/storage_solutions/1/accessories
5.5. http://www.shopping.hp.com/esp
5.6. http://www.shopping.hp.com/scanner
5.7. http://www.shopping.hp.com/webapp/shopping/can.do
5.8. http://www.shopping.hp.com/webapp/shopping/home.do
5.9. http://www.shopping.hp.com/webapp/shopping/store_access.do
1. Cross-site scripting (reflected)
next
There are 3 instances of this issue:
Issue background
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
Remediation background
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised. User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
1.1. http://www.shopping.hp.com/accessories-store/ink [REST URL parameter 2]
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.shopping.hp.com
Path:
/accessories-store/ink
Issue detail
The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b1122%2527%253ba0685222803 was submitted in the REST URL parameter 2. This input was echoed as b1122';a0685222803 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request
GET /accessories-store/inkb1122%2527%253ba0685222803 HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8k13Qc6GvVx1sLV7bq2NC2JdGhB1n203ynPPBjS9n8!688308156; expires=Thursday, 06-Jan-2011 14:05:48 GMT; path=/=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:48 GMT; path=//html4/loose.dtd">...[SNIP]... b1122';a0685222803 ||1|';) {...[SNIP]...
1.2. http://www.shopping.hp.com/can/computer/categories/storage_solutions/1/accessories [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.shopping.hp.com
Path:
/can/computer/categories/storage_solutions/1/accessories
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2dbb%2522%2520a%253db%252095f7b05015f was submitted in the REST URL parameter 5. This input was echoed as a2dbb" a=b 95f7b05015f in the application's response.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 5 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request
GET /can/computer/categories/storage_solutions/1a2dbb%2522%2520a%253db%252095f7b05015f /accessories HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kVf6LGKDTGRk4mJ6yWpTBbXQKy2YY3TZ23WpxpLml!-1217948625; expires=Thursday, 06-Jan-2011 14:10:44 GMT; path=/=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:10:44 GMT; path=//html4/loose.dtd">...[SNIP]... ;HHOJSID=yL32Nk7GrHyVVf6LGKDTGRk4mJ6yWpTBbXQKy2YY3TZ23WpxpLml!-1217948625?storeName=accessories&landing=computer&category=categories&subcat1=storage_solutions&catLevel=1a2dbb" a=b 95f7b05015f &mc=&product_code=C5709A&tab=&fromPage=/shopping/can.do">...[SNIP]...
1.3. http://www.shopping.hp.com/webapp/shopping/can.do [catLevel parameter]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.shopping.hp.com
Path:
/webapp/shopping/can.do
Issue detail
The value of the catLevel request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cea47"%20a%3db%20c12bf9a345 was submitted in the catLevel parameter. This input was echoed as cea47" a=b c12bf9a345 in the application's response.
Request
GET /webapp/shopping/can.do?landing=handheld&category=iPAQ&catLevel=1cea47"%20a%3db%20c12bf9a345 &storeName=storefronts HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kvJr2NWMR7Q3x2byChYLp073n1wkZFLwCtFHZSqvs!-1362451435; expires=Thursday, 06-Jan-2011 14:09:17 GMT; path=/=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:09:17 GMT; path=//html4/loose.dtd">...[SNIP]... ;HHOJSID=gwSjNk7Nv0q1vJr2NWMR7Q3x2byChYLp073n1wkZFLwCtFHZSqvs!-1362451435?storeName=storefronts&landing=handheld&category=iPAQ&subcat1=&catLevel=1cea47" a=b c12bf9a345 &mc=&product_code=FB291AA%23ABA&tab=&fromPage=/shopping/can.do">...[SNIP]...
2. Cookie scoped to parent domain
previous
next
There are 9 instances of this issue:
Issue background
A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.
Issue remediation
By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.
2.1. http://www.shopping.hp.com/accessories-store
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/accessories-store
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:11 GMT; path=/
Request
GET /accessories-store HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8k2LDTl7WrnJXPSfgP67httv4nKBGfHDhfBJrLhSdb!2011408983; expires=Thursday, 06-Jan-2011 14:05:11 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:11 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.2. http://www.shopping.hp.com/accessories-store/ink
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/accessories-store/ink
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:11 GMT; path=/
Request
GET /accessories-store/ink HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kGJrtD01B2TxlZ1QG03TJKFZLh6KNHz7tF4sj4h68!1648580868; expires=Thursday, 06-Jan-2011 14:05:11 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:11 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.3. http://www.shopping.hp.com/biz
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/biz
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:17 GMT; path=/
Request
GET /biz HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8knr85pv8Jy2xlkzf9J32pXZRZ1VvjX46Nps1cySsV!1669568211; expires=Thursday, 06-Jan-2011 14:05:17 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:17 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.4. http://www.shopping.hp.com/can/computer/categories/storage_solutions/1/accessories
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/can/computer/categories/storage_solutions/1/accessories
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:15 GMT; path=/
Request
GET /can/computer/categories/storage_solutions/1/accessories HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kzZ9LfsKNF9h01PG0cTTQRxWBshljyWwh1xyFTJqc!1291711082; expires=Thursday, 06-Jan-2011 14:05:15 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:15 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.5. http://www.shopping.hp.com/esp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/esp
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:15 GMT; path=/
Request
GET /esp HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kVBhLhFWRy0yb5ng9RnlDQL5PnvwvTVnJ1pJRQgsM!-1488180780; expires=Thursday, 06-Jan-2011 14:05:15 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:15 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.6. http://www.shopping.hp.com/scanner
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/scanner
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:12 GMT; path=/
Request
GET /scanner HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kyNzX1RyphQjdn41GSGSQTddFhC5FnQ3kzlTq5mnm!-115213312; expires=Thursday, 06-Jan-2011 14:05:12 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:12 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.7. http://www.shopping.hp.com/webapp/shopping/can.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/webapp/shopping/can.do
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:10 GMT; path=/
Request
GET /webapp/shopping/can.do HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8k4J9GQgDdhqGlTc31JVJ3Rk4Kc8X2MnQf8vLQSrpw!-821363729; expires=Thursday, 06-Jan-2011 14:05:10 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:10 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.8. http://www.shopping.hp.com/webapp/shopping/home.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/webapp/shopping/home.do
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:05 GMT; path=/
Request
GET /webapp/shopping/home.do HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kGytwxKXy0WvvXvzprQcWyy05nXt44tDdwwWqnGhv!-607460637; expires=Thursday, 06-Jan-2011 14:05:05 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:05 GMT; path=/ /html4/loose.dtd">...[SNIP]...
2.9. http://www.shopping.hp.com/webapp/shopping/store_access.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/webapp/shopping/store_access.do
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:09 GMT; path=/
Request
GET /webapp/shopping/store_access.do HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kz5kfmwYz2Zvz1fxc2wcWjvfGGlMRpQ4nw2Tg51qs!-1621281643; expires=Thursday, 06-Jan-2011 14:05:09 GMT; path=/Set-Cookie: hpcompc_usen=cartExists=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:05:09 GMT; path=/ /html4/loose.dtd">...[SNIP]...
3. Cross-domain Referer leakage
previous
next
There are 4 instances of this issue:
Issue background
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.
Issue remediation
The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
3.1. http://www.shopping.hp.com/webapp/shopping/can.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.shopping.hp.com
Path:
/webapp/shopping/can.do
Issue detail
The page was loaded from a URL containing a query string:http://www.shopping.hp.com/webapp/shopping/can.do?landing=handheld&category=iPAQ&catLevel=1&storeName=storefronts http://cts.channelintelligence.com/9919466_landing.js http://hpshopping.speedera.net/www.shopping.hp.com/s.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/hp_handheld_003366.css http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/hp_print_003366.css http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/hp_screen_003366.css http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/ri/all.css http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/ri/all_handheld.css http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/banners/do_banner.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/banners/free_shipping_home_green_39_99_745.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/banners/handheld_right2_PalmPrePhone_20101226_275x240.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/banners/handheld_right3_palm_pre2_20101224_275x240.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/banners/handheld_right_FB289AA_FB287AA_20110102_275x240.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/banners/palm_left_20101031_537x240.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_3_0.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_3_7.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_3_9.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_4_0.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_4_3.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_4_5.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/bvratings/rating_5_0.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/HPCL_sslv_rgb_50.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/LightBulb.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/bottom_arrow.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/fb_icon_25x25.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/freeship_truck_30_16.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/hho_icon_home.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/icon_demo_black.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/icon_live_assist.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/icon_top_rated_prod.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/rss_icon_25x25.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/rssicon.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/topnav_phone_icon.jpg http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/twitter_icon_25x25.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/logos/BBBOnlineLogo.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/logos/bml_logo.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/logos/hp_accept_paypal_150x40.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a7_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/a8_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/do1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/do2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/do3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt7_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt8_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fa979aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb041aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb204aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb287aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb288aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb289aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb290aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb291aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb292aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/fb324aa_211.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/hoc1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/hoc2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/hoc3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/hoc4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/hoc5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/hoc6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp7_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/mp8_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb7_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb8_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p7_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p8_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/qs1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/qs2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/s1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/s2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/s3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh1_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh2_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh3_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh4_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh5_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh6_70.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/redesign/white_line.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/stdnav/hpweb_1-2_prnt_icn.gif http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/can/can_accordion.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/glossary.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/hp_ajax.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/newsletter_catalog_utils.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/ri/main.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/ri/mootools-1.2.2-core-jm.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/ri/offers_popup.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/search_utils.js http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/topNav.js http://welcome.hp-ww.com/cma/region/na/metricsHHOstore.js http://welcome.hp-ww.com/img/s.gif http://www.palm.com/us/?jumpid=in_R329_prodexp/hhoslp/psg_ipg/handheld/rotate_banner/3/hh_can_rotating_hh_web_os_from_palm_1226 http://www.wirelesscentralstore.com/?jumpid=in_R329_prodexp/hhoslp/psg_ipg/handheld/main_banner/1/hh_can_main_hp_wireless_central_117 http://www.wirelesscentralstore.com/?referringdomain=hp&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_wireless_central http://www.wirelesscentralstore.com/mobile/?referringdomain=hp&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_wireless_central&jumpid=in_R329_prodexp/hhoslp/psg_ipg/handheld/rotate_banner/1/hh_can_rotating_hh_Palm_Pre_and_Palm_Pixi_12 https://signup.cj.com/member/brandedPublisherSignUp.do?air_refmerchantid=1752853
Request
GET /webapp/shopping/can.do?landing=handheld&category=iPAQ&catLevel=1&storeName=storefronts HTTP/1.1
Response
HTTP/1.1 200 OK_Server (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8kjJPvGPGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128; expires=Thursday, 06-Jan-2011 14:06:26 GMT; path=/=false; domain=.hp.com; expires=Thursday, 05-May-2011 14:06:26 GMT; path=//html4/loose.dtd">...[SNIP]... <link href="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/hp_screen_003366.css" rel="stylesheet" type="text/css" media="screen"> <link href="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/hp_handheld_003366.css" rel="stylesheet" type="text/css" media="handheld"> <link href="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/css/hp_print_003366.css" rel="stylesheet" type="text/css" media="print"> ...[SNIP]... <script language="JavaScript" src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/newsletter_catalog_utils.js"> </script><script type="text/javascript" language="JavaScript" src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/search_utils.js"> </script>...[SNIP]... <script language="JavaScript" src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/glossary.js"> </script>...[SNIP]... ?mtxs=logo&mtxb=store&jumpid=in_R329_prodexp%2Fhhoslp%2Fsplit%2Fhome" title="HP.com home"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/HPCL_sslv_rgb_50.gif" width="49" height="50" alt="HP.com home" border="0"> </a>...[SNIP]... <img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/redesign/white_line.gif" height="10" width="1" alt=""> <a.hp.com/webapp/shopping/help.do;HHOJSID=QfrgNk6CsvxhjJPvGPGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128" class="themelink">...[SNIP]... <img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/redesign/white_line.gif" height="10" width="1" alt=""> <span id="signInLink">...[SNIP]... <img src="http://hpshopping.speedera.net/www.shopping.hp.com/s.gif"/> </p>...[SNIP]... <img src="http://hpshopping.speedera.net/www.shopping.hp.com/s.gif" width="14" height="13" border="0" alt="No items added to the cart"> </span>...[SNIP]... <script type="text/javascript" language="JavaScript" src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/jsi/topNav.js"> </script>...[SNIP]... <img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/icons/hho_icon_home.gif" title="Home" width="17" height="20" border="0"/> </p>...[SNIP]... THr01pvJgyD83Z0JpSK0MdCzH!-375835128?storeName=computer_store&landing=notebooks&a1=Category&v1=Mini&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_mini_notebooks" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb1_70.gif" width="70" height="70" border="0" title="Mini Netbooks"> </a>...[SNIP]... -375835128?storeName=computer_store&landing=notebooks&a1=Category&v1=Everyday%20computing&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_everyday_computing_notebooks" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb2_70.gif" width="70" height="70" border="0" title="Everyday Computing laptop PCs"> </a>...[SNIP]... !-375835128?storeName=computer_store&landing=notebooks&a1=Category&v1=Ultra-Portable&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_ultra-portable_notebooks" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb3_70.gif" width="70" height="70" border="0" title="Ultra-Portable laptop PCs"> </a>...[SNIP]... -375835128?storeName=computer_store&landing=notebooks&a1=Category&v1=High%20performance&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_high_performance_notebooks" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb4_70.gif" width="70" height="70" border="0" title="High Performance laptop PCs"> </a>...[SNIP]... THr01pvJgyD83Z0JpSK0MdCzH!-375835128?storeName=computer_store&landing=notebooks&a1=Category&v1=ENVY&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_envy_notebooks" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb5_70.gif" width="70" height="70" border="0" title="ENVY laptop PCs"> </a>...[SNIP]... THr01pvJgyD83Z0JpSK0MdCzH!-375835128?storeName=computer_store&landing=notebooks&a1=Brand&v1=HP%20TouchSmart&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_tablet" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb6_70.gif" width="70" height="70" border="0" title="Tablet PCs"> </a>...[SNIP]... ?storeName=computer_store&landing=notebooks&a1=See%20all&v1=series&jumpID=in_R329_prodexp/hhoslp/psg/lateralnav_all_customizable_laptop_mini_netbook_series" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb7_70.gif" width="70" height="70" border="0" title="All customizable laptop PCs"> </a>...[SNIP]... 0MdCzH!-375835128?storeName=storefronts&catLevel=1&landing=rts_notebook&category=rts_notebook&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_quick_ship_notebooks" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/nb8_70.gif" width="70" height="70" border="0" title="All quick-ship laptop PCs that ship within 24 hours"> </a>...[SNIP]... -375835128?storeName=computer_store&landing=desktops&a1=Category&v1=Everyday%20computing&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_everyday_computing_desktops" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt1_70.gif" width="70" height="70" border="0" title="Everyday computing desktop pcs"> </a>...[SNIP]... K0MdCzH!-375835128?storeName=computer_store&landing=desktops&a1=Category&v1=Slim%20and%20sleek&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_slim_sleek_desktops" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt2_70.gif" width="70" height="70" border="0" title="Slim and sleek desktop PCs"> </a>...[SNIP]... pSK0MdCzH!-375835128?storeName=computer_store&landing=desktops&a1=Category&v1=All-in-One%20PCs&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_all_in_one_desktops" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt3_70.gif" width="70" height="70" border="0" title="All-in-One pcs"> </a>...[SNIP]... !-375835128?template_type=computer_store&landing=desktops&a1=Category&v1=TouchSmart%20PCs&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_TouchSmart_desktops" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt4_70.gif" width="70" height="70" border="0" title="TouchSmart PCs"> </a>...[SNIP]... -375835128?storeName=computer_store&landing=desktops&a1=Category&v1=High%20performance&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_high_performance_desktops" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt5_70.gif" width="70" height="70" border="0" title="High performance desktop PCs"> </a>...[SNIP]... SK0MdCzH!-375835128?storeName=computer_store&landing=desktops&a1=See+all&v1=series&jumpID=in_R329_prodexp/hhoslp/psg/lateralnav_all_customizable_desktop_series" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt6_70.gif" width="70" height="70" border="0" title="All customizable desktop & all-in-one PCs "> </a>...[SNIP]... pSK0MdCzH!-375835128?storeName=storefronts&catLevel=1&landing=rts_desktop&category=rts_desktop&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_quick_ship_desktops" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt7_70.gif" width="70" height="70" border="0" title="All quick-ship desktop & all-in-one PCs that ship within 24 hours"> </a>...[SNIP]... /display/display/1/storefronts;HHOJSID=QfrgNk6CsvxhjJPvGPGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_monitors" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/dt8_70.gif" width="70" height="70" border="0" title="Monitors"> </a>...[SNIP]... 01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=printer&category=Photosmart&catLevel=1&storeName=storefronts&jumpid=in_R329_prodexp/hhoslp/ipg/lateralnav_photosmarts" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p1_70.gif" width="70" height="70" border="0" title="Photosmart printers"> </a>...[SNIP]... Hr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=printer&category=Officejet&catLevel=1&storeName=storefronts&jumpid=in_R329_prodexp/hhoslp/ipg/lateralnav_officejets" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p2_70.gif" width="70" height="70" border="0" title="Officejet printers"> </a>...[SNIP]... gyD83Z0JpSK0MdCzH!-375835128?landing=printer&category=Officejet+Pro&catLevel=1&storeName=storefronts&jumpID=in_R329_prodexp/hhoslp/ipg/lateralnav_officejet_pro" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p3_70.gif" width="70" height="70" border="0" title="Officejet Pro printers"> </a>...[SNIP]... JTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=printer&category=LaserJet&catLevel=1&storeName=storefronts&jumpid=in_R329_prodexp/hhoslp/ipg/lateralnav_laserjets" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p4_70.gif" width="70" height="70" border="0" title="LaserJet printers"> </a>...[SNIP]... GLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=printer&category=Deskjet&catLevel=1&storeName=storefronts&jumpid=in_R329_prodexp/hhoslp/ipg/lateralnav_deskjets" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p5_70.gif" width="70" height="70" border="0" title="Deskjet printers"> </a>...[SNIP]... =storefronts&landing=printer&category=HP&orderflow=1&a1=Type&v1=all-in-one&catLevel=2&jumpID=in_R329_prodexp/hhoslp/ipg/lateralnav_multi_function_printers" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p6_70.gif" width="70" height="70" border="0" title="All all-in-one printers"> </a>...[SNIP]... =printer&category=HP&orderflow=1&a1=Wireless+capability%0D%0A&v1=Yes&catLevel=2#bcAnchor&jumpID=in_R329_prodexp/hhoslp/ipg/lateralnav_wireless_all_printers" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p7_70.gif" width="70" height="70" border="0" title="All wireless printers"> </a>...[SNIP]... THr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=printer&category=HP&catLevel=1&storeName=storefronts&jumpID=in_R329_prodexp/hhoslp/ipg/lateralnav_see_all_printers" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/p8_70.gif" width="70" height="70" border="0" title="All printers"> </a>...[SNIP]... CsvxhjJPvGPGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=supplies&selectMenu=cartridges_paper&jumpid=in_R329_prodexp/hhoslp/ipg/lateralnav_ink_supplies" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/s1_70.gif" width="70" height="70" border="0" title="Ink"> </a>...[SNIP]... vxhjJPvGPGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=supplies&selectMenu=cartridges_paper&jumpID=in_R329_prodexp/hhoslp/ipg/lateralnav_toner_supplies" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/s2_70.gif" width="70" height="70" border="0" title="Toner"> </a>...[SNIP]... PGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=printing_supplies&category=paper&cat_level=1?jumpid=in_R329_prodexp/hhoslp/ipg/lateralnav_paper_supplies" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/s3_70.gif" width="70" height="70" border="0" title="Paper"> </a>...[SNIP]... <a href="http://www.wirelesscentralstore.com?referringdomain=hp&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_wireless_central" class="colorFFFFFF"> <img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh1_70.gif" width="70" height="70" border="0" title="Smartphones with plans and activation (non-HP partner site)"> </a><br> <a href="http://www.wirelesscentralstore.com?referringdomain=hp&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_wireless_central" class="colorFFFFFF"> Smartphones <br>...[SNIP]... -375835128?storeName=storefronts&landing=handheld&category=iPAQ&a1=Type&v1=Palm&catLevel=2#bcAnchor&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_handhelds" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh2_70.gif" width="70" height="70" border="0" title="Smartphones without plan or activation"> </a>...[SNIP]... r01pvJgyD83Z0JpSK0MdCzH!-375835128?landing=calculator&category=HP&catLevel=1&storeName=storefronts&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_calculators" .. class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping/images/products/sh3_70.gif" width="70" height="70" border="0" title="Calculators"> </a>...[SNIP]... /accessories;HHOJSID=QfrgNk6CsvxhjJPvGPGJ1KPRGLJTHr01pvJgyD83Z0JpSK0MdCzH!-375835128?sort=Desc&jumpid=in_R329_prodexp/hhoslp/psg/lateralnav_palm_accessories" class="colorFFFFFF"><img src="http://hpshopping.speedera.net/www.shopping.hp.com/shopping