HTTP/1.1 302 Moved Temporarily Server: * Access-Control-Allow-Methods: POST, GET Access-Control-Max-Age: 1000 Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token X-Frame-Options: Cache-Control: max-age=0, no-store, no-cache, must-revalidate Pragma: no-cache Expires: Thu, 1 Jan 1970 00:00:00 GMT Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Location: https://accounts.sandisk.com/corpsandiskb2c.onmicrosoft.com/B2C_1A_SIGNUP_SIGNIN_SFDC_PROD/oauth2/v2.0/authorize?response_type=code&response_mode=query&scope=openid&client_id=bf19081d-fa42-4b71-b5a3-2c29a4518e0b&redirect_uri=https://shop.sandisk.com/de-at/store/business/login/oauth2/authCodeFlow/callback&ui_locales=de-at Content-Language: de-AT Content-Length: 0 Vary: User-Agent X-SAP-Pad: 3274 X-Connected-To: Pub-08 Access-Control-Allow-Credentials: true Date: Thu, 02 Oct 2025 19:44:55 GMT Connection: keep-alive Set-Cookie: Channel=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=None Set-Cookie: B2BJSESSIONID=Y2-a5eaac8c-0741-4fe7-8848-ce38101a8900.accstorefront-bcb69698f-lrnqp; Path=/; Secure; HttpOnly; SameSite=None;HttpOnly;Secure;SameSite=None Set-Cookie: ROUTE=.accstorefront-bcb69698f-lrnqp; Path=/; Secure; HttpOnly; SameSite=None;HttpOnly;Secure;SameSite=None Set-Cookie: X-SANDISK-SESSION=s8; path=/; HttpOnly; Secure Set-Cookie: X-COUNTRY-CODE=US; path=/; secure Set-Cookie: X-REGION-CODE=246; path=/; secure Set-Cookie: X-CONTINENT-CODE=NA; path=/; secure Set-Cookie: X-STATE-CODE=CA; path=/; secure Set-Cookie: X-USER-ATTRIBUTES=areaCode: 805 , zipCode: 91358+91360+91362 ,city: THOUSANDOAKS , dma: 803; path=/; secure Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=34 Server-Timing: origin; dur=454 Content-Security-Policy: frame-ancestors 'self' centinelapi.cardinalcommerce.com; script-src 'self' www.youtube.com *.worldpay.com *.facebook.net cdn.mouseflow.com script.crazyegg.com www.google-analytics.com static.sandisk.com bat.bing.com *.googleadservices.com d.adroll.com googleads.g.doubleclick.net *.googletagmanager.com s.adroll.com snap.licdn.com www.googletagmanager.com trc.taboola.com analytics.xscreenattribution.com *.marketo.net *.trustarc.com www.redditstatic.com cdn.taboola.com tags.tiqcdn.com *.twitter.com s.go-mpulse.net static.ads-twitter.com js.adsrvr.org d.adroll.mgr.consensu.org s.ytimg.com unpkg.com *.marketo.com js.maxmind.com *.truste.com tagmanager.google.com *.adobe.com ajax.googleapis.com *.expertvoice.com *.experticity.com cdn1.affirm.com *.tt.omtrdc.net *.adobedtm.com *.sc.omtrdc.net www.google.com *.criteo.net *.criteo.com www.gstatic.com cdn.pdst.fm ext.chtbl.com *.signifyd.com *.bazaarvoice.com mpsnare.iesnare.com *.googleapis.com *.paypal.com tracking.channelsight.com gateway.foresee.com sc-static.net qoe-1.yottaa.net cdn.yottaa.com ecwportal.vertexsmb.com j.6sc.co s.yjtag.jp yjtag.yahoo.co.jp s.yimg.jp tag.demandbase.com paapi8935.d41.co cdn-0.d41.co id.rlcdn.com ecf.d41.co *.googlesyndication.com *.zinrelo.com *.mczbf.com *.vimeo.com sd-en.widget.custhelp.com cdn.amplitude.com 'unsafe-eval' 'unsafe-inline'; Permissions-Policy: geolocation=(self "https://shop.sandisk.com"), microphone=(), payment=(self "https://shop.sandisk.com"), fullscreen=(self "https://shop.sandisk.com") X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Strict-Transport-Security: max-age="31536000"; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: ALLOW-FROM https://centinelapi.cardinalcommerce.com Server-Timing: ak_p; desc="1759434295000_390261272_63220557_48804_4076_145_138_-";dur=1